refactor(auth): remove stale external auth persist wrapper

This commit is contained in:
Vincent Koc 2026-06-19 05:25:44 +08:00
parent 98857235d5
commit 5570a10bf4
No known key found for this signature in database
4 changed files with 2 additions and 92 deletions

View file

@ -12,10 +12,9 @@ import * as externalCliSync from "./external-cli-sync.js";
import {
areOAuthCredentialsEquivalent,
overlayRuntimeExternalOAuthProfiles,
shouldPersistRuntimeExternalOAuthProfile,
type RuntimeExternalOAuthProfile,
} from "./oauth-shared.js";
import type { AuthProfileStore, OAuthCredential } from "./types.js";
import type { AuthProfileStore } from "./types.js";
type ExternalAuthProfileMap = Map<string, ProviderExternalAuthProfile>;
type ResolveExternalAuthProfiles = typeof resolveExternalAuthProfilesWithPlugins;
@ -148,34 +147,6 @@ export function overlayExternalAuthProfiles(
});
}
/** Return whether an external runtime OAuth profile should be persisted. */
export function shouldPersistExternalAuthProfile(params: {
store: AuthProfileStore;
profileId: string;
credential: OAuthCredential;
agentDir?: string;
env?: NodeJS.ProcessEnv;
config?: OpenClawConfig;
externalCliProviderIds?: Iterable<string>;
externalCliProfileIds?: Iterable<string>;
}): boolean {
const profiles = listRuntimeExternalAuthProfiles({
store: params.store,
agentDir: params.agentDir,
env: params.env,
externalCli: {
config: params.config,
externalCliProviderIds: params.externalCliProviderIds,
externalCliProfileIds: params.externalCliProfileIds,
},
});
return shouldPersistRuntimeExternalOAuthProfile({
profileId: params.profileId,
credential: params.credential,
profiles,
});
}
/** Persist safe external CLI OAuth profiles that own their local profile slot. */
export function syncPersistedExternalCliAuthProfiles(
store: AuthProfileStore,

View file

@ -5,11 +5,7 @@
*/
import { afterEach, beforeEach, describe, expect, it, vi } from "vitest";
import type { ProviderExternalAuthProfile } from "../../plugins/types.js";
import {
testing,
overlayExternalAuthProfiles,
shouldPersistExternalAuthProfile,
} from "./external-auth.js";
import { testing, overlayExternalAuthProfiles } from "./external-auth.js";
import { readManagedExternalCliCredential } from "./external-cli-sync.js";
import type { AuthProfileStore, OAuthCredential } from "./types.js";
@ -134,61 +130,6 @@ describe("auth external oauth helpers", () => {
expect(overlaid.profiles["openai:work"]).toEqual(store.profiles["openai:work"]);
});
it("omits exact runtime-only overlays from persisted store writes", () => {
const credential = createCredential();
resolveExternalAuthProfilesWithPluginsMock.mockReturnValueOnce([
{
profileId: "openai:default",
credential,
},
]);
const shouldPersist = shouldPersistExternalAuthProfile({
store: createStore({ "openai:default": credential }),
profileId: "openai:default",
credential,
});
expect(shouldPersist).toBe(false);
});
it("keeps persisted copies when the external overlay is marked persisted", () => {
const credential = createCredential();
resolveExternalAuthProfilesWithPluginsMock.mockReturnValueOnce([
{
profileId: "openai:default",
credential,
persistence: "persisted",
},
]);
const shouldPersist = shouldPersistExternalAuthProfile({
store: createStore({ "openai:default": credential }),
profileId: "openai:default",
credential,
});
expect(shouldPersist).toBe(true);
});
it("keeps stale local copies when runtime overlay no longer matches", () => {
const credential = createCredential();
resolveExternalAuthProfilesWithPluginsMock.mockReturnValueOnce([
{
profileId: "openai:default",
credential: createCredential({ access: "fresh-access-token" }),
},
]);
const shouldPersist = shouldPersistExternalAuthProfile({
store: createStore({ "openai:default": credential }),
profileId: "openai:default",
credential,
});
expect(shouldPersist).toBe(true);
});
it("keeps Codex CLI OAuth from replacing stored inline token material", () => {
readCodexCliCredentialsCachedMock.mockReturnValue(
createCredential({

View file

@ -8,6 +8,5 @@ import { vi } from "vitest";
vi.mock("./external-auth.js", () => ({
listRuntimeExternalAuthProfiles: () => [],
overlayExternalAuthProfiles: <T>(store: T) => store,
shouldPersistExternalAuthProfile: () => true,
syncPersistedExternalCliAuthProfiles: <T>(store: T) => store,
}));

View file

@ -39,7 +39,6 @@ vi.mock("../../plugins/plugin-metadata-snapshot.js", () => ({
vi.mock("./external-auth.js", () => ({
listRuntimeExternalAuthProfiles: () => [],
overlayExternalAuthProfiles: <T>(store: T) => store,
shouldPersistExternalAuthProfile: () => true,
}));
import { isStoredCredentialCompatibleWithAuthProvider, resolveAuthProfileOrder } from "./order.js";