mirror of
https://github.com/anomalyco/opencode.git
synced 2026-05-17 21:30:08 +00:00
8694c5b68f
Some checks are pending
deploy / deploy (push) Waiting to run
generate / generate (push) Waiting to run
nix-eval / nix-eval (push) Waiting to run
publish / version (push) Waiting to run
publish / build-cli (push) Blocked by required conditions
publish / sign-cli-windows (push) Blocked by required conditions
publish / build-electron (map[bun_install_flags:--os=darwin --cpu=arm64 host:macos-26 platform_flag:--mac --arm64 target:aarch64-apple-darwin]) (push) Blocked by required conditions
publish / build-electron (map[bun_install_flags:--os=darwin --cpu=x64 host:macos-26-intel platform_flag:--mac --x64 target:x86_64-apple-darwin]) (push) Blocked by required conditions
publish / build-electron (map[host:blacksmith-4vcpu-ubuntu-2404 platform_flag:--linux target:x86_64-unknown-linux-gnu]) (push) Blocked by required conditions
publish / build-electron (map[host:blacksmith-4vcpu-windows-2025 platform_flag:--win target:x86_64-pc-windows-msvc]) (push) Blocked by required conditions
publish / build-electron (map[host:blacksmith-4vcpu-ubuntu-2404 platform_flag:--linux target:aarch64-unknown-linux-gnu]) (push) Blocked by required conditions
publish / build-electron (map[host:windows-2025 platform_flag:--win --arm64 target:aarch64-pc-windows-msvc]) (push) Blocked by required conditions
publish / publish (push) Blocked by required conditions
test / unit (linux) (push) Waiting to run
test / unit (windows) (push) Waiting to run
test / e2e (linux) (push) Waiting to run
test / e2e (windows) (push) Waiting to run
typecheck / typecheck (push) Waiting to run
59 lines
2 KiB
TypeScript
59 lines
2 KiB
TypeScript
import { afterEach, describe, expect, test } from "bun:test"
|
|
import { Option, Redacted } from "effect"
|
|
import { Flag } from "@opencode-ai/core/flag/flag"
|
|
import { ServerAuth } from "../../src/server/auth"
|
|
|
|
const original = {
|
|
OPENCODE_SERVER_PASSWORD: Flag.OPENCODE_SERVER_PASSWORD,
|
|
OPENCODE_SERVER_USERNAME: Flag.OPENCODE_SERVER_USERNAME,
|
|
}
|
|
|
|
afterEach(() => {
|
|
Flag.OPENCODE_SERVER_PASSWORD = original.OPENCODE_SERVER_PASSWORD
|
|
Flag.OPENCODE_SERVER_USERNAME = original.OPENCODE_SERVER_USERNAME
|
|
})
|
|
|
|
describe("ServerAuth", () => {
|
|
test("does not emit auth headers without a password", () => {
|
|
Flag.OPENCODE_SERVER_PASSWORD = undefined
|
|
Flag.OPENCODE_SERVER_USERNAME = "alice"
|
|
|
|
expect(ServerAuth.header()).toBeUndefined()
|
|
expect(ServerAuth.headers()).toBeUndefined()
|
|
})
|
|
|
|
test("defaults to the opencode username", () => {
|
|
Flag.OPENCODE_SERVER_PASSWORD = "secret"
|
|
Flag.OPENCODE_SERVER_USERNAME = undefined
|
|
|
|
expect(ServerAuth.headers()).toEqual({
|
|
Authorization: `Basic ${Buffer.from("opencode:secret").toString("base64")}`,
|
|
})
|
|
})
|
|
|
|
test("uses the configured username", () => {
|
|
Flag.OPENCODE_SERVER_PASSWORD = "secret"
|
|
Flag.OPENCODE_SERVER_USERNAME = "alice"
|
|
|
|
expect(ServerAuth.headers()).toEqual({
|
|
Authorization: `Basic ${Buffer.from("alice:secret").toString("base64")}`,
|
|
})
|
|
})
|
|
|
|
test("prefers explicit credentials", () => {
|
|
Flag.OPENCODE_SERVER_PASSWORD = "secret"
|
|
Flag.OPENCODE_SERVER_USERNAME = "alice"
|
|
|
|
expect(ServerAuth.headers({ password: "cli-secret", username: "bob" })).toEqual({
|
|
Authorization: `Basic ${Buffer.from("bob:cli-secret").toString("base64")}`,
|
|
})
|
|
})
|
|
|
|
test("validates decoded credentials against effect config", () => {
|
|
const config = { password: Option.some("secret"), username: "alice" }
|
|
|
|
expect(ServerAuth.required(config)).toBe(true)
|
|
expect(ServerAuth.authorized({ username: "alice", password: Redacted.make("secret") }, config)).toBe(true)
|
|
expect(ServerAuth.authorized({ username: "opencode", password: Redacted.make("secret") }, config)).toBe(false)
|
|
})
|
|
})
|