ros/claude-task-master
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

chore: apply requested changes p2

Browse Source
This commit is contained in:
Ralph Khreish
2025-10-15 17:01:56 +02:00
parent b11dacece9
commit fa2b63de40
4 changed files with 50 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
packages/tm-core/src/auth/credential-store.spec.ts
View File

@@ -92,6 +92,25 @@ describe('CredentialStore - Token Expiration', () => {
expect(retrieved).not.toBeNull(); expect(retrieved).not.toBeNull();
expect(retrieved?.token).toBe('expired-token'); expect(retrieved?.token).toBe('expired-token');
}); });
it('should return expired token by default (allowExpired defaults to true)', () => {
const expiredCredentials: AuthCredentials = {
token: 'expired-token-default',
refreshToken: 'refresh-token',
userId: 'test-user',
email: 'test@example.com',
expiresAt: new Date(Date.now() - 60000).toISOString(),
savedAt: new Date().toISOString()
};
credentialStore.saveCredentials(expiredCredentials);
// Call without options - should default to allowExpired: true
const retrieved = credentialStore.getCredentials();
expect(retrieved).not.toBeNull();
expect(retrieved?.token).toBe('expired-token-default');
});
}); });
describe('Clock Skew Tolerance', () => { describe('Clock Skew Tolerance', () => {

25
packages/tm-core/src/auth/credential-store.test.ts
View File

@@ -226,6 +226,31 @@ describe('CredentialStore', () => {
expect(result).not.toBeNull(); expect(result).not.toBeNull();
expect(result?.token).toBe('expired-token'); expect(result?.token).toBe('expired-token');
}); });
it('should return expired tokens by default (allowExpired defaults to true)', () => {
const expiredTimestamp = Date.now() - 3600000; // 1 hour ago
const mockCredentials = {
token: 'expired-token-default',
userId: 'user-expired',
expiresAt: expiredTimestamp,
tokenType: 'standard',
savedAt: new Date().toISOString()
};
vi.mocked(fs.existsSync).mockReturnValue(true);
vi.mocked(fs.readFileSync).mockReturnValue(
JSON.stringify(mockCredentials)
);
// Call without options - should default to allowExpired: true
const result = store.getCredentials();
expect(result).not.toBeNull();
expect(result?.token).toBe('expired-token-default');
expect(mockLogger.warn).not.toHaveBeenCalledWith(
expect.stringContaining('Authentication token has expired')
);
});
}); });
describe('saveCredentials with timestamp normalization', () => { describe('saveCredentials with timestamp normalization', () => {

4
packages/tm-core/src/auth/credential-store.ts
View File

@@ -89,7 +89,7 @@ export class CredentialStore {
authData.expiresAt = expiresAtMs; authData.expiresAt = expiresAtMs;
// Check if the token has expired (with clock skew tolerance) // Check if the token has expired (with clock skew tolerance)
// Default to allowExpired=true so Supabase can access refresh tokens // Default to allowExpired=true to enable refresh flows
const now = Date.now(); const now = Date.now();
const allowExpired = options?.allowExpired ?? true; const allowExpired = options?.allowExpired ?? true;
if (now >= expiresAtMs - this.CLOCK_SKEW_MS && !allowExpired) { if (now >= expiresAtMs - this.CLOCK_SKEW_MS && !allowExpired) {
@@ -104,7 +104,7 @@ export class CredentialStore {
return null; return null;
} }
// Return credentials (even if expired, so Supabase can refresh) // Return credentials (even if expired) to enable refresh flows
return authData; return authData;
} catch (error) { } catch (error) {
this.logger.error( this.logger.error(

8
packages/tm-core/tests/auth/auth-refresh.test.ts
View File

@@ -50,7 +50,7 @@ describe('AuthManager Token Refresh', () => {
} }
}); });
it('should return expired credentials for Supabase to refresh', () => { it('should return expired credentials to enable refresh flows', () => {
// Set up expired credentials with refresh token // Set up expired credentials with refresh token
const expiredCredentials: AuthCredentials = { const expiredCredentials: AuthCredentials = {
token: 'expired_access_token', token: 'expired_access_token',
@@ -64,7 +64,7 @@ describe('AuthManager Token Refresh', () => {
credentialStore.saveCredentials(expiredCredentials); credentialStore.saveCredentials(expiredCredentials);
// Get credentials should return them even if expired // Get credentials should return them even if expired
// Supabase will handle the refresh automatically // Refresh will be handled by explicit calls or client operations
const credentials = authManager.getCredentials(); const credentials = authManager.getCredentials();
expect(credentials).not.toBeNull(); expect(credentials).not.toBeNull();
@@ -92,7 +92,7 @@ describe('AuthManager Token Refresh', () => {
it('should return expired credentials even without refresh token', () => { it('should return expired credentials even without refresh token', () => {
// Set up expired credentials WITHOUT refresh token // Set up expired credentials WITHOUT refresh token
// We still return them - it's up to the caller/Supabase to handle // We still return them - it's up to the caller to handle
const expiredCredentials: AuthCredentials = { const expiredCredentials: AuthCredentials = {
token: 'expired_access_token', token: 'expired_access_token',
refreshToken: undefined, refreshToken: undefined,
@@ -131,7 +131,7 @@ describe('AuthManager Token Refresh', () => {
const credentials = authManager.getCredentials(); const credentials = authManager.getCredentials();
// Returns credentials - Supabase will attempt refresh and handle failure // Returns credentials - refresh will be attempted by the client which will handle failure
expect(credentials).not.toBeNull(); expect(credentials).not.toBeNull();
expect(credentials?.token).toBe('expired_access_token'); expect(credentials?.token).toBe('expired_access_token');
expect(credentials?.refreshToken).toBe('invalid_refresh_token'); expect(credentials?.refreshToken).toBe('invalid_refresh_token');