Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
33 changes: 31 additions & 2 deletions packages/devframe/src/recipes/__tests__/interactive-auth.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,10 @@ async function createTestContext(): Promise<DevframeNodeContext> {
}

/** Starts a fully-authenticated server with one trusted-only probe method. */
async function startAuthenticatedServer(banners: { code: string, url: string }[] = []) {
async function startAuthenticatedServer(
banners: { code: string, url: string }[] = [],
preTrust = false,
) {
const context = await createTestContext()
context.rpc.register({
name: 'test:trusted-only',
Expand All @@ -38,7 +41,17 @@ async function startAuthenticatedServer(banners: { code: string, url: string }[]

const host = '127.0.0.1'
const port = await getPort({ port: 0, host })
const server = await startHttpAndWs({ context, host, port, auth })
const server = await startHttpAndWs({
context,
host,
port,
auth,
onPeerConnect: preTrust
? (_peer, session) => {
session.meta.isTrusted = true
}
: undefined,
})
return { context, auth, server, host, port }
}

Expand Down Expand Up @@ -121,6 +134,22 @@ describe('recipes/interactive-auth', () => {
}
})

it('preserves trust established by the host before the client handshake', async () => {
const { server, host, port } = await startAuthenticatedServer([], true)

try {
const client = connectClient(host, port)
const handshake = await client.$call('anonymous:devframe:auth', { authToken: '', ua: 'test', origin: 'http://localhost' })

expect(handshake).toEqual({ isTrusted: true })
await expect(client.$call('test:trusted-only' as any)).resolves.toBe('ok')
client.$close()
}
finally {
await server.close()
}
})

it('self-revoke: devframe:auth:revoke drops the caller to untrusted and invalidates the token', async () => {
const { server, host, port } = await startAuthenticatedServer()

Expand Down
2 changes: 2 additions & 0 deletions packages/devframe/src/recipes/interactive-auth.ts
Original file line number Diff line number Diff line change
Expand Up @@ -96,6 +96,8 @@ export function createInteractiveAuth(
const session = context.rpc.getCurrentRpcSession()
if (!session)
return { isTrusted: false }
if (session.meta.isTrusted)
return { isTrusted: true }
if (isStaticToken(params.authToken)) {
session.meta.clientAuthToken = params.authToken
session.meta.isTrusted = true
Comment thread
webfansplz marked this conversation as resolved.
Expand Down
Loading