use super::{
backend_api_body_shape, flatten_authed_error, key_bytes_from_string, parse_message_path,
sanitize_client_version, BackendApiError, BackendOAuthClient, BACKEND_API_BODY_SHAPE_MAX_BYTES,
};
use axum::extract::State;
use axum::http::HeaderMap;
use axum::routing::{get, post};
use axum::{Json, Router};
use base64::engine::general_purpose::{STANDARD, URL_SAFE_NO_PAD};
use base64::Engine;
use reqwest::Method;
use serde_json::{json, Value};
use std::sync::{Arc, Mutex};
use tokio::net::TcpListener;
#[test]
fn decodes_base64url_no_pad() {
let raw = [
0xff_u8, 0xfb, 0xef, 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0xaa,
0xbb, 0xcc, 0xdd, 0xee, 0xff, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a,
0x0b, 0x0c, 0x0d,
];
let url_key = URL_SAFE_NO_PAD.encode(raw);
assert!(url_key.contains('-') || url_key.contains('_'));
let decoded = key_bytes_from_string(&url_key).unwrap();
assert_eq!(decoded, raw);
}
#[test]
fn decodes_standard_base64() {
let raw = [0x41_u8; 32];
let std_key = STANDARD.encode(raw);
let decoded = key_bytes_from_string(&std_key).unwrap();
assert_eq!(decoded, raw);
}
#[test]
fn decodes_raw_32_byte_key() {
let raw = "abcdefghijklmnopqrstuvwxyz012345";
assert_eq!(raw.len(), 32);
let decoded = key_bytes_from_string(raw).unwrap();
assert_eq!(decoded, raw.as_bytes());
}
#[test]
fn trims_whitespace() {
let raw = [0x42_u8; 32];
let url_key = format!(" {}\n", URL_SAFE_NO_PAD.encode(raw));
let decoded = key_bytes_from_string(&url_key).unwrap();
assert_eq!(decoded, raw);
}
#[test]
fn rejects_wrong_length() {
let err = key_bytes_from_string("tooshort").unwrap_err();
assert!(err.to_string().contains("must decode to 32 raw bytes"));
}
use super::user_id_from_profile_payload;
#[test]
fn extracts_id_from_root() {
let payload1 = json!({ "id": "123" });
let payload2 = json!({ "_id": "456" });
let payload3 = json!({ "userId": "789" });
assert_eq!(user_id_from_profile_payload(&payload1).unwrap(), "123");
assert_eq!(user_id_from_profile_payload(&payload2).unwrap(), "456");
assert_eq!(user_id_from_profile_payload(&payload3).unwrap(), "789");
}
#[test]
fn extracts_id_from_data_nested() {
let payload = json!({
"data": { "id": "abc" }
});
assert_eq!(user_id_from_profile_payload(&payload).unwrap(), "abc");
}
#[test]
fn extracts_id_from_user_nested() {
let payload = json!({
"user": { "id": "def" }
});
assert_eq!(user_id_from_profile_payload(&payload).unwrap(), "def");
}
#[test]
fn extracts_id_from_data_user_nested() {
let payload = json!({
"data": {
"user": { "userId": "ghi" }
}
});
assert_eq!(user_id_from_profile_payload(&payload).unwrap(), "ghi");
}
#[test]
fn ignores_whitespace_only_ids() {
let payload = json!({
"data": {
"id": " ",
"_id": "real_id"
}
});
assert_eq!(user_id_from_profile_payload(&payload).unwrap(), "real_id");
}
#[test]
fn trims_extracted_ids() {
let payload = json!({
"id": " padded_id "
});
assert_eq!(user_id_from_profile_payload(&payload).unwrap(), "padded_id");
}
#[test]
fn rejects_non_string_ids() {
let payload = json!({
"id": 123,
"_id": ["not_a_string"],
"userId": "valid_id"
});
assert_eq!(user_id_from_profile_payload(&payload).unwrap(), "valid_id");
}
#[test]
fn returns_none_for_missing_ids() {
let payload = json!({
"data": { "name": "alice" }
});
assert!(user_id_from_profile_payload(&payload).is_none());
}
#[test]
fn returns_none_for_non_object_payload() {
let payload = json!("just a string");
assert!(user_id_from_profile_payload(&payload).is_none());
}
#[test]
fn sanitize_client_version_strips_invalid_chars_and_clamps_length() {
let raw = format!(" 1.2.3 (desktop)+build!?{} ", "a".repeat(80));
let sanitized = sanitize_client_version(&raw).unwrap();
assert_eq!(sanitized, format!("1.2.3desktop+build{}", "a".repeat(46)));
assert_eq!(sanitized.len(), 64);
}
#[derive(Clone, Default)]
struct CapturedHeaders {
entries: Arc<Mutex<Vec<HeaderMap>>>,
}
impl CapturedHeaders {
fn push(&self, headers: &HeaderMap) {
self.entries.lock().unwrap().push(headers.clone());
}
fn take(&self) -> Vec<HeaderMap> {
self.entries.lock().unwrap().clone()
}
}
async fn spawn_header_capture_server() -> (String, CapturedHeaders) {
async fn capture_consume(
State(captured): State<CapturedHeaders>,
headers: HeaderMap,
) -> Json<Value> {
captured.push(&headers);
Json(json!({
"success": true,
"data": { "jwt": "mock-jwt-token" }
}))
}
async fn capture_probe(
State(captured): State<CapturedHeaders>,
headers: HeaderMap,
) -> Json<Value> {
captured.push(&headers);
Json(json!({ "ok": true }))
}
let captured = CapturedHeaders::default();
let app = Router::new()
.route("/auth/login-token/consume", post(capture_consume))
.route("/probe", get(capture_probe))
.with_state(captured.clone());
let listener = TcpListener::bind("127.0.0.1:0").await.unwrap();
let addr = listener.local_addr().unwrap();
tokio::spawn(async move {
axum::serve(listener, app).await.unwrap();
});
(format!("http://{addr}"), captured)
}
#[tokio::test]
async fn backend_client_sends_x_core_version_on_auth_requests() {
let (base_url, captured) = spawn_header_capture_server().await;
let client = BackendOAuthClient::new(&base_url).unwrap();
let jwt = client.consume_login_token("test-token").await.unwrap();
assert_eq!(jwt, "mock-jwt-token");
let headers = captured.take();
let request_headers = headers.last().unwrap();
let version = request_headers
.get("x-core-version")
.and_then(|value| value.to_str().ok())
.unwrap();
assert_eq!(
version,
sanitize_client_version(env!("CARGO_PKG_VERSION")).unwrap()
);
}
#[tokio::test]
async fn backend_client_sends_x_tauri_version_when_env_set() {
static ENV_LOCK: Mutex<()> = Mutex::new(());
let _guard = ENV_LOCK.lock().unwrap();
std::env::set_var("OPENHUMAN_TAURI_VERSION", "9.8.7-shell+test");
let (base_url, captured) = spawn_header_capture_server().await;
let client = BackendOAuthClient::new(&base_url).unwrap();
let url = client.url_for("/probe").unwrap();
let response = client.raw_client().get(url).send().await.unwrap();
assert!(response.status().is_success());
std::env::remove_var("OPENHUMAN_TAURI_VERSION");
let headers = captured.take();
let request_headers = headers.last().unwrap();
let tauri_version = request_headers
.get("x-tauri-version")
.and_then(|value| value.to_str().ok())
.unwrap();
assert_eq!(tauri_version, "9.8.7-shell+test");
assert!(request_headers.get("x-core-version").is_some());
}
#[test]
fn new_strips_path_from_completions_url() {
let client = BackendOAuthClient::new("https://api.tinyhumans.ai/v1/chat/completions").unwrap();
let url = client.url_for("/teams/me/usage").unwrap();
assert_eq!(url.path(), "/teams/me/usage");
}
#[test]
fn new_strips_path_from_openai_style_url() {
let client = BackendOAuthClient::new("https://api.openai.com/v1/chat/completions").unwrap();
let url = client.url_for("/teams/me/usage").unwrap();
assert_eq!(url.path(), "/teams/me/usage");
assert_eq!(url.host_str(), Some("api.openai.com"));
}
#[test]
fn new_works_with_bare_origin() {
let client = BackendOAuthClient::new("https://api.tinyhumans.ai").unwrap();
let url = client.url_for("/teams/me/usage").unwrap();
assert_eq!(url.path(), "/teams/me/usage");
}
#[test]
fn new_works_with_trailing_slash() {
let client = BackendOAuthClient::new("https://api.tinyhumans.ai/").unwrap();
let url = client.url_for("/teams/me/usage").unwrap();
assert_eq!(url.path(), "/teams/me/usage");
}
#[tokio::test]
async fn backend_raw_client_inherits_x_core_version_default_header() {
let (base_url, captured) = spawn_header_capture_server().await;
let client = BackendOAuthClient::new(&base_url).unwrap();
let url = client.url_for("/probe").unwrap();
let response = client.raw_client().get(url).send().await.unwrap();
assert!(response.status().is_success());
let headers = captured.take();
let request_headers = headers.last().unwrap();
let version = request_headers
.get("x-core-version")
.and_then(|value| value.to_str().ok())
.unwrap();
assert_eq!(
version,
sanitize_client_version(env!("CARGO_PKG_VERSION")).unwrap()
);
}
#[tokio::test]
async fn authed_json_surfaces_message_not_found_on_404() {
let app = Router::new()
.route(
"/channels/telegram/messages/1103",
post(|| async { (axum::http::StatusCode::NOT_FOUND, "Not Found") }),
)
.route(
"/channels/discord/messages/abc",
post(|| async { (axum::http::StatusCode::NOT_FOUND, "Not Found") }),
);
let listener = TcpListener::bind("127.0.0.1:0").await.unwrap();
let addr = listener.local_addr().unwrap();
tokio::spawn(async move {
axum::serve(listener, app).await.unwrap();
});
let base_url = format!("http://{addr}");
let client = BackendOAuthClient::new(&base_url).unwrap();
let err = client
.authed_json(
"mock-jwt",
Method::POST,
"/channels/telegram/messages/1103",
None,
)
.await
.unwrap_err();
let typed = err.downcast_ref::<BackendApiError>().unwrap();
let BackendApiError::MessageNotFound {
provider,
message_id,
} = typed
else {
panic!("expected MessageNotFound, got {typed:?}");
};
assert_eq!(provider, "telegram");
assert_eq!(message_id, "1103");
let err = client
.authed_json(
"mock-jwt",
Method::POST,
"/channels/discord/messages/abc",
None,
)
.await
.unwrap_err();
let typed = err.downcast_ref::<BackendApiError>().unwrap();
let BackendApiError::MessageNotFound {
provider,
message_id,
} = typed
else {
panic!("expected MessageNotFound, got {typed:?}");
};
assert_eq!(provider, "discord");
assert_eq!(message_id, "abc");
}
#[tokio::test]
async fn authed_json_surfaces_unauthorized_on_401() {
let app = Router::new()
.route(
"/openai/v1/audio/speech",
post(|| async { (axum::http::StatusCode::UNAUTHORIZED, "Unauthorized") }),
)
.route(
"/referral/stats",
get(|| async { (axum::http::StatusCode::UNAUTHORIZED, "Unauthorized") }),
);
let listener = TcpListener::bind("127.0.0.1:0").await.unwrap();
let addr = listener.local_addr().unwrap();
tokio::spawn(async move {
axum::serve(listener, app).await.unwrap();
});
let base_url = format!("http://{addr}");
let client = BackendOAuthClient::new(&base_url).unwrap();
let err = client
.authed_json(
"mock-jwt",
Method::POST,
"/openai/v1/audio/speech",
Some(json!({ "text": "hello" })),
)
.await
.unwrap_err();
let typed = err.downcast_ref::<BackendApiError>().unwrap();
let BackendApiError::Unauthorized { method, path } = typed else {
panic!("expected Unauthorized, got {typed:?}");
};
assert_eq!(method, "POST");
assert_eq!(path, "/openai/v1/audio/speech");
let err = client
.authed_json("mock-jwt", Method::GET, "/referral/stats", None)
.await
.unwrap_err();
let typed = err.downcast_ref::<BackendApiError>().unwrap();
let BackendApiError::Unauthorized { method, path } = typed else {
panic!("expected Unauthorized, got {typed:?}");
};
assert_eq!(method, "GET");
assert_eq!(path, "/referral/stats");
}
#[test]
fn backend_api_body_shape_emits_safe_keys_not_values() {
let body = r#"{"error":"not found","email":"jo@example.com","token":"sk-secret"}"#;
let shape = backend_api_body_shape(body);
assert_eq!(shape, "object(keys=3,safe=[email,error,token],redacted=0)");
assert!(!shape.contains("jo@example.com"), "value leaked: {shape}");
assert!(!shape.contains("sk-secret"), "value leaked: {shape}");
assert!(!shape.contains("not found"), "value leaked: {shape}");
}
#[test]
fn backend_api_body_shape_redacts_pii_and_nonidentifier_keys() {
let body = r#"{"jo@example.com":1,"a b":2,"naïve":3,"error":4}"#;
let shape = backend_api_body_shape(body);
assert_eq!(shape, "object(keys=4,safe=[error],redacted=3)");
assert!(!shape.contains("jo@example.com"), "PII key leaked: {shape}");
assert!(!shape.contains("naïve"), "non-ascii key leaked: {shape}");
assert!(!shape.contains("a b"), "free-text key leaked: {shape}");
}
#[test]
fn backend_api_body_shape_classifies_non_object_bodies() {
assert_eq!(backend_api_body_shape(""), "empty");
assert_eq!(backend_api_body_shape(" "), "empty");
assert_eq!(
backend_api_body_shape("Cannot GET /teams/me/usage"),
"non_json"
);
assert_eq!(backend_api_body_shape("<html>404</html>"), "non_json");
assert_eq!(backend_api_body_shape("[1,2,3]"), "array");
assert_eq!(backend_api_body_shape("42"), "scalar");
}
#[test]
fn backend_api_body_shape_bounds_long_safe_key_list() {
let mut obj = serde_json::Map::new();
for i in 0..30 {
obj.insert(format!("field{i:02}"), json!(1)); }
let body = serde_json::to_string(&Value::Object(obj)).unwrap();
let shape = backend_api_body_shape(&body);
let keys = shape
.strip_prefix("object(keys=30,safe=[")
.and_then(|s| s.strip_suffix("],redacted=0)"))
.unwrap_or_else(|| panic!("unexpected shape: {shape}"));
assert!(
keys.len() <= BACKEND_API_BODY_SHAPE_MAX_BYTES,
"safe list exceeds cap ({} > {BACKEND_API_BODY_SHAPE_MAX_BYTES}): {keys}",
keys.len()
);
assert!(keys.ends_with('…'), "expected ellipsis-terminated: {keys}");
assert!(
!keys.contains("field29"),
"last key should be truncated away: {keys}"
);
}
#[tokio::test]
async fn authed_json_reports_non_channel_404_still_propagates() {
let app = Router::new().route(
"/teams/me/usage",
get(|| async {
(
axum::http::StatusCode::NOT_FOUND,
r#"{"message":"Not Found"}"#,
)
}),
);
let listener = TcpListener::bind("127.0.0.1:0").await.unwrap();
let addr = listener.local_addr().unwrap();
tokio::spawn(async move {
axum::serve(listener, app).await.unwrap();
});
let base_url = format!("http://{addr}");
let client = BackendOAuthClient::new(&base_url).unwrap();
let err = client
.authed_json("mock-jwt", Method::GET, "/teams/me/usage", None)
.await
.unwrap_err();
assert!(err.downcast_ref::<BackendApiError>().is_none());
let msg = format!("{err:#}");
assert!(msg.contains("404"), "error should carry the status: {msg}");
assert!(
msg.contains("/teams/me/usage"),
"error should carry the path: {msg}"
);
}
#[test]
fn flatten_authed_error_maps_unauthorized_to_session_expired_sentinel() {
let err = anyhow::Error::new(BackendApiError::Unauthorized {
method: "GET".to_string(),
path: "/teams/me/usage".to_string(),
});
let flat = flatten_authed_error(err);
assert!(
flat.contains("SESSION_EXPIRED"),
"expected sentinel, got: {flat}"
);
assert!(flat.contains("GET"), "method preserved: {flat}");
assert!(flat.contains("/teams/me/usage"), "path preserved: {flat}");
assert!(
crate::core::observability::is_session_expired_message(&flat),
"flattened Unauthorized must classify as session expiry: {flat}"
);
}
#[test]
fn flatten_authed_error_preserves_non_unauthorized_chain() {
let err = anyhow::anyhow!("connect timeout").context("backend request GET /teams/me/usage");
let flat = flatten_authed_error(err);
assert!(!flat.contains("SESSION_EXPIRED"), "must not map: {flat}");
assert!(flat.contains("connect timeout"), "cause preserved: {flat}");
assert!(
!crate::core::observability::is_session_expired_message(&flat),
"non-auth error must NOT classify as session expiry: {flat}"
);
}
#[test]
fn flatten_authed_error_does_not_swallow_message_not_found() {
let err = anyhow::Error::new(BackendApiError::MessageNotFound {
provider: "telegram".to_string(),
message_id: "1103".to_string(),
});
let flat = flatten_authed_error(err);
assert!(!flat.contains("SESSION_EXPIRED"), "must not map: {flat}");
assert!(
flat.contains("message not found"),
"display preserved: {flat}"
);
}
#[tokio::test]
async fn authed_json_403_is_not_demoted_to_unauthorized() {
let app = Router::new().route(
"/openai/v1/audio/speech",
post(|| async { (axum::http::StatusCode::FORBIDDEN, "Forbidden") }),
);
let listener = TcpListener::bind("127.0.0.1:0").await.unwrap();
let addr = listener.local_addr().unwrap();
tokio::spawn(async move {
axum::serve(listener, app).await.unwrap();
});
let base_url = format!("http://{addr}");
let client = BackendOAuthClient::new(&base_url).unwrap();
let err = client
.authed_json("mock-jwt", Method::POST, "/openai/v1/audio/speech", None)
.await
.unwrap_err();
assert!(
err.downcast_ref::<BackendApiError>().is_none(),
"403 must not be classified as Unauthorized"
);
}
#[tokio::test]
async fn authed_json_404_outside_messages_path_still_reports() {
let app = Router::new().route(
"/auth/profile",
get(|| async { (axum::http::StatusCode::NOT_FOUND, "Not Found") }),
);
let listener = TcpListener::bind("127.0.0.1:0").await.unwrap();
let addr = listener.local_addr().unwrap();
tokio::spawn(async move {
axum::serve(listener, app).await.unwrap();
});
let base_url = format!("http://{addr}");
let client = BackendOAuthClient::new(&base_url).unwrap();
let err = client
.authed_json("mock-jwt", Method::GET, "/auth/profile", None)
.await
.unwrap_err();
assert!(
err.downcast_ref::<BackendApiError>().is_none(),
"non-channel-message 404 must not be classified as MessageNotFound"
);
}
#[test]
fn parse_message_path_canonical_form() {
assert_eq!(
parse_message_path("/channels/telegram/messages/1103"),
Some(("telegram", "1103"))
);
}
#[test]
fn parse_message_path_discord_provider() {
assert_eq!(
parse_message_path("/channels/discord/messages/abc"),
Some(("discord", "abc"))
);
}
#[test]
fn parse_message_path_base_path_prefix() {
assert_eq!(
parse_message_path("/api/v1/channels/telegram/messages/1103"),
Some(("telegram", "1103"))
);
}
#[test]
fn parse_message_path_double_prefix() {
assert_eq!(
parse_message_path("/v2/api/channels/discord/messages/abc"),
Some(("discord", "abc"))
);
}
#[test]
fn parse_message_path_trailing_slash() {
assert_eq!(
parse_message_path("/channels/telegram/messages/1103/"),
Some(("telegram", "1103"))
);
}
#[test]
fn parse_message_path_percent_encoded_slug() {
assert_eq!(
parse_message_path("/channels/telegram%3Abot/messages/1103"),
Some(("telegram%3Abot", "1103"))
);
}
#[test]
fn parse_message_path_non_message_path_returns_none() {
assert_eq!(parse_message_path("/channels/telegram/typing"), None);
assert_eq!(parse_message_path("/channels/telegram"), None);
assert_eq!(parse_message_path("/auth/profile"), None);
assert_eq!(parse_message_path("/"), None);
assert_eq!(parse_message_path(""), None);
}
#[tokio::test]
async fn authed_json_patch_404_with_base_path_prefix_does_not_report() {
let app = axum::Router::new().route(
"/channels/telegram/messages/9999",
axum::routing::any(|| async { (axum::http::StatusCode::NOT_FOUND, "Not Found") }),
);
let listener = tokio::net::TcpListener::bind("127.0.0.1:0").await.unwrap();
let addr = listener.local_addr().unwrap();
tokio::spawn(async move {
axum::serve(listener, app).await.unwrap();
});
let base_url = format!("http://{addr}");
let client = BackendOAuthClient::new(&base_url).unwrap();
let err = client
.authed_json(
"mock-jwt",
Method::PATCH,
"/channels/telegram/messages/9999",
None,
)
.await
.unwrap_err();
let typed = err.downcast_ref::<BackendApiError>().unwrap();
let BackendApiError::MessageNotFound {
provider,
message_id,
} = typed
else {
panic!("expected MessageNotFound, got {typed:?}");
};
assert_eq!(provider, "telegram");
assert_eq!(message_id, "9999");
}