275 lines
7.7 KiB
TypeScript
275 lines
7.7 KiB
TypeScript
import test from "node:test";
|
|
import assert from "node:assert/strict";
|
|
import fs from "node:fs";
|
|
import os from "node:os";
|
|
import path from "node:path";
|
|
|
|
const TEST_DATA_DIR = fs.mkdtempSync(path.join(os.tmpdir(), "omniroute-auth-terminal-"));
|
|
process.env.DATA_DIR = TEST_DATA_DIR;
|
|
|
|
const core = await import("../../src/lib/db/core.ts");
|
|
const providersDb = await import("../../src/lib/db/providers.ts");
|
|
const auth = await import("../../src/sse/services/auth.ts");
|
|
const accountFallback = await import("../../open-sse/services/accountFallback.ts");
|
|
|
|
async function resetStorage() {
|
|
core.resetDbInstance();
|
|
fs.rmSync(TEST_DATA_DIR, { recursive: true, force: true });
|
|
fs.mkdirSync(TEST_DATA_DIR, { recursive: true });
|
|
}
|
|
|
|
test.after(() => {
|
|
core.resetDbInstance();
|
|
fs.rmSync(TEST_DATA_DIR, { recursive: true, force: true });
|
|
});
|
|
|
|
test("getProviderCredentials skips credits_exhausted connections", async () => {
|
|
await resetStorage();
|
|
|
|
const exhausted = await providersDb.createProviderConnection({
|
|
provider: "openai",
|
|
authType: "apikey",
|
|
apiKey: "sk-exhausted",
|
|
isActive: true,
|
|
testStatus: "credits_exhausted",
|
|
});
|
|
|
|
const healthy = await providersDb.createProviderConnection({
|
|
provider: "openai",
|
|
authType: "apikey",
|
|
apiKey: "sk-healthy",
|
|
isActive: true,
|
|
testStatus: "active",
|
|
});
|
|
|
|
const selected = await auth.getProviderCredentials("openai");
|
|
assert.ok(selected);
|
|
assert.equal(selected.connectionId, healthy.id);
|
|
assert.notEqual(selected.connectionId, exhausted.id);
|
|
});
|
|
|
|
test("getProviderCredentials returns null when all active connections are terminal", async () => {
|
|
await resetStorage();
|
|
|
|
await providersDb.createProviderConnection({
|
|
provider: "openai",
|
|
authType: "apikey",
|
|
apiKey: "sk-only-exhausted",
|
|
isActive: true,
|
|
testStatus: "credits_exhausted",
|
|
});
|
|
|
|
const selected = await auth.getProviderCredentials("openai");
|
|
assert.equal(selected, null);
|
|
});
|
|
|
|
test("getProviderCredentials can reuse a locally suppressed connection for combo live tests", async () => {
|
|
await resetStorage();
|
|
|
|
const conn = await providersDb.createProviderConnection({
|
|
provider: "openai",
|
|
authType: "apikey",
|
|
apiKey: "sk-live-test",
|
|
isActive: true,
|
|
testStatus: "credits_exhausted",
|
|
rateLimitedUntil: new Date(Date.now() + 60_000).toISOString(),
|
|
});
|
|
|
|
const selected = await auth.getProviderCredentials("openai", null, null, null, {
|
|
allowSuppressedConnections: true,
|
|
bypassQuotaPolicy: true,
|
|
});
|
|
|
|
assert.ok(selected);
|
|
assert.equal(selected.connectionId, conn.id);
|
|
});
|
|
|
|
test("markAccountUnavailable does not overwrite terminal status", async () => {
|
|
await resetStorage();
|
|
|
|
const conn = await providersDb.createProviderConnection({
|
|
provider: "openai",
|
|
authType: "apikey",
|
|
apiKey: "sk-terminal",
|
|
isActive: true,
|
|
testStatus: "credits_exhausted",
|
|
lastError: "insufficient_quota",
|
|
});
|
|
|
|
const result = await auth.markAccountUnavailable(
|
|
(conn as any).id,
|
|
503,
|
|
"temporary upstream error",
|
|
"openai",
|
|
"gpt-4.1"
|
|
);
|
|
|
|
assert.equal(result.shouldFallback, true);
|
|
assert.equal(result.cooldownMs, 0);
|
|
|
|
const after = await providersDb.getProviderConnectionById((conn as any).id);
|
|
assert.equal(after.testStatus, "credits_exhausted");
|
|
});
|
|
|
|
test("markAccountUnavailable marks 401 connections as expired without adding cooldown", async () => {
|
|
await resetStorage();
|
|
|
|
const conn = await providersDb.createProviderConnection({
|
|
provider: "openai",
|
|
authType: "apikey",
|
|
apiKey: "sk-expired",
|
|
isActive: true,
|
|
testStatus: "active",
|
|
});
|
|
|
|
const result = await auth.markAccountUnavailable(
|
|
(conn as any).id,
|
|
401,
|
|
"unauthorized",
|
|
"openai",
|
|
"gpt-4.1"
|
|
);
|
|
const after = await providersDb.getProviderConnectionById((conn as any).id);
|
|
|
|
assert.equal(result.shouldFallback, true);
|
|
assert.equal(result.cooldownMs, 0);
|
|
assert.equal(after.testStatus, "expired");
|
|
assert.ok(!after.rateLimitedUntil);
|
|
});
|
|
|
|
test("markAccountUnavailable marks 402 connections as credits_exhausted without adding cooldown", async () => {
|
|
await resetStorage();
|
|
|
|
const conn = await providersDb.createProviderConnection({
|
|
provider: "openai",
|
|
authType: "apikey",
|
|
apiKey: "sk-credits",
|
|
isActive: true,
|
|
testStatus: "active",
|
|
});
|
|
|
|
const result = await auth.markAccountUnavailable(
|
|
(conn as any).id,
|
|
402,
|
|
"payment required",
|
|
"openai",
|
|
"gpt-4.1"
|
|
);
|
|
const after = await providersDb.getProviderConnectionById((conn as any).id);
|
|
|
|
assert.equal(result.shouldFallback, true);
|
|
assert.equal(result.cooldownMs, 0);
|
|
assert.equal(after.testStatus, "credits_exhausted");
|
|
assert.ok(!after.rateLimitedUntil);
|
|
});
|
|
|
|
test("markAccountUnavailable treats API-key 403 as a recoverable cooldown", async () => {
|
|
await resetStorage();
|
|
|
|
const conn = await providersDb.createProviderConnection({
|
|
provider: "glm",
|
|
authType: "apikey",
|
|
apiKey: "sk-recoverable",
|
|
isActive: true,
|
|
testStatus: "active",
|
|
});
|
|
|
|
const result = await auth.markAccountUnavailable(
|
|
(conn as any).id,
|
|
403,
|
|
"forbidden",
|
|
"glm",
|
|
"glm-5.1"
|
|
);
|
|
const after = await providersDb.getProviderConnectionById((conn as any).id);
|
|
|
|
assert.equal(result.shouldFallback, true);
|
|
assert.ok(result.cooldownMs > 0);
|
|
assert.equal(after.testStatus, "unavailable");
|
|
assert.ok(after.rateLimitedUntil);
|
|
assert.equal(after.lastErrorType ?? null, null);
|
|
});
|
|
|
|
test("markAccountUnavailable keeps Grok Web alias 403 errors mode-local", async () => {
|
|
await resetStorage();
|
|
|
|
const conn = await providersDb.createProviderConnection({
|
|
provider: "grok-web",
|
|
authType: "cookie",
|
|
apiKey: "sso=grok-cookie",
|
|
isActive: true,
|
|
testStatus: "active",
|
|
});
|
|
|
|
const result = await auth.markAccountUnavailable(
|
|
(conn as any).id,
|
|
403,
|
|
"forbidden",
|
|
"gw",
|
|
"heavy"
|
|
);
|
|
const after = await providersDb.getProviderConnectionById((conn as any).id);
|
|
const lockout = accountFallback.getModelLockoutInfo("gw", (conn as any).id, "heavy");
|
|
|
|
assert.equal(result.shouldFallback, true);
|
|
assert.ok(result.cooldownMs > 0);
|
|
assert.equal(after.testStatus, "active");
|
|
assert.equal(after.lastErrorType, "forbidden");
|
|
assert.ok(!after.rateLimitedUntil);
|
|
assert.equal(lockout?.reason, "forbidden");
|
|
});
|
|
|
|
test("markAccountUnavailable keeps project-route 403 errors non-terminal", async () => {
|
|
await resetStorage();
|
|
|
|
const conn = await providersDb.createProviderConnection({
|
|
provider: "openai",
|
|
authType: "apikey",
|
|
apiKey: "sk-project-route",
|
|
isActive: true,
|
|
testStatus: "active",
|
|
});
|
|
|
|
const result = await auth.markAccountUnavailable(
|
|
(conn as any).id,
|
|
403,
|
|
"The service has not been used in project",
|
|
"openai",
|
|
"gpt-4.1"
|
|
);
|
|
const after = await providersDb.getProviderConnectionById((conn as any).id);
|
|
|
|
assert.equal(result.shouldFallback, true);
|
|
assert.equal(result.cooldownMs, 0);
|
|
assert.equal(after.testStatus, "active");
|
|
assert.equal(after.lastErrorType, "project_route_error");
|
|
assert.ok(!after.rateLimitedUntil);
|
|
});
|
|
|
|
test("markAccountUnavailable keeps oauth-invalid 401 errors non-terminal", async () => {
|
|
await resetStorage();
|
|
|
|
const conn = await providersDb.createProviderConnection({
|
|
provider: "openai",
|
|
authType: "apikey",
|
|
apiKey: "sk-oauth-invalid",
|
|
isActive: true,
|
|
testStatus: "active",
|
|
});
|
|
|
|
const result = await auth.markAccountUnavailable(
|
|
(conn as any).id,
|
|
401,
|
|
"Invalid authentication credentials provided",
|
|
"openai",
|
|
"gpt-4.1"
|
|
);
|
|
const after = await providersDb.getProviderConnectionById((conn as any).id);
|
|
|
|
assert.equal(result.shouldFallback, true);
|
|
assert.equal(result.cooldownMs, 0);
|
|
assert.equal(after.testStatus, "active");
|
|
assert.equal(after.lastErrorType, "oauth_invalid_token");
|
|
assert.ok(!after.rateLimitedUntil);
|
|
});
|