Files
diegosouzapw--omniroute/tests/unit/web-session-credentials.test.ts
2026-07-13 13:39:12 +08:00

107 lines
4.3 KiB
TypeScript

import test from "node:test";
import assert from "node:assert/strict";
const providers = await import("../../src/shared/constants/providers.ts");
const webSessionCredentials =
await import("../../src/app/(dashboard)/dashboard/providers/[id]/webSessionCredentials.ts");
test("web session credential metadata covers every web-cookie provider", () => {
for (const providerId of Object.keys(providers.WEB_COOKIE_PROVIDERS)) {
assert.ok(
webSessionCredentials.getWebSessionCredentialRequirement(providerId),
`${providerId} should declare its required web-session credential`
);
}
});
test("web session credential metadata identifies cookie, token, and no-auth providers", () => {
// Grok needs BOTH sso and sso-rw cookies (#3180)
assert.deepEqual(webSessionCredentials.getWebSessionCredentialRequirement("grok-web"), {
kind: "cookie",
credentialName: "sso + sso-rw",
placeholder: "sso=...; sso-rw=...",
acceptsFullCookieHeader: true,
storageKeys: ["cookie", "sso", "sso-rw"],
});
assert.deepEqual(webSessionCredentials.getWebSessionCredentialRequirement("copilot-web"), {
kind: "token",
credentialName: "access_token",
placeholder: "access_token=... or a DevTools HAR export",
acceptsFullCookieHeader: false,
storageKeys: ["token", "access_token", "accessToken"],
});
assert.deepEqual(webSessionCredentials.getWebSessionCredentialRequirement("deepseek-web"), {
kind: "token",
credentialName: "userToken",
placeholder: "userToken=... or paste raw userToken",
acceptsFullCookieHeader: false,
storageKeys: ["token", "userToken"],
});
// lmarena.ai's real auth cookie is `arena-auth-prod-v1`, not `session` (#3810).
// The session is now split across `arena-auth-prod-v1.0`, `.1`, … (#4271).
assert.deepEqual(webSessionCredentials.getWebSessionCredentialRequirement("lmarena"), {
kind: "cookie",
credentialName: "arena-auth-prod-v1",
placeholder:
"Paste the full Cookie header from lmarena.ai (the session is now split across arena-auth-prod-v1.0, .1, …)",
acceptsFullCookieHeader: true,
storageKeys: [
"cookie",
"arena-auth-prod-v1",
"arena-auth-prod-v1.0",
"arena-auth-prod-v1.1",
"session",
],
});
assert.deepEqual(webSessionCredentials.getWebSessionCredentialRequirement("huggingchat"), {
kind: "cookie",
credentialName: "full Cookie header (hf-chat + token)",
placeholder:
"hf-chat=...; token=...; aws-waf-token=... (full Cookie header from huggingface.co)",
acceptsFullCookieHeader: true,
storageKeys: ["cookie", "hf-chat"],
});
// veoaifree-web is now a NOAUTH provider — not in WEB_SESSION_CREDENTIAL_REQUIREMENTS
assert.equal(webSessionCredentials.getWebSessionCredentialRequirement("veoaifree-web"), null);
assert.deepEqual(webSessionCredentials.getWebSessionCredentialRequirement("t3-web"), {
kind: "cookie",
credentialName: "convex-session-id + Cookie header",
placeholder: "convex-session-id=abc123...; Cookie: ...",
acceptsFullCookieHeader: true,
storageKeys: ["cookie", "convex-session-id", "convexSessionId"],
// #5465 — t3.chat ships a step-by-step DevTools copy hint (localStorage + Cookie header).
hintKey: "t3ChatWebCookieHint",
});
});
test("web session credential validator requires provider-specific non-empty values", () => {
assert.equal(
webSessionCredentials.hasUsableWebSessionCredential("qwen-web", { token: "qwen-token" }),
true
);
assert.equal(
webSessionCredentials.hasUsableWebSessionCredential("qwen-web", { token: " " }),
false
);
assert.equal(
webSessionCredentials.hasUsableWebSessionCredential("qwen-web", { unrelated: "value" }),
false
);
assert.equal(
webSessionCredentials.hasUsableWebSessionCredential("chatgpt-web", {
cookie: "__Secure-next-auth.session-token=session",
}),
true
);
assert.equal(
webSessionCredentials.hasUsableWebSessionCredential("chatgpt-web", { unrelated: "value" }),
false
);
});
test("no-auth web providers can be saved without an API key", () => {
assert.equal(providers.providerAllowsOptionalApiKey("veoaifree-web"), true);
assert.equal(webSessionCredentials.requiresWebSessionCredential("veoaifree-web"), false);
assert.equal(webSessionCredentials.requiresWebSessionCredential("chatgpt-web"), true);
});