b4fbd6fe9f
Deploy Site / deploy-vercel (push) Has been skipped
Deploy Site / deploy-docs (push) Has been skipped
Build Skills Index / build-index (push) Has been skipped
CI / Deny unrelated histories (push) Has been skipped
CI / Detect affected areas (push) Successful in 27m35s
CI / OSV scan (push) Failing after 4s
CI / Build&Test Docker image (push) Successful in 9s
CI / Supply-chain scan (push) Has been skipped
CI / Lint Docker scripts (push) Failing after 5m13s
CI / Check contributors (push) Failing after 12m8s
CI / Docs Site (push) Failing after 12m8s
CI / TypeScript (push) Failing after 12m8s
CI / Python lints (push) Failing after 12m9s
CI / Python tests (push) Failing after 12m9s
CI / Check uv.lock (push) Failing after 23m22s
CI / CI timing report (push) Has been cancelled
Build Skills Index / trigger-deploy (push) Has been cancelled
CI / All required checks pass (push) Has been cancelled
58 lines
1.5 KiB
Python
58 lines
1.5 KiB
Python
from __future__ import annotations
|
|
|
|
import base64
|
|
import json
|
|
import time
|
|
|
|
from hermes_cli import auth
|
|
|
|
|
|
def _jwt_with_exp(exp: int) -> str:
|
|
header = (
|
|
base64.urlsafe_b64encode(json.dumps({"alg": "none"}).encode())
|
|
.decode()
|
|
.rstrip("=")
|
|
)
|
|
payload = (
|
|
base64.urlsafe_b64encode(json.dumps({"exp": exp}).encode())
|
|
.decode()
|
|
.rstrip("=")
|
|
)
|
|
return f"{header}.{payload}.sig"
|
|
|
|
|
|
def test_xai_oauth_refresh_skew_is_one_hour() -> None:
|
|
assert auth.XAI_ACCESS_TOKEN_REFRESH_SKEW_SECONDS == 3600
|
|
|
|
|
|
def test_xai_oauth_token_expiring_uses_one_hour_skew() -> None:
|
|
token = _jwt_with_exp(int(time.time()) + 30 * 60)
|
|
|
|
assert auth._xai_access_token_is_expiring(
|
|
token,
|
|
auth.XAI_ACCESS_TOKEN_REFRESH_SKEW_SECONDS,
|
|
)
|
|
|
|
|
|
def test_xai_oauth_token_not_expiring_beyond_one_hour_skew() -> None:
|
|
token = _jwt_with_exp(int(time.time()) + 90 * 60)
|
|
|
|
assert not auth._xai_access_token_is_expiring(
|
|
token,
|
|
auth.XAI_ACCESS_TOKEN_REFRESH_SKEW_SECONDS,
|
|
)
|
|
|
|
|
|
def test_xai_proactive_refresh_skew_short_lived_token() -> None:
|
|
token = _jwt_with_exp(int(time.time()) + 15 * 60)
|
|
skew = auth._xai_proactive_refresh_skew_seconds(token)
|
|
|
|
assert skew == 120
|
|
assert not auth._xai_access_token_is_expiring(token, skew)
|
|
|
|
|
|
def test_xai_proactive_refresh_skew_long_lived_token() -> None:
|
|
token = _jwt_with_exp(int(time.time()) + 5 * 60 * 60)
|
|
|
|
assert auth._xai_proactive_refresh_skew_seconds(token) == auth.XAI_ACCESS_TOKEN_REFRESH_SKEW_SECONDS
|