Ayuriel/openclaw
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
openclaw/src/infra/pairing-token.test.ts
Peter Steinberger 604203c179 fix: tighten pairing token blank handling
2026-03-14 01:04:18 +00:00

36 lines
1.2 KiB
TypeScript
Raw Blame History

import { Buffer } from "node:buffer";
import { describe, expect, it, vi } from "vitest";
const randomBytesMock = vi.hoisted(() => vi.fn());
vi.mock("node:crypto", async () => {
const actual = await vi.importActual<typeof import("node:crypto")>("node:crypto");
return {
...actual,
randomBytes: (...args: unknown[]) => randomBytesMock(...args),
};
});
import { generatePairingToken, PAIRING_TOKEN_BYTES, verifyPairingToken } from "./pairing-token.js";
describe("generatePairingToken", () => {
it("uses the configured byte count and returns a base64url token", () => {
randomBytesMock.mockReturnValueOnce(Buffer.from([0xfb, 0xff, 0x00]));
expect(generatePairingToken()).toBe("-_8A");
expect(randomBytesMock).toHaveBeenCalledWith(PAIRING_TOKEN_BYTES);
});
});
describe("verifyPairingToken", () => {
it("uses constant-time comparison semantics", () => {
expect(verifyPairingToken("secret-token", "secret-token")).toBe(true);
expect(verifyPairingToken("secret-token", "secret-tokEn")).toBe(false);
});
it("rejects blank tokens even when both sides match", () => {
expect(verifyPairingToken("", "")).toBe(false);
expect(verifyPairingToken(" ", " ")).toBe(false);
});
});
Reference in New Issue View Git Blame Copy Permalink