Add consoleSessionToken tests

seamapi · Nov 9, 2023 · c40b307 · c40b307
1 parent a560c73
commit c40b307
Show file tree

Hide file tree

Showing 2 changed files with 77 additions and 4 deletions.
diff --git a/src/lib/seam/connect/auth.ts b/src/lib/seam/connect/auth.ts
@@ -112,9 +112,9 @@ const getAuthHeadersForConsoleSessionToken = ({
   consoleSessionToken,
   workspaceId,
 }: SeamHttpOptionsWithConsoleSessionToken): Headers => {
-  if (isJwt(consoleSessionToken)) {
+  if (isAccessToken(consoleSessionToken)) {
     throw new SeamHttpInvalidTokenError(
-      'A JWT cannot be used as a consoleSessionToken',
+      'An Access Token cannot be used as a consoleSessionToken',
     )
   }
 
@@ -130,9 +130,9 @@ const getAuthHeadersForConsoleSessionToken = ({
     )
   }
 
-  if (!isAccessToken(consoleSessionToken)) {
+  if (!isJwt(consoleSessionToken)) {
     throw new SeamHttpInvalidTokenError(
-      `Unknown or invalid consoleSessionToken format, expected token to start with ${accessTokenPrefix}`,
+      `Unknown or invalid consoleSessionToken format, expected a JWT which starts with ${jwtPrefix}`,
     )
   }
 

diff --git a/test/seam/connect/console-session-token.test.ts b/test/seam/connect/console-session-token.test.ts
@@ -0,0 +1,73 @@
+import test from 'ava'
+import { getTestServer } from 'fixtures/seam/connect/api.js'
+
+import { SeamHttp } from '@seamapi/http/connect'
+
+import { SeamHttpInvalidTokenError } from 'lib/seam/connect/auth.js'
+
+// UPSTREAM: Fake does not support JWT.
+// https://github.com/seamapi/fake-seam-connect/issues/124
+test.failing(
+  'SeamHttp: fromConsoleSessionToken returns instance authorized with consoleSessionToken',
+  async (t) => {
+    const { seed, endpoint } = await getTestServer(t)
+    const seam = SeamHttp.fromConsoleSessionToken(
+      'ey_TODO',
+      seed.seed_workspace_1,
+      {
+        endpoint,
+      },
+    )
+    const device = await seam.devices.get({
+      device_id: seed.august_device_1,
+    })
+    t.is(device.workspace_id, seed.seed_workspace_1)
+    t.is(device.device_id, seed.august_device_1)
+  },
+)
+
+// UPSTREAM: Fake does not support JWT.
+// https://github.com/seamapi/fake-seam-connect/issues/124
+test.failing(
+  'SeamHttp: constructor returns instance authorized with consoleSessionToken',
+  async (t) => {
+    const { seed, endpoint } = await getTestServer(t)
+    const seam = new SeamHttp({
+      consoleSessionToken: 'ey_TODO',
+      workspaceId: seed.seed_workspace_1,
+      endpoint,
+    })
+    const device = await seam.devices.get({
+      device_id: seed.august_device_1,
+    })
+    t.is(device.workspace_id, seed.seed_workspace_1)
+    t.is(device.device_id, seed.august_device_1)
+  },
+)
+
+test('SeamHttp: checks consoleSessionToken format', (t) => {
+  const workspaceId = 'e4203e37-e569-4a5a-bfb7-e3e8de66161d'
+  t.throws(
+    () =>
+      SeamHttp.fromConsoleSessionToken('some-invalid-key-format', workspaceId),
+    {
+      instanceOf: SeamHttpInvalidTokenError,
+      message: /Unknown/,
+    },
+  )
+  t.throws(
+    () => SeamHttp.fromConsoleSessionToken('seam_apikey_token', workspaceId),
+    {
+      instanceOf: SeamHttpInvalidTokenError,
+      message: /Unknown/,
+    },
+  )
+  t.throws(() => SeamHttp.fromConsoleSessionToken('seam_cst', workspaceId), {
+    instanceOf: SeamHttpInvalidTokenError,
+    message: /Client Session Token/,
+  })
+  t.throws(() => SeamHttp.fromConsoleSessionToken('seam_at', workspaceId), {
+    instanceOf: SeamHttpInvalidTokenError,
+    message: /Access Token/,
+  })
+})