diff --git a/src/lib/seam/connect/auth.ts b/src/lib/seam/connect/auth.ts index 34192bef..e4c96fa8 100644 --- a/src/lib/seam/connect/auth.ts +++ b/src/lib/seam/connect/auth.ts @@ -112,9 +112,9 @@ const getAuthHeadersForConsoleSessionToken = ({ consoleSessionToken, workspaceId, }: SeamHttpOptionsWithConsoleSessionToken): Headers => { - if (isJwt(consoleSessionToken)) { + if (isAccessToken(consoleSessionToken)) { throw new SeamHttpInvalidTokenError( - 'A JWT cannot be used as a consoleSessionToken', + 'An Access Token cannot be used as a consoleSessionToken', ) } @@ -130,9 +130,9 @@ const getAuthHeadersForConsoleSessionToken = ({ ) } - if (!isAccessToken(consoleSessionToken)) { + if (!isJwt(consoleSessionToken)) { throw new SeamHttpInvalidTokenError( - `Unknown or invalid consoleSessionToken format, expected token to start with ${accessTokenPrefix}`, + `Unknown or invalid consoleSessionToken format, expected a JWT which starts with ${jwtPrefix}`, ) } diff --git a/test/seam/connect/console-session-token.test.ts b/test/seam/connect/console-session-token.test.ts new file mode 100644 index 00000000..eb53c4cd --- /dev/null +++ b/test/seam/connect/console-session-token.test.ts @@ -0,0 +1,73 @@ +import test from 'ava' +import { getTestServer } from 'fixtures/seam/connect/api.js' + +import { SeamHttp } from '@seamapi/http/connect' + +import { SeamHttpInvalidTokenError } from 'lib/seam/connect/auth.js' + +// UPSTREAM: Fake does not support JWT. +// https://github.com/seamapi/fake-seam-connect/issues/124 +test.failing( + 'SeamHttp: fromConsoleSessionToken returns instance authorized with consoleSessionToken', + async (t) => { + const { seed, endpoint } = await getTestServer(t) + const seam = SeamHttp.fromConsoleSessionToken( + 'ey_TODO', + seed.seed_workspace_1, + { + endpoint, + }, + ) + const device = await seam.devices.get({ + device_id: seed.august_device_1, + }) + t.is(device.workspace_id, seed.seed_workspace_1) + t.is(device.device_id, seed.august_device_1) + }, +) + +// UPSTREAM: Fake does not support JWT. +// https://github.com/seamapi/fake-seam-connect/issues/124 +test.failing( + 'SeamHttp: constructor returns instance authorized with consoleSessionToken', + async (t) => { + const { seed, endpoint } = await getTestServer(t) + const seam = new SeamHttp({ + consoleSessionToken: 'ey_TODO', + workspaceId: seed.seed_workspace_1, + endpoint, + }) + const device = await seam.devices.get({ + device_id: seed.august_device_1, + }) + t.is(device.workspace_id, seed.seed_workspace_1) + t.is(device.device_id, seed.august_device_1) + }, +) + +test('SeamHttp: checks consoleSessionToken format', (t) => { + const workspaceId = 'e4203e37-e569-4a5a-bfb7-e3e8de66161d' + t.throws( + () => + SeamHttp.fromConsoleSessionToken('some-invalid-key-format', workspaceId), + { + instanceOf: SeamHttpInvalidTokenError, + message: /Unknown/, + }, + ) + t.throws( + () => SeamHttp.fromConsoleSessionToken('seam_apikey_token', workspaceId), + { + instanceOf: SeamHttpInvalidTokenError, + message: /Unknown/, + }, + ) + t.throws(() => SeamHttp.fromConsoleSessionToken('seam_cst', workspaceId), { + instanceOf: SeamHttpInvalidTokenError, + message: /Client Session Token/, + }) + t.throws(() => SeamHttp.fromConsoleSessionToken('seam_at', workspaceId), { + instanceOf: SeamHttpInvalidTokenError, + message: /Access Token/, + }) +})