Spaces:
Runtime error
Runtime error
| import { expect, test } from '@playwright/test' | |
| import { API_KEY_HEADER, createTestAgent, deleteTestAgent } from './helpers' | |
| test.describe('Agent API keys', () => { | |
| const cleanup: number[] = [] | |
| test.afterEach(async ({ request }) => { | |
| for (const id of cleanup.splice(0)) { | |
| await deleteTestAgent(request, id).catch(() => {}) | |
| } | |
| }) | |
| test('supports scoped agent auth without x-agent-name and allows revoke', async ({ request }) => { | |
| const primary = await createTestAgent(request) | |
| const other = await createTestAgent(request) | |
| cleanup.push(primary.id, other.id) | |
| const createKeyRes = await request.post(`/api/agents/${primary.id}/keys`, { | |
| headers: API_KEY_HEADER, | |
| data: { | |
| name: 'diag-key', | |
| scopes: ['viewer', 'agent:self', 'agent:diagnostics'], | |
| expires_in_days: 1, | |
| }, | |
| }) | |
| expect(createKeyRes.status()).toBe(201) | |
| const createKeyBody = await createKeyRes.json() | |
| expect(createKeyBody.api_key).toMatch(/^mca_/) | |
| const agentKeyHeader = { 'x-api-key': createKeyBody.api_key as string } | |
| const selfRes = await request.get(`/api/agents/${primary.id}/diagnostics?section=summary`, { | |
| headers: agentKeyHeader, | |
| }) | |
| expect(selfRes.status()).toBe(200) | |
| const crossRes = await request.get(`/api/agents/${other.id}/diagnostics?section=summary`, { | |
| headers: agentKeyHeader, | |
| }) | |
| expect(crossRes.status()).toBe(403) | |
| const listRes = await request.get(`/api/agents/${primary.id}/keys`, { headers: API_KEY_HEADER }) | |
| expect(listRes.status()).toBe(200) | |
| const listBody = await listRes.json() | |
| const storedKey = listBody.keys.find((entry: any) => entry.id === createKeyBody.key.id) | |
| expect(storedKey).toBeDefined() | |
| expect(storedKey.key_prefix).toBe(createKeyBody.key.key_prefix) | |
| const revokeRes = await request.delete(`/api/agents/${primary.id}/keys`, { | |
| headers: API_KEY_HEADER, | |
| data: { key_id: createKeyBody.key.id }, | |
| }) | |
| expect(revokeRes.status()).toBe(200) | |
| const afterRevoke = await request.get(`/api/agents/${primary.id}/diagnostics?section=summary`, { | |
| headers: agentKeyHeader, | |
| }) | |
| expect(afterRevoke.status()).toBe(401) | |
| }) | |
| test('rejects expired agent keys', async ({ request }) => { | |
| const primary = await createTestAgent(request) | |
| cleanup.push(primary.id) | |
| const createKeyRes = await request.post(`/api/agents/${primary.id}/keys`, { | |
| headers: API_KEY_HEADER, | |
| data: { | |
| name: 'expired-key', | |
| scopes: ['viewer', 'agent:self'], | |
| expires_at: Math.floor(Date.now() / 1000) - 5, | |
| }, | |
| }) | |
| expect(createKeyRes.status()).toBe(201) | |
| const { api_key } = await createKeyRes.json() | |
| const expiredRes = await request.get(`/api/agents/${primary.id}/attribution?section=identity`, { | |
| headers: { 'x-api-key': api_key }, | |
| }) | |
| expect(expiredRes.status()).toBe(401) | |
| }) | |
| }) | |