Hugging Face's logo

Spaces:
imspsycho
/
copilot-api
Running

App Files Community
copilot-api
File size: 3,095 Bytes
98c9143
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
import { beforeEach, describe, expect, test } from "bun:test"
import { Hono } from "hono"

import { createAuthMiddleware } from "../src/lib/request-auth"

let regularApiKeys: Array<string>
let adminApiKeys: Array<string>

function createApp() {
  const app = new Hono()

  app.use(
    "*",
    createAuthMiddleware({
      getApiKeys: () => regularApiKeys,
      allowUnauthenticatedPaths: [],
      shouldSkipPath: (path) => path.startsWith("/admin/"),
    }),
  )
  app.use(
    "/admin/*",
    createAuthMiddleware({
      getApiKeys: () => adminApiKeys,
      allowUnauthenticatedPaths: [],
      allowWhenNoApiKeys: false,
    }),
  )

  app.all("/models", (c) => c.json({ ok: true, scope: "default" }))
  app.all("/admin/config/model-mappings", (c) =>
    c.json({ ok: true, scope: "admin" }),
  )

  return app
}

beforeEach(() => {
  regularApiKeys = ["regular-key"]
  adminApiKeys = ["admin-key"]
})

describe("request auth middleware", () => {
  test("accepts regular api keys for protected non-admin routes", async () => {
    const app = createApp()
    const response = await app.request("/models", {
      headers: {
        "x-api-key": "regular-key",
      },
    })

    expect(response.status).toBe(200)
    expect(await response.json()).toEqual({ ok: true, scope: "default" })
  })

  test("accepts admin api key for admin routes", async () => {
    const app = createApp()
    const response = await app.request("/admin/config/model-mappings", {
      headers: {
        authorization: "Bearer admin-key",
      },
    })

    expect(response.status).toBe(200)
    expect(await response.json()).toEqual({ ok: true, scope: "admin" })
  })

  test("rejects regular api keys on admin routes", async () => {
    const app = createApp()
    const response = await app.request("/admin/config/model-mappings", {
      headers: {
        "x-api-key": "regular-key",
      },
    })

    expect(response.status).toBe(401)
  })

  test("rejects admin api keys on protected non-admin routes", async () => {
    const app = createApp()
    const response = await app.request("/models", {
      headers: {
        "x-api-key": "admin-key",
      },
    })

    expect(response.status).toBe(401)
  })

  test("allows non-admin routes when no regular api keys are configured", async () => {
    regularApiKeys = []
    const app = createApp()
    const response = await app.request("/models")

    expect(response.status).toBe(200)
    expect(await response.json()).toEqual({ ok: true, scope: "default" })
  })

  test("rejects admin routes when no admin api key is configured", async () => {
    adminApiKeys = []
    const app = createApp()
    const response = await app.request("/admin/config/model-mappings")

    expect(response.status).toBe(401)
  })

  test("allows options requests for admin routes without auth", async () => {
    const app = createApp()
    const response = await app.request("/admin/config/model-mappings", {
      method: "OPTIONS",
    })

    expect(response.status).toBe(200)
    expect(await response.json()).toEqual({ ok: true, scope: "admin" })
  })
})