mirror of
https://github.com/lobehub/lobe-chat.git
synced 2026-06-14 03:30:19 +00:00
Innei
4a11ed9887
* ✨ feat(oidc): add interaction details endpoint * ✨ feat(auth-spa): scaffold standalone auth SPA shell and build pipeline * 🐛 fix(auth-spa): address review findings in AuthShell copies * ✨ feat(auth-spa): add spa-auth html route handler * ♻️ refactor(auth-spa): migrate simple auth pages into auth SPA * 🔒 fix(auth-spa): validate locale segment in spa-auth route * ♻️ refactor(auth-spa): move verify-im route to main SPA * 🔒 fix(auth-spa): sanitize callbackUrl, fix signup form wiring, add router error element * ♻️ refactor(auth-spa): migrate oauth pages into auth SPA * 🐛 fix(auth-spa): address oauth migration review findings * ♻️ refactor(auth): route auth pages to standalone SPA and drop Next auth tree * 🔒 fix(auth): validate locale before middleware rewrite * 🔥 chore(auth-spa): drop unused messenger i18n namespace from auth shell * ⚡️ perf(build): share one react vendor bundle across web/mobile/auth SPA builds Build react core (react, react-dom, react-dom/client, react/jsx-runtime) once as a self-contained ESM bundle under /_spa/vendor-shared, then mark those specifiers external in every SPA build and map them via rolldown output.paths to the same hashed URLs, so the auth page warms the main app's react cache. react-router-dom stays per-build: apps use ~19K of it after tree shaking while a shared bundle must export all 252K. Also split auth i18n namespaces into per-locale chunks, keep locale runtime helpers out of the default locale chunk, and group packages/const into app-const so vendor-ai-runtime no longer captures it. * ♻️ refactor(spa): extract shared SPA html serving helpers Both the main SPA and auth SPA route handlers duplicated the Vite dev asset rewriting, analytics config assembly and html template rendering. Move them into src/server/spaHtml.ts; the desktop umami block becomes an opt-in flag only the main SPA enables. * 🐛 fix(auth-spa): bundle default locale resources and disable i18n suspense to fix signin mount loop * ✨ feat(auth-spa): wrap auth shell with BusinessAuthProvider slot * 👷 build(spa): support custom vite dev origin and mark SPA entries side-effectful * 🔥 chore: drop dead /welcome entry from nextjsOnlyRoutes * 🐛 fix(auth-spa): forward referral to signup and fix error boundary dark-mode contrast * ♻️ refactor(spa): lift NextThemeProvider above RouterProvider so route error boundaries are theme-aware * update
73 lines
2.4 KiB
TypeScript
73 lines
2.4 KiB
TypeScript
import { afterEach, describe, expect, it, vi } from 'vitest';
|
|
|
|
import type { OidcInteractionDetailsResponse } from '@/types/oidc';
|
|
|
|
import { fetchInteractionDetails, InteractionDetailsError } from './useInteractionDetails';
|
|
|
|
const mockFetchResponse = (status: number, body?: unknown) =>
|
|
vi.spyOn(globalThis, 'fetch').mockResolvedValue(
|
|
new Response(body === undefined ? null : JSON.stringify(body), {
|
|
status,
|
|
}) as unknown as Response,
|
|
);
|
|
|
|
afterEach(() => {
|
|
vi.restoreAllMocks();
|
|
});
|
|
|
|
describe('fetchInteractionDetails', () => {
|
|
it('returns interaction details on success', async () => {
|
|
const details: OidcInteractionDetailsResponse = {
|
|
clientId: 'lobehub-desktop',
|
|
clientMetadata: { clientName: 'LobeHub Desktop', isFirstParty: true },
|
|
prompt: 'consent',
|
|
redirectUri: 'https://example.com/callback',
|
|
scopes: ['openid', 'profile'],
|
|
uid: 'abc',
|
|
};
|
|
const fetchSpy = mockFetchResponse(200, details);
|
|
|
|
await expect(fetchInteractionDetails('abc')).resolves.toEqual(details);
|
|
expect(fetchSpy).toHaveBeenCalledWith('/oidc/interaction/abc');
|
|
});
|
|
|
|
it('throws 409 error with promptName for unsupported interactions', async () => {
|
|
mockFetchResponse(409, { error: 'unsupported_interaction', promptName: 'select_account' });
|
|
|
|
const error = await fetchInteractionDetails('abc').catch((e) => e);
|
|
|
|
expect(error).toBeInstanceOf(InteractionDetailsError);
|
|
expect(error.status).toBe(409);
|
|
expect(error.promptName).toBe('select_account');
|
|
});
|
|
|
|
it('throws 400 error for invalid sessions', async () => {
|
|
mockFetchResponse(400, { error: 'session_invalid' });
|
|
|
|
const error = await fetchInteractionDetails('abc').catch((e) => e);
|
|
|
|
expect(error).toBeInstanceOf(InteractionDetailsError);
|
|
expect(error.status).toBe(400);
|
|
expect(error.message).toBe('session_invalid');
|
|
});
|
|
|
|
it('throws 404 error when OIDC is disabled', async () => {
|
|
mockFetchResponse(404);
|
|
|
|
const error = await fetchInteractionDetails('abc').catch((e) => e);
|
|
|
|
expect(error).toBeInstanceOf(InteractionDetailsError);
|
|
expect(error.status).toBe(404);
|
|
});
|
|
|
|
it('throws 500 error with fallback message when body is not json', async () => {
|
|
mockFetchResponse(500);
|
|
|
|
const error = await fetchInteractionDetails('abc').catch((e) => e);
|
|
|
|
expect(error).toBeInstanceOf(InteractionDetailsError);
|
|
expect(error.status).toBe(500);
|
|
expect(error.message).toBe('Request failed with status 500');
|
|
});
|
|
});
|