f21fa5b5e8
Commilitia Drop:自托管的跨设备剪贴板同步与点对点文件传输。 - 后端 Go(chi / SQLite WAL / SSE Hub / WebRTC signaling + 状态机 / Relay ring buffer),编译进单个 distroless 镜像(前端 go:embed)。 - 前端 React + TanStack Router + Zustand,自实现 SSE + WebRTC P2P,NAT 受阻时回退服务端中继;聚珍(Juzhen)CJK 综合排版。 - 桌面端 Wails v2(macOS / Windows),瘦客户端复用 web。 - 鉴权 OIDC PKCE(自建 Casdoor 等),refresh_token 信封加密存系统密钥库;iOS Shortcut 用 HS256 scoped token。 架构文档与变更记录见 docs 分支(PROJECT_BRIEF / FRONTEND_DESIGN / CHANGELOG)。 本次为公开发布初始提交:完整开发历史(含部署细节)留存于私有归档,公开仓库自此干净起步。
77 lines
2.1 KiB
Go
77 lines
2.1 KiB
Go
package config
|
|
|
|
import (
|
|
"strings"
|
|
"testing"
|
|
)
|
|
|
|
func TestValidate_DevRequiresDevToken(t *testing.T) {
|
|
c := &Config{AuthMode: "dev", DevToken: ""}
|
|
err := c.validate()
|
|
if err == nil {
|
|
t.Fatal("dev mode without DevToken must reject; got nil error")
|
|
}
|
|
if !strings.Contains(err.Error(), "CDROP_DEV_TOKEN") {
|
|
t.Errorf("error must mention CDROP_DEV_TOKEN; got %q", err.Error())
|
|
}
|
|
}
|
|
|
|
func TestValidate_DevWithDevTokenOK(t *testing.T) {
|
|
c := &Config{AuthMode: "dev", DevToken: "x"}
|
|
if err := c.validate(); err != nil {
|
|
t.Fatalf("dev with token should pass; got %v", err)
|
|
}
|
|
}
|
|
|
|
func TestValidate_ProdOK(t *testing.T) {
|
|
c := &Config{AuthMode: "prod", OIDCAudience: "cdrop-web,cdrop-desktop"}
|
|
if err := c.validate(); err != nil {
|
|
t.Fatalf("prod mode with audience should pass; got %v", err)
|
|
}
|
|
}
|
|
|
|
func TestValidate_ProdRequiresAudience(t *testing.T) {
|
|
// R6: prod with an empty audience leaves RS256 audience checking off, so a
|
|
// token minted for any sibling app sharing the JWKS would validate. Refuse.
|
|
c := &Config{AuthMode: "prod", OIDCAudience: ""}
|
|
err := c.validate()
|
|
if err == nil {
|
|
t.Fatal("prod without CDROP_OIDC_AUDIENCE must reject; got nil error")
|
|
}
|
|
if !strings.Contains(err.Error(), "CDROP_OIDC_AUDIENCE") {
|
|
t.Errorf("error must mention CDROP_OIDC_AUDIENCE; got %q", err.Error())
|
|
}
|
|
}
|
|
|
|
func TestValidate_UnknownMode(t *testing.T) {
|
|
c := &Config{AuthMode: "rogue"}
|
|
err := c.validate()
|
|
if err == nil {
|
|
t.Fatal("unknown auth mode must reject")
|
|
}
|
|
}
|
|
|
|
func TestLoad_EnvOverridesDefaults(t *testing.T) {
|
|
t.Setenv("CDROP_AUTH_MODE", "dev")
|
|
t.Setenv("CDROP_DEV_TOKEN", "abc")
|
|
t.Setenv("CDROP_LISTEN", ":9090")
|
|
t.Setenv("CDROP_DB_PATH", "/tmp/x.db")
|
|
|
|
cfg, err := Load()
|
|
if err != nil {
|
|
t.Fatalf("load: %v", err)
|
|
}
|
|
if cfg.AuthMode != "dev" {
|
|
t.Errorf("AuthMode: got %q, want %q", cfg.AuthMode, "dev")
|
|
}
|
|
if cfg.DevToken != "abc" {
|
|
t.Errorf("DevToken: got %q, want %q", cfg.DevToken, "abc")
|
|
}
|
|
if cfg.Listen != ":9090" {
|
|
t.Errorf("Listen: got %q, want %q", cfg.Listen, ":9090")
|
|
}
|
|
if cfg.DBPath != "/tmp/x.db" {
|
|
t.Errorf("DBPath: got %q, want %q", cfg.DBPath, "/tmp/x.db")
|
|
}
|
|
}
|