test: cover v2/main mid-session-auth code to the ≥90% per-file gate#1611
test: cover v2/main mid-session-auth code to the ≥90% per-file gate#1611cliffhall wants to merge 4 commits into
Conversation
Bring clients/cli/src/cliOAuth.ts from 75% to ≥90% on all four coverage
dimensions (now 100/96.42/100/100) by exercising the previously-untested
interactive step-up and auth-recovery paths:
- confirmStepUpFromStdin (the default stdin confirmer): drive it via the
default `confirmStepUp` parameter of handleCliAuthRecoveryRequired with
node:readline/promises mocked — covers the y / "yes" (trimmed,
case-insensitive) accept paths and the n decline path (which throws).
- connectInspectorWithOAuth's AuthRecoveryRequiredError branch: both the
storage-already-satisfies resume and the interactive-recovery sub-branches,
plus the isUnauthorizedError branch (with a rejecting disconnect to hit the
`.catch(() => {})` guard), the non-OAuth-capable-config rethrow, and the
non-OAuth-error rethrow.
Part of #1610 — v2/main mid-session-auth code below the per-file coverage
gate that v2/main's CI does not run but the Wave-1 rollup (#1550) does.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01S3fTN8H3R8YV4yUGvZjYnX
Bring clients/tui/src/components/AuthTab.tsx to ≥90 on all four dimensions (now 97.43/90.81/100/100) by exercising the previously-untested step-up keypress paths in the `useInput` handler: up-arrow navigation back to the "authorize" choice, the `a` (authorize) and `c` (cancel) shortcuts, and the fall-through for an unrelated key while the prompt is pending. Part of #1610. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01S3fTN8H3R8YV4yUGvZjYnX
Bring clients/tui/src/App.tsx from 79% to ≥90 on all four dimensions (92.23 / 90.20 / 92.85 / 92.68) by exercising the mid-session / step-up auth machinery that the existing suite didn't reach: - runOAuthAuthentication result branches (success / already_authorized / insufficient_scope / unsupported), driven deterministically via a new opt-in runRunnerInteractiveOAuth override (defaults to the real runner so the existing callback-driven OAuth tests are unchanged). - The per-client auth-lifecycle listeners (authChallengeAmbient / Recovered / Interactive / oauthError), fired through a new client-event registry on the FakeClient, including the non-selected-server early-return guards. - handleAuthRecoveryRequired step-up-confirm and reauth paths, handleConnect's OAuth-on-401 branches (AuthRecoveryRequired + EmaClientNotConfigured thrown mid-flow), handleClearOAuth's connected/disconnect path, and the AuthTab onAuthorizeStepUp handler (EMA satisfied/interactive/failed/throw + standard non-EMA authorize, cancel). Part of #1610. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01S3fTN8H3R8YV4yUGvZjYnX
|
@claude please review this PR for correctness and test quality. It adds coverage tests to bring three v2/main mid-session-auth files ( |
|
Claude finished @cliffhall's task in 4m 44s —— View job Review — mid-session-auth coverage testsI read the three source files under test ( Verdict: solid, mergeable. The tests assert real behavior, and the two harness additions are sound. One minor test-fidelity observation, no blockers. Detailed findings(1) Do the tests assert real behavior?Yes. They are behavioral, not line-chasing:
(2) Are the two harness additions sound / non-fragile?Yes, both.
(3) Missed edge cases / observations (minor, non-blocking)
Nothing here blocks merge — the suite tests real behavior and the harness changes are clean and reset per-test. The only thing I'd flag for future hardening is observation (1): the non-selected-server guard is covered but not behaviorally asserted. |
Addresses the @claude review of #1611: the event registry is now keyed by (client, fn) rather than event name alone, and a new `fireClientEventFor(client, …)` helper fires a single client's listeners. The "ignores auth lifecycle events from a non-selected server" test now fires ambient/recovered/oauthError for ONLY the non-selected client and asserts no message appears — so removing the `selectedServerRef.current !== serverName` guard would fail the test — then fires for the selected client to confirm it does act. Coverage of App.tsx is unchanged (92.23 / 90.20 / 92.85 / 92.68); existing fire-all `fireClientEvent` behavior is preserved. Part of #1610. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01S3fTN8H3R8YV4yUGvZjYnX
|
@claude thanks — addressed observation (1) in On (2) and (3): left as-is intentionally — the fixed-tick negative assertions rely on the override resolving synchronously (a wrongful reconnect lands within the polled window), and the |
|
Claude finished @cliffhall's task in 1m 54s —— View job Re-review at
|
Closes #1610
What
Bring v2/main's mid-session / step-up auth code up to the ≥90% per-file coverage gate (all four dimensions). This debt is invisible on
v2/main(its CI does not runnpm run coverage) but the Wave-1 rollup (#1601, which includes the #1550 CI gate) surfaces it — so we fix it at the source here, then re-mergev2/maininto the rollup.Every failing file was reproduced on a clean
v2/maincheckout; none of this was introduced by the rollup.Result — all three files now clear the gate
clients/cli/src/cliOAuth.tsclients/tui/src/components/AuthTab.tsxclients/tui/src/App.tsx(stmts / branch / funcs / lines)
How
confirmStepUpFromStdin(default stdin confirmer, via mockednode:readline/promises) and theAuthRecoveryRequiredError/isUnauthorizedErrorbranches ofconnectInspectorWithOAuth.useInputup-arrow,a/cshortcuts, and unrelated-key fall-through.runOAuthAuthenticationresult branches, the per-client auth-lifecycle listeners,handleAuthRecoveryRequired,handleConnect's OAuth-on-401 branches,handleClearOAuth, and the AuthTabonAuthorizeStepUphandler). Two small, opt-in additions to the App test harness — a client-event registry on the FakeClient and arunRunnerInteractiveOAuthoverride that defaults to the real runner — keep every existing callback-driven OAuth test unchanged.Verification
npm run validateandnpm run coverageboth pass from the repo root (web / cli / tui / launcher all green).Follow-up
Once merged,
v2/mainis re-merged into1579-wave-1(#1601) so the rollup's coverage gate goes green.🤖 Generated with Claude Code
https://claude.ai/code/session_01S3fTN8H3R8YV4yUGvZjYnX