81 lines
2.2 KiB
Python
81 lines
2.2 KiB
Python
import pytest
|
|
from datetime import datetime, timedelta, timezone
|
|
|
|
from grist_mcp.session import SessionTokenManager, SessionToken
|
|
|
|
|
|
def test_create_token_returns_valid_session_token():
|
|
manager = SessionTokenManager()
|
|
|
|
token = manager.create_token(
|
|
agent_name="test-agent",
|
|
document="sales",
|
|
permissions=["read", "write"],
|
|
ttl_seconds=300,
|
|
)
|
|
|
|
assert token.token.startswith("sess_")
|
|
assert len(token.token) > 20
|
|
assert token.document == "sales"
|
|
assert token.permissions == ["read", "write"]
|
|
assert token.agent_name == "test-agent"
|
|
assert token.expires_at > datetime.now(timezone.utc)
|
|
assert token.expires_at < datetime.now(timezone.utc) + timedelta(seconds=310)
|
|
|
|
|
|
def test_create_token_caps_ttl_at_maximum():
|
|
manager = SessionTokenManager()
|
|
|
|
# Request 2 hours, should be capped at 1 hour
|
|
token = manager.create_token(
|
|
agent_name="test-agent",
|
|
document="sales",
|
|
permissions=["read"],
|
|
ttl_seconds=7200,
|
|
)
|
|
|
|
# Should be capped at 3600 seconds (1 hour)
|
|
max_expires = datetime.now(timezone.utc) + timedelta(seconds=3610)
|
|
assert token.expires_at < max_expires
|
|
|
|
|
|
def test_validate_token_returns_session_for_valid_token():
|
|
manager = SessionTokenManager()
|
|
created = manager.create_token(
|
|
agent_name="test-agent",
|
|
document="sales",
|
|
permissions=["read"],
|
|
ttl_seconds=300,
|
|
)
|
|
|
|
session = manager.validate_token(created.token)
|
|
|
|
assert session is not None
|
|
assert session.document == "sales"
|
|
assert session.agent_name == "test-agent"
|
|
|
|
|
|
def test_validate_token_returns_none_for_unknown_token():
|
|
manager = SessionTokenManager()
|
|
|
|
session = manager.validate_token("sess_unknown_token")
|
|
|
|
assert session is None
|
|
|
|
|
|
def test_validate_token_returns_none_for_expired_token():
|
|
manager = SessionTokenManager()
|
|
created = manager.create_token(
|
|
agent_name="test-agent",
|
|
document="sales",
|
|
permissions=["read"],
|
|
ttl_seconds=1,
|
|
)
|
|
|
|
# Wait for expiry (we'll use time manipulation instead)
|
|
import time
|
|
time.sleep(1.1)
|
|
|
|
session = manager.validate_token(created.token)
|
|
|
|
assert session is None |