vijay_admin/sentryagent-idp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Phase 1 MVP — complete AgentIdP implementation

Browse Source 
Implements all P0 features per OpenSpec change phase-1-mvp-implementation:
- Agent Registry Service (CRUD) — full lifecycle management
- OAuth 2.0 Token Service (Client Credentials flow)
- Credential Management (generate, rotate, revoke)
- Immutable Audit Log Service

Tech: Node.js 18+, TypeScript 5.3+ strict, Express 4.18+, PostgreSQL 14+, Redis 7+
Standards: OpenAPI 3.0 specs, DRY/SOLID, zero `any` types
Quality: 18 unit test suites, 244 tests passing, 97%+ coverage
OpenAPI: 4 complete specs (14 endpoints total)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
SentryAgent.ai Developer
2026-03-28 09:14:41 +00:00
parent 245f8df427
commit d3530285b9
78 changed files with 20590 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

62
tests/unit/utils/crypto.test.ts Normal file
View File

@@ -0,0 +1,62 @@
/**
* Unit tests for src/utils/crypto.ts
*/
import { generateClientSecret, hashSecret, verifySecret } from '../../../src/utils/crypto';
describe('crypto utils', () => {
describe('generateClientSecret()', () => {
it('should return a string starting with sk_live_', () => {
const secret = generateClientSecret();
expect(secret).toMatch(/^sk_live_/);
});
it('should return 64 hex chars after the prefix', () => {
const secret = generateClientSecret();
const hex = secret.slice('sk_live_'.length);
expect(hex).toHaveLength(64);
expect(hex).toMatch(/^[0-9a-f]{64}$/);
});
it('should generate unique secrets on each call', () => {
const secret1 = generateClientSecret();
const secret2 = generateClientSecret();
expect(secret1).not.toBe(secret2);
});
it('should have total length of 72 characters (8 + 64)', () => {
const secret = generateClientSecret();
expect(secret).toHaveLength(72);
});
});
describe('hashSecret() and verifySecret()', () => {
it('should hash a secret and verify it correctly', async () => {
const plain = generateClientSecret();
const hash = await hashSecret(plain);
const isValid = await verifySecret(plain, hash);
expect(isValid).toBe(true);
});
it('should return false for a wrong secret', async () => {
const plain = generateClientSecret();
const hash = await hashSecret(plain);
const isValid = await verifySecret('wrong_secret', hash);
expect(isValid).toBe(false);
});
it('should produce different hashes for the same input (salt randomness)', async () => {
const plain = generateClientSecret();
const hash1 = await hashSecret(plain);
const hash2 = await hashSecret(plain);
expect(hash1).not.toBe(hash2);
});
it('should produce a bcrypt hash string', async () => {
const plain = generateClientSecret();
const hash = await hashSecret(plain);
// bcrypt hashes start with $2a$ or $2b$
expect(hash).toMatch(/^\$2[ab]\$/);
});
});
});