mirror of
https://github.com/NousResearch/hermes-agent.git
synced 2026-06-17 09:41:58 +00:00
497352bc4e
The salvaged read-side fix lets a profile resolve the xAI OAuth grant from the global-root auth store when it has no own providers.xai-oauth block. But _save_xai_oauth_tokens still wrote rotated tokens only to the active profile store. Because xAI rotates the refresh_token on every refresh, a profile that reads root's grant and refreshes it left root holding a now- revoked refresh token — killing every other profile reading the stale root grant with invalid_grant once its access token expired (#43589). Detect the read-from-root case (profile lacks its own providers.xai-oauth block) and, after the profile save, write the rotated chain back to the global root too via a best-effort, TOCTOU-safe write-through that reuses _save_auth_store with an explicit target path. A profile that genuinely shadows root (has its own block) is left untouched, classic mode is a no-op, and a failed root write never breaks the profile's own save. Pairs with the read fallback in the preceding commit so the cross-profile xAI grant stays coherent in both directions.
169 lines
6.4 KiB
Python
169 lines
6.4 KiB
Python
"""Regression tests for xAI OAuth refresh write-through to the global root.
|
|
|
|
Companion to ``test_xai_oauth_profile_auth.py``. That file covers the READ
|
|
fallback (profile -> credential pool -> global root). These cover the WRITE
|
|
side: when a profile that has no own ``providers.xai-oauth`` block refreshes
|
|
the (rotating) grant it resolved from the root fallback, the rotated tokens
|
|
must be written back to the global root too. Otherwise root keeps a revoked
|
|
refresh token and every other profile reading root's stale grant dies with
|
|
``invalid_grant`` once its access token expires (issue #43589).
|
|
|
|
The tests drive the real ``_save_xai_oauth_tokens`` against real on-disk auth
|
|
stores (profile + root under ``tmp_path``) rather than mocking the save
|
|
boundary, so they exercise the actual atomic write path.
|
|
"""
|
|
|
|
import json
|
|
|
|
import pytest
|
|
|
|
from hermes_cli import auth
|
|
|
|
|
|
def _write_store(path, store):
|
|
path.parent.mkdir(parents=True, exist_ok=True)
|
|
path.write_text(json.dumps(store), encoding="utf-8")
|
|
|
|
|
|
def _read_store(path):
|
|
return json.loads(path.read_text(encoding="utf-8"))
|
|
|
|
|
|
@pytest.fixture
|
|
def profile_and_root(tmp_path, monkeypatch):
|
|
"""Wire a profile auth store + a distinct global-root auth store on disk.
|
|
|
|
Returns (profile_path, root_path). The pytest seat belt in
|
|
``_write_through_xai_oauth_to_global_root`` only refuses the *real* user's
|
|
``$HOME/.hermes/auth.json``; a tmp_path root is allowed, so we point HOME
|
|
away from the tmp root to keep the guard from tripping on these fixtures.
|
|
"""
|
|
profile_path = tmp_path / "profiles" / "work" / "auth.json"
|
|
root_path = tmp_path / "root" / "auth.json"
|
|
|
|
monkeypatch.setattr(auth, "_auth_file_path", lambda: profile_path)
|
|
monkeypatch.setattr(auth, "_global_auth_file_path", lambda: root_path)
|
|
# Keep the pytest write seat belt from matching our tmp root.
|
|
monkeypatch.setenv("HOME", str(tmp_path / "not-the-root"))
|
|
return profile_path, root_path
|
|
|
|
|
|
def test_refresh_writes_through_to_root_when_profile_has_no_own_state(profile_and_root):
|
|
"""Profile reading root's grant must push rotated tokens back to root."""
|
|
profile_path, root_path = profile_and_root
|
|
# Profile has NO own xai-oauth block (reads root via fallback).
|
|
_write_store(profile_path, {"version": 1, "providers": {}})
|
|
_write_store(
|
|
root_path,
|
|
{
|
|
"version": 1,
|
|
"providers": {
|
|
"xai-oauth": {
|
|
"tokens": {
|
|
"access_token": "old-access",
|
|
"refresh_token": "old-refresh",
|
|
}
|
|
}
|
|
},
|
|
},
|
|
)
|
|
|
|
rotated = {
|
|
"access_token": "new-access",
|
|
"refresh_token": "new-refresh",
|
|
"token_type": "Bearer",
|
|
}
|
|
auth._save_xai_oauth_tokens(rotated)
|
|
|
|
# Profile got the rotated chain (existing behavior).
|
|
profile = _read_store(profile_path)
|
|
assert profile["providers"]["xai-oauth"]["tokens"]["refresh_token"] == "new-refresh"
|
|
|
|
# AND the global root no longer holds the revoked refresh token (#43589).
|
|
root = _read_store(root_path)
|
|
assert root["providers"]["xai-oauth"]["tokens"]["access_token"] == "new-access"
|
|
assert root["providers"]["xai-oauth"]["tokens"]["refresh_token"] == "new-refresh"
|
|
|
|
|
|
def test_refresh_does_not_touch_root_when_profile_has_own_state(profile_and_root):
|
|
"""A profile that genuinely shadows root must NOT clobber the root grant."""
|
|
profile_path, root_path = profile_and_root
|
|
# Profile has its OWN xai-oauth block: it shadows root legitimately.
|
|
_write_store(
|
|
profile_path,
|
|
{
|
|
"version": 1,
|
|
"providers": {
|
|
"xai-oauth": {
|
|
"tokens": {
|
|
"access_token": "profile-old",
|
|
"refresh_token": "profile-old-refresh",
|
|
}
|
|
}
|
|
},
|
|
},
|
|
)
|
|
_write_store(
|
|
root_path,
|
|
{
|
|
"version": 1,
|
|
"providers": {
|
|
"xai-oauth": {
|
|
"tokens": {
|
|
"access_token": "root-untouched",
|
|
"refresh_token": "root-untouched-refresh",
|
|
}
|
|
}
|
|
},
|
|
},
|
|
)
|
|
|
|
auth._save_xai_oauth_tokens(
|
|
{"access_token": "profile-new", "refresh_token": "profile-new-refresh"}
|
|
)
|
|
|
|
profile = _read_store(profile_path)
|
|
assert profile["providers"]["xai-oauth"]["tokens"]["refresh_token"] == "profile-new-refresh"
|
|
|
|
# Root is a separate grant chain — must be left exactly as-is.
|
|
root = _read_store(root_path)
|
|
assert root["providers"]["xai-oauth"]["tokens"]["access_token"] == "root-untouched"
|
|
assert root["providers"]["xai-oauth"]["tokens"]["refresh_token"] == "root-untouched-refresh"
|
|
|
|
|
|
def test_write_through_is_noop_in_classic_mode(tmp_path, monkeypatch):
|
|
"""Classic mode (profile == root) already saves to root; no double write."""
|
|
profile_path = tmp_path / "auth.json"
|
|
monkeypatch.setattr(auth, "_auth_file_path", lambda: profile_path)
|
|
# Classic mode: _global_auth_file_path returns None.
|
|
monkeypatch.setattr(auth, "_global_auth_file_path", lambda: None)
|
|
_write_store(profile_path, {"version": 1, "providers": {}})
|
|
|
|
# Should not raise and should persist to the single store.
|
|
auth._save_xai_oauth_tokens(
|
|
{"access_token": "a", "refresh_token": "r"}
|
|
)
|
|
store = _read_store(profile_path)
|
|
assert store["providers"]["xai-oauth"]["tokens"]["refresh_token"] == "r"
|
|
|
|
|
|
def test_write_through_failure_does_not_break_profile_save(profile_and_root, monkeypatch):
|
|
"""A failed root write-through must not break the profile's own save."""
|
|
profile_path, root_path = profile_and_root
|
|
_write_store(profile_path, {"version": 1, "providers": {}})
|
|
_write_store(root_path, {"version": 1, "providers": {}})
|
|
|
|
# Make the root write blow up; the profile save must still succeed.
|
|
real_save = auth._save_auth_store
|
|
|
|
def _exploding_save(store, target_path=None):
|
|
if target_path is not None and target_path == root_path:
|
|
raise OSError("simulated root write failure")
|
|
return real_save(store, target_path)
|
|
|
|
monkeypatch.setattr(auth, "_save_auth_store", _exploding_save)
|
|
|
|
auth._save_xai_oauth_tokens({"access_token": "a", "refresh_token": "r"})
|
|
|
|
profile = _read_store(profile_path)
|
|
assert profile["providers"]["xai-oauth"]["tokens"]["refresh_token"] == "r"
|