Add tests for API key option parsing

Author: razor-x

examples/index.ts

@@ -36,6 +36,6 @@ const middleware = [...defaultMiddleware, createAppContext]
 await landlubber<Context>(commands, { middleware })
   .describe('api-key', 'Seam API key')
   .string('api-key')
-  .default('api-key', env['SEAM_API_KEY'], 'SEAM_API_KEY')
+  .default('api-key', env.SEAM_API_KEY, 'SEAM_API_KEY')
   .demandOption('api-key')
   .parse()

src/lib/seam/connect/auth.ts

@@ -32,13 +32,17 @@ const getAuthHeadersForApiKey = ({
     )
   }
 
+  if (isJwt(apiKey)) {
+    throw new SeamHttpInvalidTokenError('A JWT cannot be used as an apiKey')
+  }
+
   if (isAccessToken(apiKey)) {
     throw new SeamHttpInvalidTokenError(
-      'An access token cannot be used as an apiKey',
+      'An Access Token cannot be used as an apiKey',
     )
   }
 
-  if (isJwt(apiKey) || !isSeamToken(apiKey)) {
+  if (!isSeamToken(apiKey)) {
     throw new SeamHttpInvalidTokenError(
       `Unknown or invalid apiKey format, expected token to start with ${tokenPrefix}`,
     )

src/lib/seam/connect/client-options.ts

@@ -1,6 +1,7 @@
 import type { Axios, AxiosRequestConfig } from 'axios'
 
 export type SeamHttpOptions =
+  | SeamHttpOptionsFromEnv
   | SeamHttpOptionsWithClient
   | SeamHttpOptionsWithApiKey
   | SeamHttpOptionsWithClientSessionToken
@@ -11,6 +12,8 @@ interface SeamHttpCommonOptions {
   enableLegacyMethodBehaivor?: boolean
 }
 
+export type SeamHttpOptionsFromEnv = SeamHttpCommonOptions
+
 export interface SeamHttpOptionsWithClient
   extends Pick<SeamHttpCommonOptions, 'enableLegacyMethodBehaivor'> {
   client: Axios

src/lib/seam/connect/client.ts

@@ -33,7 +33,7 @@ export class SeamHttp {
 
   // #legacy: boolean
 
-  constructor(apiKeyOrOptions: string | SeamHttpOptions) {
+  constructor(apiKeyOrOptions: string | SeamHttpOptions = {}) {
     const options = parseOptions(apiKeyOrOptions)
     // this.#legacy = options.enableLegacyMethodBehaivor
     this.client = createAxiosClient(options)

src/lib/seam/connect/env.d.ts

@@ -0,0 +1,11 @@
+declare global {
+  namespace NodeJS {
+    interface ProcessEnv {
+      SEAM_API_KEY?: string
+      SEAM_API_URL?: string
+      SEAM_ENDPOINT?: string
+    }
+  }
+}
+
+export {}

src/lib/seam/connect/parse-options.ts

@@ -22,14 +22,14 @@ export const parseOptions = (
 
   const endpoint =
     options.endpoint ??
-    globalThis.process?.env?.['SEAM_ENDPOINT'] ??
-    globalThis.process?.env?.['SEAM_API_URL'] ??
+    globalThis.process?.env?.SEAM_ENDPOINT ??
+    globalThis.process?.env?.SEAM_API_URL ??
     'https://connect.getseam.com'
 
   const apiKey =
     'apiKey' in options
       ? options.apiKey
-      : globalThis.process?.env?.['SEAM_API_KEY']
+      : globalThis.process?.env?.SEAM_API_KEY
 
   return {
     ...options,

test/seam/connect/api-key.test.ts

@@ -3,7 +3,9 @@ import { getTestServer } from 'fixtures/seam/connect/api.js'
 
 import { SeamHttp } from '@seamapi/http/connect'
 
-test('SeamHttp: fromApiKey', async (t) => {
+import { SeamHttpInvalidTokenError } from 'lib/seam/connect/auth.js'
+
+test('SeamHttp: fromApiKey returns instance authorized with apiKey', async (t) => {
   const { seed, endpoint } = await getTestServer(t)
   const client = SeamHttp.fromApiKey(seed.seam_apikey1_token, { endpoint })
   const device = await client.devices.get({
@@ -12,3 +14,41 @@ test('SeamHttp: fromApiKey', async (t) => {
   t.is(device.workspace_id, seed.seed_workspace_1)
   t.is(device.device_id, seed.august_device_1)
 })
+
+test('SeamHttp: constructor returns instance authorized with apiKey', async (t) => {
+  const { seed, endpoint } = await getTestServer(t)
+  const client = new SeamHttp({ apiKey: seed.seam_apikey1_token, endpoint })
+  const device = await client.devices.get({
+    device_id: seed.august_device_1,
+  })
+  t.is(device.workspace_id, seed.seed_workspace_1)
+  t.is(device.device_id, seed.august_device_1)
+})
+
+test('SeamHttp: constructor interprets single string argument as apiKey', (t) => {
+  const client = new SeamHttp('seam_apikey_token')
+  t.truthy(client)
+  t.throws(() => new SeamHttp('some-invalid-key-format'), {
+    instanceOf: SeamHttpInvalidTokenError,
+    message: /apiKey/,
+  })
+})
+
+test('SeamHttp: checks apiKey format', (t) => {
+  t.throws(() => SeamHttp.fromApiKey('some-invalid-key-format'), {
+    instanceOf: SeamHttpInvalidTokenError,
+    message: /Unknown/,
+  })
+  t.throws(() => SeamHttp.fromApiKey('ey'), {
+    instanceOf: SeamHttpInvalidTokenError,
+    message: /JWT/,
+  })
+  t.throws(() => SeamHttp.fromApiKey('seam_cst_token'), {
+    instanceOf: SeamHttpInvalidTokenError,
+    message: /Client Session Token/,
+  })
+  t.throws(() => SeamHttp.fromApiKey('seam_at'), {
+    instanceOf: SeamHttpInvalidTokenError,
+    message: /Access Token/,
+  })
+})

test/seam/connect/env.test.ts

@@ -0,0 +1,143 @@
+import { env } from 'node:process'
+
+import test from 'ava'
+import { getTestServer } from 'fixtures/seam/connect/api.js'
+
+import { SeamHttp } from '@seamapi/http/connect'
+
+import { SeamHttpInvalidOptionsError } from 'lib/seam/connect/client-options.js'
+
+/*
+ * Tests in this file must run serially to ensure a clean environment for each test.
+ */
+test.afterEach(() => {
+  delete env.SEAM_API_KEY
+  delete env.SEAM_ENDPOINT
+  delete env.SEAM_API_URL
+})
+
+test.serial(
+  'SeamHttp: constructor uses SEAM_API_KEY environment variable',
+  async (t) => {
+    const { seed, endpoint } = await getTestServer(t)
+    env.SEAM_API_KEY = seed.seam_apikey1_token
+    const client = new SeamHttp({ endpoint })
+    const device = await client.devices.get({
+      device_id: seed.august_device_1,
+    })
+    t.is(device.workspace_id, seed.seed_workspace_1)
+    t.is(device.device_id, seed.august_device_1)
+  },
+)
+
+test.serial(
+  'SeamHttp: apiKey option overrides environment variables',
+  async (t) => {
+    const { seed, endpoint } = await getTestServer(t)
+    env.SEAM_API_KEY = 'some-invalid-api-key'
+    const client = new SeamHttp({ apiKey: seed.seam_apikey1_token, endpoint })
+    const device = await client.devices.get({
+      device_id: seed.august_device_1,
+    })
+    t.is(device.workspace_id, seed.seed_workspace_1)
+    t.is(device.device_id, seed.august_device_1)
+  },
+)
+
+test.serial(
+  'SeamHttp: apiKey option as first argument overrides environment variables',
+  (t) => {
+    env.SEAM_API_KEY = 'some-invalid-api-key'
+    const client = new SeamHttp('seam_apikey_token')
+    t.truthy(client)
+  },
+)
+
+test.serial(
+  'SeamHttp: constructor uses SEAM_API_KEY environment variable when passed no argument',
+  (t) => {
+    env.SEAM_API_KEY = 'seam_apikey_token'
+    const client = new SeamHttp()
+    t.truthy(client)
+  },
+)
+
+test.serial(
+  'SeamHttp: constructor requires SEAM_API_KEY when passed no argument',
+  (t) => {
+    t.throws(() => new SeamHttp(), {
+      instanceOf: SeamHttpInvalidOptionsError,
+      message: /apiKey/,
+    })
+  },
+)
+
+test.serial(
+  'SeamHttp: constructor throws if SEAM_API_KEY environment variable is used with clientSessionToken',
+  (t) => {
+    env.SEAM_API_KEY = 'seam_apikey_token'
+    t.throws(() => new SeamHttp({ clientSessionToken: 'seam_cst_token' }), {
+      instanceOf: SeamHttpInvalidOptionsError,
+      message: /apiKey/,
+    })
+  },
+)
+
+test.serial(
+  'SeamHttp: SEAM_ENDPOINT environment variable is used first',
+  async (t) => {
+    const { seed, endpoint } = await getTestServer(t)
+    env.SEAM_API_URL = 'https://example.com'
+    env.SEAM_ENDPOINT = endpoint
+    const client = new SeamHttp({ apiKey: seed.seam_apikey1_token })
+    const device = await client.devices.get({
+      device_id: seed.august_device_1,
+    })
+    t.is(device.workspace_id, seed.seed_workspace_1)
+    t.is(device.device_id, seed.august_device_1)
+  },
+)
+
+test.serial(
+  'SeamHttp: SEAM_API_URL environment variable is used as fallback',
+  async (t) => {
+    const { seed, endpoint } = await getTestServer(t)
+    env.SEAM_API_URL = endpoint
+    const client = new SeamHttp({ apiKey: seed.seam_apikey1_token })
+    const device = await client.devices.get({
+      device_id: seed.august_device_1,
+    })
+    t.is(device.workspace_id, seed.seed_workspace_1)
+    t.is(device.device_id, seed.august_device_1)
+  },
+)
+
+test.serial(
+  'SeamHttp: endpoint option overrides environment variables',
+  async (t) => {
+    const { seed, endpoint } = await getTestServer(t)
+    env.SEAM_API_URL = 'https://example.com'
+    env.SEAM_ENDPOINT = 'https://example.com'
+    const client = new SeamHttp({ apiKey: seed.seam_apikey1_token, endpoint })
+    const device = await client.devices.get({
+      device_id: seed.august_device_1,
+    })
+    t.is(device.workspace_id, seed.seed_workspace_1)
+    t.is(device.device_id, seed.august_device_1)
+  },
+)
+
+test.serial(
+  'SeamHttp: SEAM_ENDPOINT environment variable is used with fromApiKey',
+  async (t) => {
+    const { seed, endpoint } = await getTestServer(t)
+    env.SEAM_API_URL = 'https://example.com'
+    env.SEAM_ENDPOINT = endpoint
+    const client = SeamHttp.fromApiKey(seed.seam_apikey1_token)
+    const device = await client.devices.get({
+      device_id: seed.august_device_1,
+    })
+    t.is(device.workspace_id, seed.seed_workspace_1)
+    t.is(device.device_id, seed.august_device_1)
+  },
+)