bdd5d92ba7
Complete implementation ready for Coolify: - Node.js 22 + Fastify + socket.io backend - PostgreSQL 16 + Redis 7 services - Docker Compose configuration - Deployment scripts and documentation Co-Authored-By: Paperclip <noreply@paperclip.ing>
82 lines
2.4 KiB
Bash
Executable file
82 lines
2.4 KiB
Bash
Executable file
#!/usr/bin/env bash
|
|
# Test script for J3 authentication flow
|
|
# Usage: ./scripts/test-auth-flow.sh
|
|
|
|
set -euo pipefail
|
|
|
|
API_URL="${API_URL:-http://localhost:3000}"
|
|
|
|
echo "=== AgentHub J3 Authentication Flow Test ==="
|
|
echo ""
|
|
|
|
# 1. Create agent
|
|
echo "1. Creating agent..."
|
|
AGENT_RESPONSE=$(curl -s -X POST "${API_URL}/api/v1/agents" \
|
|
-H "Content-Type: application/json" \
|
|
-d '{
|
|
"name": "test-agent-'$(date +%s)'",
|
|
"displayName": "Test Agent",
|
|
"role": "agent"
|
|
}')
|
|
|
|
AGENT_ID=$(echo "$AGENT_RESPONSE" | jq -r '.id')
|
|
echo " Agent ID: $AGENT_ID"
|
|
echo ""
|
|
|
|
# 2. List agents
|
|
echo "2. Listing agents..."
|
|
curl -s -X GET "${API_URL}/api/v1/agents" | jq '.[0:2]'
|
|
echo ""
|
|
|
|
# 3. Issue API token
|
|
echo "3. Issuing API token..."
|
|
TOKEN_RESPONSE=$(curl -s -X POST "${API_URL}/api/v1/agents/${AGENT_ID}/tokens" \
|
|
-H "Content-Type: application/json" \
|
|
-d '{"scopes": {"read": true, "write": true}}')
|
|
|
|
API_TOKEN=$(echo "$TOKEN_RESPONSE" | jq -r '.secret')
|
|
TOKEN_ID=$(echo "$TOKEN_RESPONSE" | jq -r '.id')
|
|
echo " Token ID: $TOKEN_ID"
|
|
echo " Token (secret): ${API_TOKEN:0:20}..."
|
|
echo ""
|
|
|
|
# 4. Exchange API token for JWT
|
|
echo "4. Exchanging API token for JWT..."
|
|
JWT_RESPONSE=$(curl -s -X POST "${API_URL}/api/v1/sessions" \
|
|
-H "Content-Type: application/json" \
|
|
-d "{\"apiToken\": \"${API_TOKEN}\"}")
|
|
|
|
JWT=$(echo "$JWT_RESPONSE" | jq -r '.jwt')
|
|
EXPIRES_IN=$(echo "$JWT_RESPONSE" | jq -r '.expiresIn')
|
|
echo " JWT: ${JWT:0:50}..."
|
|
echo " Expires in: ${EXPIRES_IN} seconds (15 minutes)"
|
|
echo ""
|
|
|
|
# 5. Verify JWT is valid (decode it)
|
|
echo "5. Decoding JWT payload..."
|
|
JWT_PAYLOAD=$(echo "$JWT" | cut -d'.' -f2)
|
|
# Add padding if needed
|
|
JWT_PAYLOAD_PADDED="${JWT_PAYLOAD}$(printf '=%.0s' {1..4})"
|
|
echo "$JWT_PAYLOAD_PADDED" | base64 -d 2>/dev/null | jq '.'
|
|
echo ""
|
|
|
|
# 6. Test token revocation
|
|
echo "6. Revoking API token..."
|
|
curl -s -X DELETE "${API_URL}/api/v1/tokens/${TOKEN_ID}" -w "\n HTTP Status: %{http_code}\n"
|
|
echo ""
|
|
|
|
# 7. Try to use revoked token (should fail)
|
|
echo "7. Attempting to use revoked token (should fail with 401)..."
|
|
curl -s -X POST "${API_URL}/api/v1/sessions" \
|
|
-H "Content-Type: application/json" \
|
|
-d "{\"apiToken\": \"${API_TOKEN}\"}" \
|
|
-w "\n HTTP Status: %{http_code}\n" | jq '.'
|
|
echo ""
|
|
|
|
echo "=== Test Complete ==="
|
|
echo ""
|
|
echo "✓ Agent created"
|
|
echo "✓ API token issued"
|
|
echo "✓ JWT exchanged"
|
|
echo "✓ Token revoked"
|
|
echo "✓ Revoked token rejected"
|