package api import ( "encoding/json" "net/http" "net/http/httptest" "os" "path/filepath" "testing" "time" gin "github.com/gin-gonic/gin" proxyconfig "github.com/router-for-me/CLIProxyAPI/v7/internal/config" internallogging "github.com/router-for-me/CLIProxyAPI/v7/internal/logging" "github.com/router-for-me/CLIProxyAPI/v7/internal/redisqueue" "github.com/router-for-me/CLIProxyAPI/v7/internal/registry" sdkaccess "github.com/router-for-me/CLIProxyAPI/v7/sdk/access" "github.com/router-for-me/CLIProxyAPI/v7/sdk/cliproxy/auth" sdkconfig "github.com/router-for-me/CLIProxyAPI/v7/sdk/config" ) func newTestServer(t *testing.T) *Server { t.Helper() gin.SetMode(gin.TestMode) tmpDir := t.TempDir() authDir := filepath.Join(tmpDir, "auth") if err := os.MkdirAll(authDir, 0o700); err != nil { t.Fatalf("failed to create auth dir: %v", err) } cfg := &proxyconfig.Config{ SDKConfig: sdkconfig.SDKConfig{ APIKeys: []string{"test-key"}, }, Port: 0, AuthDir: authDir, Debug: true, LoggingToFile: false, UsageStatisticsEnabled: false, } authManager := auth.NewManager(nil, nil, nil) accessManager := sdkaccess.NewManager() configPath := filepath.Join(tmpDir, "config.yaml") return NewServer(cfg, authManager, accessManager, configPath) } func TestHealthz(t *testing.T) { server := newTestServer(t) t.Run("GET", func(t *testing.T) { req := httptest.NewRequest(http.MethodGet, "/healthz", nil) rr := httptest.NewRecorder() server.engine.ServeHTTP(rr, req) if rr.Code != http.StatusOK { t.Fatalf("unexpected status code: got %d want %d; body=%s", rr.Code, http.StatusOK, rr.Body.String()) } var resp struct { Status string `json:"status"` } if err := json.Unmarshal(rr.Body.Bytes(), &resp); err != nil { t.Fatalf("failed to parse response JSON: %v; body=%s", err, rr.Body.String()) } if resp.Status != "ok" { t.Fatalf("unexpected response status: got %q want %q", resp.Status, "ok") } }) t.Run("HEAD", func(t *testing.T) { req := httptest.NewRequest(http.MethodHead, "/healthz", nil) rr := httptest.NewRecorder() server.engine.ServeHTTP(rr, req) if rr.Code != http.StatusOK { t.Fatalf("unexpected status code: got %d want %d; body=%s", rr.Code, http.StatusOK, rr.Body.String()) } if rr.Body.Len() != 0 { t.Fatalf("expected empty body for HEAD request, got %q", rr.Body.String()) } }) } func TestManagementUsageRequiresManagementAuthAndPopsArray(t *testing.T) { t.Setenv("MANAGEMENT_PASSWORD", "test-management-key") prevQueueEnabled := redisqueue.Enabled() redisqueue.SetEnabled(false) t.Cleanup(func() { redisqueue.SetEnabled(false) redisqueue.SetEnabled(prevQueueEnabled) }) server := newTestServer(t) redisqueue.Enqueue([]byte(`{"id":1}`)) redisqueue.Enqueue([]byte(`{"id":2}`)) missingKeyReq := httptest.NewRequest(http.MethodGet, "/v0/management/usage-queue?count=2", nil) missingKeyRR := httptest.NewRecorder() server.engine.ServeHTTP(missingKeyRR, missingKeyReq) if missingKeyRR.Code != http.StatusUnauthorized { t.Fatalf("missing key status = %d, want %d body=%s", missingKeyRR.Code, http.StatusUnauthorized, missingKeyRR.Body.String()) } legacyReq := httptest.NewRequest(http.MethodGet, "/v0/management/usage?count=2", nil) legacyReq.Header.Set("Authorization", "Bearer test-management-key") legacyRR := httptest.NewRecorder() server.engine.ServeHTTP(legacyRR, legacyReq) if legacyRR.Code != http.StatusNotFound { t.Fatalf("legacy usage status = %d, want %d body=%s", legacyRR.Code, http.StatusNotFound, legacyRR.Body.String()) } authReq := httptest.NewRequest(http.MethodGet, "/v0/management/usage-queue?count=2", nil) authReq.Header.Set("Authorization", "Bearer test-management-key") authRR := httptest.NewRecorder() server.engine.ServeHTTP(authRR, authReq) if authRR.Code != http.StatusOK { t.Fatalf("authenticated status = %d, want %d body=%s", authRR.Code, http.StatusOK, authRR.Body.String()) } var payload []json.RawMessage if errUnmarshal := json.Unmarshal(authRR.Body.Bytes(), &payload); errUnmarshal != nil { t.Fatalf("unmarshal response: %v body=%s", errUnmarshal, authRR.Body.String()) } if len(payload) != 2 { t.Fatalf("response records = %d, want 2", len(payload)) } for i, raw := range payload { var record struct { ID int `json:"id"` } if errUnmarshal := json.Unmarshal(raw, &record); errUnmarshal != nil { t.Fatalf("unmarshal record %d: %v", i, errUnmarshal) } if record.ID != i+1 { t.Fatalf("record %d id = %d, want %d", i, record.ID, i+1) } } if remaining := redisqueue.PopOldest(1); len(remaining) != 0 { t.Fatalf("remaining queue = %q, want empty", remaining) } } func TestHomeEnabledHidesManagementEndpointsAndControlPanel(t *testing.T) { t.Setenv("MANAGEMENT_PASSWORD", "test-management-key") server := newTestServer(t) server.cfg.Home.Enabled = true t.Run("management endpoints return 404", func(t *testing.T) { req := httptest.NewRequest(http.MethodGet, "/v0/management/config", nil) req.Header.Set("Authorization", "Bearer test-management-key") rr := httptest.NewRecorder() server.engine.ServeHTTP(rr, req) if rr.Code != http.StatusNotFound { t.Fatalf("status = %d, want %d body=%s", rr.Code, http.StatusNotFound, rr.Body.String()) } }) t.Run("management control panel returns 404", func(t *testing.T) { req := httptest.NewRequest(http.MethodGet, "/management.html", nil) rr := httptest.NewRecorder() server.engine.ServeHTTP(rr, req) if rr.Code != http.StatusNotFound { t.Fatalf("status = %d, want %d body=%s", rr.Code, http.StatusNotFound, rr.Body.String()) } }) } func TestAmpProviderModelRoutes(t *testing.T) { testCases := []struct { name string path string wantStatus int wantContains string }{ { name: "openai root models", path: "/api/provider/openai/models", wantStatus: http.StatusOK, wantContains: `"object":"list"`, }, { name: "groq root models", path: "/api/provider/groq/models", wantStatus: http.StatusOK, wantContains: `"object":"list"`, }, { name: "openai models", path: "/api/provider/openai/v1/models", wantStatus: http.StatusOK, wantContains: `"object":"list"`, }, { name: "anthropic models", path: "/api/provider/anthropic/v1/models", wantStatus: http.StatusOK, wantContains: `"data"`, }, { name: "google models v1", path: "/api/provider/google/v1/models", wantStatus: http.StatusOK, wantContains: `"models"`, }, { name: "google models v1beta", path: "/api/provider/google/v1beta/models", wantStatus: http.StatusOK, wantContains: `"models"`, }, } for _, tc := range testCases { tc := tc t.Run(tc.name, func(t *testing.T) { server := newTestServer(t) req := httptest.NewRequest(http.MethodGet, tc.path, nil) req.Header.Set("Authorization", "Bearer test-key") rr := httptest.NewRecorder() server.engine.ServeHTTP(rr, req) if rr.Code != tc.wantStatus { t.Fatalf("unexpected status code for %s: got %d want %d; body=%s", tc.path, rr.Code, tc.wantStatus, rr.Body.String()) } if body := rr.Body.String(); !strings.Contains(body, tc.wantContains) { t.Fatalf("response body for %s missing %q: %s", tc.path, tc.wantContains, body) } }) } } func TestModelsWithClientVersionReturnsCodexCatalog(t *testing.T) { modelRegistry := registry.GetGlobalRegistry() clientID := "test-client-version-catalog" modelRegistry.RegisterClient(clientID, "openai", []*registry.ModelInfo{ { ID: "gpt-5.5", Object: "model", Created: 1776902400, OwnedBy: "openai", Type: "openai", DisplayName: "GPT 5.5", Description: "Frontier model for complex coding, research, and real-world work.", ContextLength: 272000, Thinking: ®istry.ThinkingSupport{Levels: []string{"low", "medium", "high", "xhigh"}}, }, { ID: "custom-codex-model-test", Object: "model", OwnedBy: "test", Type: "openai", DisplayName: "Custom Codex Model", Description: "Custom model from registry", ContextLength: 123456, Thinking: ®istry.ThinkingSupport{Levels: []string{"low", "medium"}}, }, {ID: "grok-imagine-image-quality", Object: "model", OwnedBy: "xai", Type: "openai"}, {ID: "gpt-image-2", Object: "model", OwnedBy: "openai", Type: "openai"}, {ID: "grok-imagine-image", Object: "model", OwnedBy: "xai", Type: "openai"}, {ID: "grok-imagine-video", Object: "model", OwnedBy: "xai", Type: "openai"}, }) t.Cleanup(func() { modelRegistry.UnregisterClient(clientID) }) server := newTestServer(t) req := httptest.NewRequest(http.MethodGet, "/v1/models?client_version", nil) req.Header.Set("Authorization", "Bearer test-key") req.Header.Set("User-Agent", "claude-cli/1.0") rr := httptest.NewRecorder() server.engine.ServeHTTP(rr, req) if rr.Code != http.StatusOK { t.Fatalf("status = %d, want %d body=%s", rr.Code, http.StatusOK, rr.Body.String()) } var resp struct { Models []map[string]any `json:"models"` Object string `json:"object"` Data []any `json:"data"` } if err := json.Unmarshal(rr.Body.Bytes(), &resp); err != nil { t.Fatalf("failed to parse response JSON: %v; body=%s", err, rr.Body.String()) } if resp.Object != "" || resp.Data != nil { t.Fatalf("expected codex catalog format without object/data, got object=%q data=%v", resp.Object, resp.Data) } if len(resp.Models) == 0 { t.Fatal("expected codex catalog models") } var gpt55 map[string]any var custom map[string]any for _, model := range resp.Models { switch slug, _ := model["slug"].(string); slug { case "gpt-5.5": gpt55 = model case "custom-codex-model-test": custom = model } } if gpt55 == nil { t.Fatal("expected gpt-5.5 codex catalog entry") } if _, ok := gpt55["minimal_client_version"]; !ok { t.Fatal("expected minimal_client_version in codex catalog") } serviceTiers, ok := gpt55["service_tiers"].([]any) if !ok || len(serviceTiers) != 1 { t.Fatalf("expected gpt-5.5 priority service tier, got %#v", gpt55["service_tiers"]) } if custom == nil { t.Fatal("expected custom model codex catalog entry") } if got, _ := custom["display_name"].(string); got != "Custom Codex Model" { t.Fatalf("custom display_name = %q, want Custom Codex Model", got) } if got, _ := custom["description"].(string); got != "Custom model from registry" { t.Fatalf("custom description = %q, want Custom model from registry", got) } if got, _ := custom["context_window"].(float64); got != 123456 { t.Fatalf("custom context_window = %v, want 123456", custom["context_window"]) } if custom["base_instructions"] != gpt55["base_instructions"] { t.Fatal("expected custom model to use gpt-5.5 base_instructions fallback") } if _, ok := custom["available_in_plans"].([]any); !ok { t.Fatalf("expected custom model to use gpt-5.5 available_in_plans fallback, got %#v", custom["available_in_plans"]) } if got, _ := custom["prefer_websockets"].(bool); got { t.Fatalf("custom prefer_websockets = %v, want false", custom["prefer_websockets"]) } if _, ok := custom["apply_patch_tool_type"]; ok { t.Fatal("expected custom model to omit apply_patch_tool_type") } if _, ok := custom["upgrade"]; ok { t.Fatal("expected custom model to omit upgrade") } if _, ok := custom["availability_nux"]; ok { t.Fatal("expected custom model to omit availability_nux") } hiddenModels := map[string]bool{ "grok-imagine-image-quality": false, "gpt-image-2": false, "grok-imagine-image": false, "grok-imagine-video": false, } for _, model := range resp.Models { slug, _ := model["slug"].(string) if _, ok := hiddenModels[slug]; !ok { continue } if visibility, _ := model["visibility"].(string); visibility != "hide" { t.Fatalf("%s visibility = %q, want hide", slug, visibility) } hiddenModels[slug] = true } for slug, found := range hiddenModels { if !found { t.Fatalf("expected hidden model %s in codex catalog", slug) } } } func TestDefaultRequestLoggerFactory_UsesResolvedLogDirectory(t *testing.T) { t.Setenv("WRITABLE_PATH", "") t.Setenv("writable_path", "") originalWD, errGetwd := os.Getwd() if errGetwd != nil { t.Fatalf("failed to get current working directory: %v", errGetwd) } tmpDir := t.TempDir() if errChdir := os.Chdir(tmpDir); errChdir != nil { t.Fatalf("failed to switch working directory: %v", errChdir) } defer func() { if errChdirBack := os.Chdir(originalWD); errChdirBack != nil { t.Fatalf("failed to restore working directory: %v", errChdirBack) } }() // Force ResolveLogDirectory to fallback to auth-dir/logs by making ./logs not a writable directory. if errWriteFile := os.WriteFile(filepath.Join(tmpDir, "logs"), []byte("not-a-directory"), 0o644); errWriteFile != nil { t.Fatalf("failed to create blocking logs file: %v", errWriteFile) } configDir := filepath.Join(tmpDir, "config") if errMkdirConfig := os.MkdirAll(configDir, 0o755); errMkdirConfig != nil { t.Fatalf("failed to create config dir: %v", errMkdirConfig) } configPath := filepath.Join(configDir, "config.yaml") authDir := filepath.Join(tmpDir, "auth") if errMkdirAuth := os.MkdirAll(authDir, 0o700); errMkdirAuth != nil { t.Fatalf("failed to create auth dir: %v", errMkdirAuth) } cfg := &proxyconfig.Config{ SDKConfig: proxyconfig.SDKConfig{ RequestLog: false, }, AuthDir: authDir, ErrorLogsMaxFiles: 10, } logger := defaultRequestLoggerFactory(cfg, configPath) fileLogger, ok := logger.(*internallogging.FileRequestLogger) if !ok { t.Fatalf("expected *FileRequestLogger, got %T", logger) } errLog := fileLogger.LogRequestWithOptions( "/v1/chat/completions", http.MethodPost, map[string][]string{"Content-Type": []string{"application/json"}}, []byte(`{"input":"hello"}`), http.StatusBadGateway, map[string][]string{"Content-Type": []string{"application/json"}}, []byte(`{"error":"upstream failure"}`), nil, nil, nil, nil, nil, true, "issue-1711", time.Now(), time.Now(), ) if errLog != nil { t.Fatalf("failed to write forced error request log: %v", errLog) } authLogsDir := filepath.Join(authDir, "logs") authEntries, errReadAuthDir := os.ReadDir(authLogsDir) if errReadAuthDir != nil { t.Fatalf("failed to read auth logs dir %s: %v", authLogsDir, errReadAuthDir) } foundErrorLogInAuthDir := false for _, entry := range authEntries { if strings.HasPrefix(entry.Name(), "error-") && strings.HasSuffix(entry.Name(), ".log") { foundErrorLogInAuthDir = true break } } if !foundErrorLogInAuthDir { t.Fatalf("expected forced error log in auth fallback dir %s, got entries: %+v", authLogsDir, authEntries) } configLogsDir := filepath.Join(configDir, "logs") configEntries, errReadConfigDir := os.ReadDir(configLogsDir) if errReadConfigDir != nil && !os.IsNotExist(errReadConfigDir) { t.Fatalf("failed to inspect config logs dir %s: %v", configLogsDir, errReadConfigDir) } for _, entry := range configEntries { if strings.HasPrefix(entry.Name(), "error-") && strings.HasSuffix(entry.Name(), ".log") { t.Fatalf("unexpected forced error log in config dir %s", configLogsDir) } } }