

























@@ -158,6 +158,16 @@ function createRuntimeScopeRecorderHandler(params: {
158158});
159159}
160160161+async function expectPluginRequestOk(
162+server: Parameters<typeof dispatchRequest>[0],
163+request: Parameters<typeof createRequest>[0],
164+): Promise<void> {
165+const response = createResponse();
166+await dispatchRequest(server, createRequest(request), response.res);
167+expect(response.res.statusCode).toBe(200);
168+expect(response.getBody()).toBe("ok");
169+}
170+161171describe("gateway plugin HTTP auth boundary", () => {
162172test("applies default security headers and optional strict transport security", async () => {
163173await withGatewayTempConfig("openclaw-plugin-http-security-headers-test-", async () => {
@@ -319,23 +329,15 @@ describe("gateway plugin HTTP auth boundary", () => {
319329},
320330});
321331322-const response = createResponse();
323-await dispatchRequest(
324-server,
325-createRequest({
326-path: "/secure-hook",
327-remoteAddress: "203.0.113.10",
328-headers: {
329-"x-forwarded-user": "operator",
330-"x-forwarded-for": "198.51.100.20",
331-"x-openclaw-scopes": "operator.read",
332-},
333-}),
334-response.res,
335-);
336-337-expect(response.res.statusCode).toBe(200);
338-expect(response.getBody()).toBe("ok");
332+await expectPluginRequestOk(server, {
333+path: "/secure-hook",
334+remoteAddress: "203.0.113.10",
335+headers: {
336+"x-forwarded-user": "operator",
337+"x-forwarded-for": "198.51.100.20",
338+"x-openclaw-scopes": "operator.read",
339+},
340+});
339341},
340342});
341343@@ -362,21 +364,13 @@ describe("gateway plugin HTTP auth boundary", () => {
362364shouldEnforcePluginGatewayAuth: (pathContext) => pathContext.pathname === "/secure-hook",
363365},
364366run: async (server) => {
365-const response = createResponse();
366-await dispatchRequest(
367-server,
368-createRequest({
369-path: "/secure-hook",
370-authorization: "Bearer test-token",
371-headers: {
372-"x-openclaw-scopes": "operator.read",
373-},
374-}),
375-response.res,
376-);
377-378-expect(response.res.statusCode).toBe(200);
379-expect(response.getBody()).toBe("ok");
367+await expectPluginRequestOk(server, {
368+path: "/secure-hook",
369+authorization: "Bearer test-token",
370+headers: {
371+"x-openclaw-scopes": "operator.read",
372+},
373+});
380374},
381375});
382376@@ -405,18 +399,10 @@ describe("gateway plugin HTTP auth boundary", () => {
405399pathContext.pathname === "/secure-admin-hook",
406400},
407401run: async (server) => {
408-const response = createResponse();
409-await dispatchRequest(
410-server,
411-createRequest({
412-path: "/secure-admin-hook",
413-authorization: "Bearer test-token",
414-}),
415-response.res,
416-);
417-418-expect(response.res.statusCode).toBe(200);
419-expect(response.getBody()).toBe("ok");
402+await expectPluginRequestOk(server, {
403+path: "/secure-admin-hook",
404+authorization: "Bearer test-token",
405+});
420406},
421407});
422408此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。