molecule-ai/molecule-core
44
0
Fork 2
Code Issues 134 Pull Requests 156 Actions Packages Projects Releases Wiki Activity
Files
test/699-socket-handler-coverage
molecule-core/workspace-server
T
History
fullstack-engineer ceccfeafa8
sop-tier-check / tier-check (pull_request) Successful in 17s
Details
Secret scan / Scan diff for credential-shaped strings (pull_request) Successful in 17s
Details
audit-force-merge / audit (pull_request) Has been skipped
Details
test(handlers/socket): add socket_test.go — 6 cases for Phase 30.1/30.2 auth gate 
Tests SocketHandler.HandleConnect WebSocket upgrade auth logic:

1. Canvas client (no X-Workspace-ID) → bypasses auth, no DB calls
2. Agent with no live tokens → grandfathered through, no bearer check
3. DB error on HasAnyLiveToken → 500 Internal Server Error
4. Live token present, missing Bearer header → 401 Unauthorized
5. Live token present, invalid Bearer token → 401 Unauthorized

Uses sqlmock for DB expectations + miniredis for wsauth token subsystem.
Hub.Run() drains the Register channel so WS upgrade attempts don't block.

Issue: #699

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-12 09:15:17 +00:00
..
cmd
docs(runbook): add admin-auth.md covering test-token route lockdown
2026-05-10 02:20:30 +00:00
internal
test(handlers/socket): add socket_test.go — 6 cases for Phase 30.1/30.2 auth gate
2026-05-12 09:15:17 +00:00
migrations
feat(plugins): plugin drift detector + queue + admin apply endpoint (#123)
2026-05-10 00:39:50 +00:00
pkg/provisionhook
feat(#1957): wire gh-identity plugin into workspace-server
2026-04-24 15:01:41 +00:00
.air.toml
feat(local-dev): air-based hot-reload for workspace-server
2026-05-08 08:10:50 -07:00
.ci-force
chore: force Platform(Go) CI run on main — validate go vet clean
2026-04-21 15:43:19 +00:00
.gitignore
feat(local-dev): containerize platform + canvas stack via docker-compose (closes #126)
2026-05-08 10:53:39 -07:00
.golangci.yaml
chore(workspace-server): add golangci.yaml disabling errcheck
2026-04-24 07:16:54 +00:00
Dockerfile
ci(docker): pin base image digests in all Dockerfiles
2026-05-09 23:56:39 +00:00
Dockerfile.dev
ci(docker): pin base image digests in all Dockerfiles
2026-05-09 23:56:39 +00:00
Dockerfile.tenant
fix(dockerfile-tenant): chown /org-templates to canvas user so !external resolver can mkdir cache
2026-05-09 19:40:52 -07:00
entrypoint-tenant.sh
fix(memory-plugin): gate sidecar spawn on cutover-active
2026-05-05 12:39:03 -07:00
go.mod
fix(platform): add CWE-22 guard to loadWorkspaceEnv (closes #321)
2026-05-11 11:36:14 +00:00
go.sum
[core-lead-agent] fix(core#228): cascade fixes for PluginResolver — make main compile
2026-05-10 09:46:35 +00:00