import { describe, expect, it } from 'vitest' import type { GenericAIPageState } from '../../generic-ai-auth' import { doubaoHasBoundAccountPageSignal, isDoubaoLoggedInCredentialCookie, isDoubaoLoggedInCredentialCookieName, } from './auth-rules' function pageState(overrides: Partial = {}): GenericAIPageState { return { displayName: null, avatarUrl: null, fingerprint: null, credentialFingerprint: null, currentPath: '/chat/', strongAuthSignalCount: 0, loginSignalCount: 0, loggedOutSignalCount: 0, challengeSignalCount: 0, ...overrides, } } describe('doubao auth rules', () => { it('requires the Doubao sidebar account signal before accepting cookies', () => { const anonymousState = pageState({ displayName: null, avatarUrl: null, strongAuthSignalCount: 0, }) const boundState = pageState({ displayName: 'Geek', avatarUrl: 'https://p3-passport.byteacctimg.com/img/user-avatar/demo.image', strongAuthSignalCount: 3, }) expect(doubaoHasBoundAccountPageSignal(anonymousState)).toBe(false) expect(doubaoHasBoundAccountPageSignal(boundState)).toBe(true) expect( isDoubaoLoggedInCredentialCookie( { name: 'sessionid', value: '53c11756399eceb02df08e7486230006' }, anonymousState, ), ).toBe(false) expect( isDoubaoLoggedInCredentialCookie( { name: 'sessionid', value: '53c11756399eceb02df08e7486230006' }, boundState, ), ).toBe(true) }) it('keeps Doubao login cookie names explicit and rejects anonymous cookies', () => { expect(isDoubaoLoggedInCredentialCookieName('sessionid')).toBe(true) expect(isDoubaoLoggedInCredentialCookieName('sid_guard')).toBe(true) expect(isDoubaoLoggedInCredentialCookieName('flow_cur_user_sec_id')).toBe(true) expect(isDoubaoLoggedInCredentialCookieName('passport_csrf_token')).toBe(false) expect(isDoubaoLoggedInCredentialCookieName('hook_slardar_session_id')).toBe(false) expect(isDoubaoLoggedInCredentialCookieName('ttwid')).toBe(false) expect(isDoubaoLoggedInCredentialCookieName('s_v_web_id')).toBe(false) }) })