openclaw/extensions/web4-governance/src/soft-lct.test.ts
dp-web4 fd457ac3f4 Add web4-governance plugin: R6 audit trails and session identity
Adds a governance extension that creates verifiable audit trails for
agent tool usage using the R6 framework (Rules+Role+Request+Reference+
Resource→Result). Uses the typed after_tool_call hooks wired in #1
to capture every tool invocation with provenance, timing, and
hash-linked chain integrity.

Includes:
- R6 request framework with tool classification
- Hash-linked JSONL audit chain with verification
- Software-bound session identity tokens (Soft LCT)
- Session state tracking with tool/category counts
- CLI commands: audit summary, audit verify, audit last
- 39 unit tests across all modules

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-27 20:24:29 -08:00

38 lines
1.2 KiB
TypeScript

import { describe, expect, it, vi } from "vitest";
import { createSoftLCT } from "./soft-lct.js";
vi.mock("node:os", () => ({
hostname: () => "test-host",
userInfo: () => ({ username: "test-user" }),
}));
describe("createSoftLCT", () => {
it("should return a token with the correct structure", () => {
const token = createSoftLCT("session-123");
expect(token).toMatchObject({
sessionId: "session-123",
bindingType: "software",
});
expect(token.tokenId).toMatch(/^web4:session:[a-f0-9]{8}:session-/);
expect(token.machineHash).toMatch(/^[a-f0-9]{8}$/);
expect(token.createdAt).toBeTruthy();
});
it("should produce a deterministic machineHash for same host+user", () => {
const a = createSoftLCT("s1");
const b = createSoftLCT("s2");
expect(a.machineHash).toBe(b.machineHash);
});
it("should truncate sessionId to first 8 chars in tokenId", () => {
const token = createSoftLCT("abcdefghijklmnop");
expect(token.tokenId).toContain(":abcdefgh");
expect(token.tokenId).not.toContain("ijklmnop");
});
it("should set createdAt to a valid ISO timestamp", () => {
const token = createSoftLCT("s1");
expect(new Date(token.createdAt).toISOString()).toBe(token.createdAt);
});
});