requireMCPServerConfigDecrypted verifies all encrypted fields on an MCPServerConfig match the expected plaintext values and carry the correct key-ID.
( t *testing.T, cfg database.MCPServerConfig, ciphers []Cipher, wantSecret, wantAPIKey, wantHeaders string, )
| 884 | // MCPServerConfig match the expected plaintext values and carry the |
| 885 | // correct key-ID. |
| 886 | func requireMCPServerConfigDecrypted( |
| 887 | t *testing.T, |
| 888 | cfg database.MCPServerConfig, |
| 889 | ciphers []Cipher, |
| 890 | wantSecret, wantAPIKey, wantHeaders string, |
| 891 | ) { |
| 892 | t.Helper() |
| 893 | require.Equal(t, wantSecret, cfg.OAuth2ClientSecret) |
| 894 | require.Equal(t, wantAPIKey, cfg.APIKeyValue) |
| 895 | require.Equal(t, wantHeaders, cfg.CustomHeaders) |
| 896 | require.Equal(t, ciphers[0].HexDigest(), cfg.OAuth2ClientSecretKeyID.String) |
| 897 | require.Equal(t, ciphers[0].HexDigest(), cfg.APIKeyValueKeyID.String) |
| 898 | require.Equal(t, ciphers[0].HexDigest(), cfg.CustomHeadersKeyID.String) |
| 899 | } |
| 900 | |
| 901 | // requireMCPServerConfigRawEncrypted reads the config from the raw |
| 902 | // (unwrapped) store and asserts every secret field is encrypted. |
no test coverage detected