refactor(mcp): apply Part 1 review I1+I3+I4+I5

- Rename MCPToken -> Token (mcp.Token reads cleaner; zero external callers yet)
- IssueSystemToken: guard against nil ACPSessionID / UserID (early input validation)
- TokenService: inject now func for clock injection (parity with RateLimiter)
- Repository CHECK constraint tests: assert wrapped CodeInternal

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
2026-05-08 10:28:49 +08:00
parent 980c6fcf0e
commit a00f5a9efd
7 changed files with 106 additions and 65 deletions
+4 -4
View File
@@ -18,7 +18,7 @@ import (
func TestAuthMiddleware_BearerHeader(t *testing.T) {
t.Parallel()
repo := newFakeRepo()
svc := mcp.NewTokenService(repo, &fakeAudit{})
svc := mcp.NewTokenService(repo, &fakeAudit{}, nil)
res, err := svc.IssueAdmin(context.Background(), mcp.IssueAdminInput{
UserID: uuid.New(),
@@ -49,7 +49,7 @@ func TestAuthMiddleware_BearerHeader(t *testing.T) {
func TestAuthMiddleware_QueryFallback(t *testing.T) {
t.Parallel()
repo := newFakeRepo()
svc := mcp.NewTokenService(repo, &fakeAudit{})
svc := mcp.NewTokenService(repo, &fakeAudit{}, nil)
res, _ := svc.IssueAdmin(context.Background(), mcp.IssueAdminInput{
UserID: uuid.New(),
@@ -72,7 +72,7 @@ func TestAuthMiddleware_QueryFallback(t *testing.T) {
func TestAuthMiddleware_MissingToken(t *testing.T) {
t.Parallel()
svc := mcp.NewTokenService(newFakeRepo(), &fakeAudit{})
svc := mcp.NewTokenService(newFakeRepo(), &fakeAudit{}, nil)
mw := mcp.NewAuthMiddleware(svc)
h := mw(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
@@ -87,7 +87,7 @@ func TestAuthMiddleware_MissingToken(t *testing.T) {
func TestAuthMiddleware_InvalidToken(t *testing.T) {
t.Parallel()
svc := mcp.NewTokenService(newFakeRepo(), &fakeAudit{})
svc := mcp.NewTokenService(newFakeRepo(), &fakeAudit{}, nil)
mw := mcp.NewAuthMiddleware(svc)
h := mw(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {