Bart/9router
1
0
Fork 0
mirror of https://github.com/decolua/9router.git synced 2026-05-08 12:01:28 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: add support for Grok Web and Perplexity Web providers

Browse Source
This commit is contained in:
decolua
2026-04-22 11:58:53 +07:00
parent eeb2dc9e30
commit abb04c5366
17 changed files with 1583 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

306
tests/unit/perplexity-web.test.js Normal file
View File

@@ -0,0 +1,306 @@
/**
* Unit tests for perplexity-web executor
*
* Covers:
* - Message parsing (system/user/assistant/developer, multi-part content)
* - Query building for first turn vs follow-up (session continuity)
* - Tools injection into instructions
* - Request body shape (dual query_str top-level + params.query_str is required by upstream)
* - Auth header construction (apiKey → Cookie, accessToken → Bearer)
* - Model mapping (normal + thinking)
* - Error handling (401, 429)
*/
import { describe, it, expect, vi, beforeEach, afterEach } from "vitest";
import {
parseOpenAIMessages,
buildQuery,
buildPplxRequestBody,
formatToolsHint,
PerplexityWebExecutor,
} from "../../open-sse/executors/perplexity-web.js";
const originalFetch = global.fetch;
function mockPplxStream(events) {
const chunks = events.map((e) => `data: ${JSON.stringify(e)}\n\n`).join("") + "data: [DONE]\n\n";
return new Response(new Blob([chunks]).stream(), {
status: 200,
headers: { "Content-Type": "text/event-stream" },
});
}
describe("parseOpenAIMessages", () => {
it("extracts system + history + current msg", () => {
const parsed = parseOpenAIMessages([
{ role: "system", content: "Be helpful" },
{ role: "user", content: "Q1" },
{ role: "assistant", content: "A1" },
{ role: "user", content: "Q2" },
]);
expect(parsed.systemMsg.trim()).toBe("Be helpful");
expect(parsed.history).toEqual([
{ role: "user", content: "Q1" },
{ role: "assistant", content: "A1" },
]);
expect(parsed.currentMsg).toBe("Q2");
});
it("treats developer role as system", () => {
const parsed = parseOpenAIMessages([
{ role: "developer", content: "Be concise" },
{ role: "user", content: "hi" },
]);
expect(parsed.systemMsg.trim()).toBe("Be concise");
expect(parsed.currentMsg).toBe("hi");
});
it("handles multi-part content (array of text blocks)", () => {
const parsed = parseOpenAIMessages([
{ role: "user", content: [{ type: "text", text: "part1" }, { type: "text", text: "part2" }] },
]);
expect(parsed.currentMsg).toBe("part1 part2");
});
it("skips empty content messages", () => {
const parsed = parseOpenAIMessages([
{ role: "user", content: " " },
{ role: "user", content: "real" },
]);
expect(parsed.currentMsg).toBe("real");
});
});
describe("buildQuery", () => {
it("first turn: returns JSON with instructions + query", () => {
const parsed = { systemMsg: "Be helpful\n", history: [], currentMsg: "Hello" };
const q = buildQuery(parsed, null);
const obj = JSON.parse(q);
expect(obj.query).toBe("Hello");
expect(obj.instructions).toContain("Be helpful");
expect(obj.instructions.some((s) => s.includes("web search"))).toBe(true);
});
it("follow-up (with backendUuid): returns plain currentMsg, no JSON", () => {
const parsed = {
systemMsg: "Be helpful",
history: [{ role: "user", content: "Q1" }, { role: "assistant", content: "A1" }],
currentMsg: "Follow up",
};
const q = buildQuery(parsed, "uuid-abc-123");
expect(q).toBe("Follow up");
});
it("includes history when present on first turn", () => {
const parsed = {
systemMsg: "",
history: [{ role: "user", content: "earlier" }],
currentMsg: "now",
};
const obj = JSON.parse(buildQuery(parsed, null));
expect(obj.history).toEqual([{ role: "user", content: "earlier" }]);
expect(obj.query).toBe("now");
});
it("injects tools into instructions on first turn", () => {
const parsed = { systemMsg: "", history: [], currentMsg: "hi" };
const tools = [
{ function: { name: "Shell", description: "Run bash" } },
{ function: { name: "Read", description: "Read file" } },
];
const obj = JSON.parse(buildQuery(parsed, null, tools));
const hint = obj.instructions.find((s) => s.includes("Available tools"));
expect(hint).toBeDefined();
expect(hint).toContain("- Shell: Run bash");
expect(hint).toContain("- Read: Read file");
});
it("ignores tools on follow-up turn (uses session)", () => {
const parsed = { systemMsg: "", history: [{ role: "user", content: "x" }], currentMsg: "y" };
const tools = [{ function: { name: "Shell", description: "d" } }];
const q = buildQuery(parsed, "uuid", tools);
expect(q).toBe("y");
});
it("truncates query if JSON exceeds 96000 chars", () => {
const big = "x".repeat(100000);
const parsed = { systemMsg: big, history: [], currentMsg: "hi" };
const q = buildQuery(parsed, null);
expect(q.length).toBeLessThanOrEqual(96000);
});
});
describe("formatToolsHint", () => {
it("returns empty string for no tools", () => {
expect(formatToolsHint()).toBe("");
expect(formatToolsHint([])).toBe("");
});
it("handles OpenAI tool schema (function wrapper)", () => {
const out = formatToolsHint([{ function: { name: "Foo", description: "does foo" } }]);
expect(out).toContain("- Foo: does foo");
});
it("handles flat tool schema", () => {
const out = formatToolsHint([{ name: "Bar", description: "does bar" }]);
expect(out).toContain("- Bar: does bar");
});
it("truncates long descriptions to first line, max 200 chars", () => {
const longDesc = "line1\nline2\nline3";
const out = formatToolsHint([{ function: { name: "X", description: longDesc } }]);
expect(out).toContain("- X: line1");
expect(out).not.toContain("line2");
});
});
describe("buildPplxRequestBody", () => {
it("sets query_str at both top-level AND params (required by upstream API)", () => {
const body = buildPplxRequestBody("hello world", "concise", "pplx_pro", null);
expect(body.query_str).toBe("hello world");
expect(body.params.query_str).toBe("hello world");
});
it("includes required params", () => {
const body = buildPplxRequestBody("q", "copilot", "claude46sonnet", "uuid-xyz");
expect(body.params.search_focus).toBe("internet");
expect(body.params.mode).toBe("copilot");
expect(body.params.model_preference).toBe("claude46sonnet");
expect(body.params.sources).toEqual(["web"]);
expect(body.params.use_schematized_api).toBe(true);
expect(body.params.is_incognito).toBe(true);
expect(body.params.last_backend_uuid).toBe("uuid-xyz");
expect(body.params.version).toBe("2.18");
});
});
describe("PerplexityWebExecutor.execute", () => {
let capturedUrl;
let capturedOpts;
let capturedBody;
beforeEach(() => {
capturedUrl = null;
capturedOpts = null;
capturedBody = null;
global.fetch = vi.fn(async (url, opts) => {
capturedUrl = url;
capturedOpts = opts;
capturedBody = JSON.parse(opts.body);
return mockPplxStream([
{
blocks: [{ intended_usage: "markdown", markdown_block: { chunks: ["answer"], progress: "DONE" } }],
status: "COMPLETED",
backend_uuid: "resp-uuid-1",
},
]);
});
});
afterEach(() => {
global.fetch = originalFetch;
});
it("maps pplx-auto → mode=concise, pref=pplx_pro", async () => {
const exec = new PerplexityWebExecutor();
await exec.execute({
model: "pplx-auto",
body: { messages: [{ role: "user", content: "hi" }], stream: false },
stream: false,
credentials: { apiKey: "cookie-abc" },
});
expect(capturedBody.params.mode).toBe("concise");
expect(capturedBody.params.model_preference).toBe("pplx_pro");
});
it("applies THINKING_MAP when reasoning_effort is set", async () => {
const exec = new PerplexityWebExecutor();
await exec.execute({
model: "pplx-opus",
body: { messages: [{ role: "user", content: "hi" }], stream: false, reasoning_effort: "high" },
stream: false,
credentials: { apiKey: "cookie-abc" },
});
expect(capturedBody.params.mode).toBe("copilot");
expect(capturedBody.params.model_preference).toBe("claude46opusthinking");
});
it("sends Cookie header when credentials.apiKey provided", async () => {
const exec = new PerplexityWebExecutor();
await exec.execute({
model: "pplx-auto",
body: { messages: [{ role: "user", content: "hi" }], stream: false },
stream: false,
credentials: { apiKey: "my-session-token" },
});
expect(capturedOpts.headers.Cookie).toBe("__Secure-next-auth.session-token=my-session-token");
expect(capturedOpts.headers.Authorization).toBeUndefined();
});
it("sends Bearer header when credentials.accessToken provided", async () => {
const exec = new PerplexityWebExecutor();
await exec.execute({
model: "pplx-auto",
body: { messages: [{ role: "user", content: "hi" }], stream: false },
stream: false,
credentials: { accessToken: "tok-1" },
});
expect(capturedOpts.headers.Authorization).toBe("Bearer tok-1");
});
it("injects body.tools into query_str instructions", async () => {
const exec = new PerplexityWebExecutor();
await exec.execute({
model: "pplx-auto",
body: {
messages: [{ role: "user", content: "what tools do you have?" }],
tools: [{ function: { name: "Shell", description: "Execute commands" } }],
stream: false,
},
stream: false,
credentials: { apiKey: "c" },
});
const queryObj = JSON.parse(capturedBody.query_str);
const toolsHint = queryObj.instructions.find((s) => s.includes("Available tools"));
expect(toolsHint).toContain("- Shell: Execute commands");
});
it("returns 400 on missing messages", async () => {
const exec = new PerplexityWebExecutor();
const { response } = await exec.execute({
model: "pplx-auto",
body: {},
stream: false,
credentials: { apiKey: "c" },
});
expect(response.status).toBe(400);
});
it("surfaces upstream 401 with friendly auth message", async () => {
global.fetch = vi.fn(async () => new Response(JSON.stringify({ error: "bad" }), { status: 401 }));
const exec = new PerplexityWebExecutor();
const { response } = await exec.execute({
model: "pplx-auto",
body: { messages: [{ role: "user", content: "hi" }] },
stream: false,
credentials: { apiKey: "bad-cookie" },
});
expect(response.status).toBe(401);
const j = await response.json();
expect(j.error.message).toMatch(/auth failed|expired/i);
});
it("surfaces 429 with rate-limit message", async () => {
global.fetch = vi.fn(async () => new Response("", { status: 429 }));
const exec = new PerplexityWebExecutor();
const { response } = await exec.execute({
model: "pplx-auto",
body: { messages: [{ role: "user", content: "hi" }] },
stream: false,
credentials: { apiKey: "c" },
});
expect(response.status).toBe(429);
const j = await response.json();
expect(j.error.message).toMatch(/rate limited/i);
});
});

187
tests/unit/web-cookie-validation.test.js Normal file
View File

@@ -0,0 +1,187 @@
/**
* Unit tests for grok-web & perplexity-web cookie validation logic
*
* Covers:
* - Cookie prefix stripping (sso=, __Secure-next-auth.session-token=)
* - 401/403 → invalid with error message
* - Non-auth responses (200, 400, 429) → valid (Cloudflare-bypass probe)
* - Required browser-fingerprint headers sent to Grok
*/
import { describe, it, expect, vi, beforeEach, afterEach } from "vitest";
const originalFetch = global.fetch;
// Replicates the validation logic from app/src/app/api/providers/validate/route.js
async function validateGrokWeb(apiKey) {
const token = apiKey.startsWith("sso=") ? apiKey.slice(4) : apiKey;
const randomHex = (n) => {
const a = new Uint8Array(n);
crypto.getRandomValues(a);
return Array.from(a, (b) => b.toString(16).padStart(2, "0")).join("");
};
const statsigId = Buffer.from("e:TypeError: Cannot read properties of null (reading 'children')").toString("base64");
const traceId = randomHex(16);
const spanId = randomHex(8);
const res = await fetch("https://grok.com/rest/app-chat/conversations/new", {
method: "POST",
headers: {
Accept: "*/*",
"Content-Type": "application/json",
Cookie: `sso=${token}`,
Origin: "https://grok.com",
Referer: "https://grok.com/",
"User-Agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36",
"x-statsig-id": statsigId,
"x-xai-request-id": crypto.randomUUID(),
traceparent: `00-${traceId}-${spanId}-00`,
},
body: JSON.stringify({ temporary: true, modelName: "grok-4", message: "ping" }),
});
if (res.status === 401 || res.status === 403) {
return { valid: false, error: "Invalid SSO cookie — re-paste from grok.com DevTools → Cookies → sso" };
}
return { valid: true, error: null };
}
async function validatePerplexityWeb(apiKey) {
let sessionToken = apiKey;
if (sessionToken.startsWith("__Secure-next-auth.session-token=")) {
sessionToken = sessionToken.slice("__Secure-next-auth.session-token=".length);
}
const res = await fetch("https://www.perplexity.ai/rest/sse/perplexity_ask", {
method: "POST",
headers: {
"Content-Type": "application/json",
Accept: "text/event-stream",
Origin: "https://www.perplexity.ai",
Referer: "https://www.perplexity.ai/",
Cookie: `__Secure-next-auth.session-token=${sessionToken}`,
},
body: JSON.stringify({ query_str: "ping" }),
});
if (res.status === 401 || res.status === 403) {
return { valid: false, error: "Invalid session cookie — re-paste __Secure-next-auth.session-token from perplexity.ai" };
}
return { valid: true, error: null };
}
describe("grok-web validation", () => {
beforeEach(() => vi.clearAllMocks());
afterEach(() => { global.fetch = originalFetch; });
it("should return valid:true when response is 200", async () => {
global.fetch = vi.fn().mockResolvedValue({ status: 200 });
const result = await validateGrokWeb("test-token");
expect(result.valid).toBe(true);
expect(result.error).toBeNull();
});
it("should return valid:true when response is 400 (auth accepted but bad body)", async () => {
global.fetch = vi.fn().mockResolvedValue({ status: 400 });
const result = await validateGrokWeb("test-token");
expect(result.valid).toBe(true);
});
it("should return valid:true when response is 429 (rate limited but auth ok)", async () => {
global.fetch = vi.fn().mockResolvedValue({ status: 429 });
const result = await validateGrokWeb("test-token");
expect(result.valid).toBe(true);
});
it("should return valid:false with error when response is 401", async () => {
global.fetch = vi.fn().mockResolvedValue({ status: 401 });
const result = await validateGrokWeb("bad-token");
expect(result.valid).toBe(false);
expect(result.error).toContain("Invalid SSO cookie");
});
it("should return valid:false with error when response is 403", async () => {
global.fetch = vi.fn().mockResolvedValue({ status: 403 });
const result = await validateGrokWeb("bad-token");
expect(result.valid).toBe(false);
expect(result.error).toContain("Invalid SSO cookie");
});
it("should strip sso= prefix from apiKey", async () => {
global.fetch = vi.fn().mockResolvedValue({ status: 200 });
await validateGrokWeb("sso=abc123");
const callArgs = global.fetch.mock.calls[0][1];
expect(callArgs.headers.Cookie).toBe("sso=abc123");
});
it("should accept raw token without sso= prefix", async () => {
global.fetch = vi.fn().mockResolvedValue({ status: 200 });
await validateGrokWeb("abc123");
const callArgs = global.fetch.mock.calls[0][1];
expect(callArgs.headers.Cookie).toBe("sso=abc123");
});
it("should POST to /rest/app-chat/conversations/new", async () => {
global.fetch = vi.fn().mockResolvedValue({ status: 200 });
await validateGrokWeb("token");
expect(global.fetch).toHaveBeenCalledWith(
"https://grok.com/rest/app-chat/conversations/new",
expect.objectContaining({ method: "POST" }),
);
});
it("should send Cloudflare-bypass headers", async () => {
global.fetch = vi.fn().mockResolvedValue({ status: 200 });
await validateGrokWeb("token");
const headers = global.fetch.mock.calls[0][1].headers;
expect(headers.Origin).toBe("https://grok.com");
expect(headers.Referer).toBe("https://grok.com/");
expect(headers["User-Agent"]).toContain("Chrome");
expect(headers["x-statsig-id"]).toBeTruthy();
expect(headers["x-xai-request-id"]).toBeTruthy();
expect(headers.traceparent).toMatch(/^00-[0-9a-f]{32}-[0-9a-f]{16}-00$/);
});
});
describe("perplexity-web validation", () => {
beforeEach(() => vi.clearAllMocks());
afterEach(() => { global.fetch = originalFetch; });
it("should return valid:true when response is 200", async () => {
global.fetch = vi.fn().mockResolvedValue({ status: 200 });
const result = await validatePerplexityWeb("test-token");
expect(result.valid).toBe(true);
});
it("should return valid:false when response is 401", async () => {
global.fetch = vi.fn().mockResolvedValue({ status: 401 });
const result = await validatePerplexityWeb("bad-token");
expect(result.valid).toBe(false);
expect(result.error).toContain("Invalid session cookie");
});
it("should return valid:false when response is 403", async () => {
global.fetch = vi.fn().mockResolvedValue({ status: 403 });
const result = await validatePerplexityWeb("bad-token");
expect(result.valid).toBe(false);
});
it("should strip __Secure-next-auth.session-token= prefix", async () => {
global.fetch = vi.fn().mockResolvedValue({ status: 200 });
await validatePerplexityWeb("__Secure-next-auth.session-token=xyz789");
const headers = global.fetch.mock.calls[0][1].headers;
expect(headers.Cookie).toBe("__Secure-next-auth.session-token=xyz789");
});
it("should accept raw token without prefix", async () => {
global.fetch = vi.fn().mockResolvedValue({ status: 200 });
await validatePerplexityWeb("xyz789");
const headers = global.fetch.mock.calls[0][1].headers;
expect(headers.Cookie).toBe("__Secure-next-auth.session-token=xyz789");
});
it("should POST to /rest/sse/perplexity_ask", async () => {
global.fetch = vi.fn().mockResolvedValue({ status: 200 });
await validatePerplexityWeb("token");
expect(global.fetch).toHaveBeenCalledWith(
"https://www.perplexity.ai/rest/sse/perplexity_ask",
expect.objectContaining({ method: "POST" }),
);
});
});