2 Commits

Author SHA1 Message Date
Julien Calixte
7623fff227 fix(test): match getSession URL by suffix, not /getSession path
All checks were successful
CI / check (push) Successful in 13s
The PDS endpoint URL is /xrpc/com.atproto.server.getSession —
those are dots before getSession, not slashes, so the previous
includes("/getSession") filter never matched and the Authorization
header assertion silently short-circuited via optional chaining.
2026-06-07 22:31:26 +02:00
Julien Calixte
3611add21a test(auth): cover JWT decoding and authenticateRequest flow 2026-06-07 22:21:48 +02:00