developer/galaxy-game
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

feat: notification service

Browse Source
This commit is contained in:
Ilia Denisov
2026-04-22 08:49:45 +02:00
committed by GitHub
parent 5b7593e6f6
commit 32dc29359a
135 changed files with 21828 additions and 130 deletions
Download Patch File Download Diff File Expand all files Collapse all files
integration/README.md
+34 -3
View File
@@ -14,6 +14,8 @@ integration/
├── gatewayauthsessionmail/
│ ├── gateway_authsession_mail_test.go
│ └── harness_test.go
├── gatewayauthsessionusermail/
│ └── gateway_authsession_user_mail_test.go
├── authsessionuser/
│ ├── authsession_user_test.go
│ └── harness_test.go
@@ -26,6 +28,12 @@ integration/
├── gatewayuser/
│ ├── gateway_user_test.go
│ └── harness_test.go
├── notificationgateway/
│ └── notification_gateway_test.go
├── notificationmail/
│ └── notification_mail_test.go
├── notificationuser/
│ └── notification_user_test.go
├── go.mod
├── go.sum
└── internal/
@@ -60,12 +68,27 @@ integration/
- `gatewayauthsessionmail` verifies the public auth flow across real `Edge Gateway`, real `Auth / Session Service`, and real `Mail Service`.
- `gatewayuser` verifies the direct authenticated self-service boundary between real `Edge Gateway` and real `User Service`.
- `gatewayauthsessionuser` verifies the full public-auth plus authenticated-account chain across real `Edge Gateway`, real `Auth / Session Service`, and real `User Service`.
- `notificationgateway` verifies that real `Notification Service` push
publication is consumed and fanned out by real `Edge Gateway` for all
user-facing push types.
- `notificationmail` verifies that real `Notification Service` template-mode
mail publication is consumed by real `Mail Service` for all notification
email types.
- `notificationuser` verifies that real `Notification Service` enriches
recipients through real `User Service` and preserves Redis stream progress
semantics for missing or temporarily unavailable users.
- `gatewayauthsessionusermail` verifies the full public registration chain
across real `Edge Gateway`, real `Auth / Session Service`, real
`User Service`, and real `Mail Service`, including the regression that
auth-code mail bypasses `notification:intents`.
The current fast suites still use one isolated `miniredis` instance plus either
real downstream processes or external stateful HTTP stubs where appropriate.
`authsessionmail` and `gatewayauthsessionmail` are the deliberate exceptions:
they use one real Redis container through `testcontainers-go`, because those
boundaries must exercise the real Redis-backed `Mail Service` runtime.
`authsessionmail`, `gatewayauthsessionmail`, `notificationgateway`,
`notificationmail`, `notificationuser`, and `gatewayauthsessionusermail` are
the deliberate exceptions: they use one real Redis container through
`testcontainers-go`, because those boundaries must exercise real Redis stream,
persistence, or scheduling behavior.
`authsessionmail` additionally contains one targeted SMTP-capture scenario for
the real `smtp` provider path, while `gatewayauthsessionmail` keeps `Mail
Service` in `stub` mode and extracts the confirmation code through the trusted
@@ -83,6 +106,10 @@ go test ./authsessionmail/...
go test ./gatewayauthsessionmail/...
go test ./gatewayuser/...
go test ./gatewayauthsessionuser/...
go test ./notificationgateway/...
go test ./notificationmail/...
go test ./notificationuser/...
go test ./gatewayauthsessionusermail/...
```
Useful regression commands after boundary changes:
@@ -94,6 +121,10 @@ go test ./authsessionmail/...
go test ./gatewayauthsessionmail/...
go test ./gatewayuser/...
go test ./gatewayauthsessionuser/...
go test ./notificationgateway/...
go test ./notificationmail/...
go test ./notificationuser/...
go test ./gatewayauthsessionusermail/...
cd ../gateway && go test ./...
cd ../authsession && go test ./... -run GatewayCompatibility
cd ../user && go test ./...
integration/gatewayauthsessionmail/gateway_authsession_mail_test.go
+19
View File
@@ -85,3 +85,22 @@ func TestGatewayAuthsessionMailUnavailablePassesThroughGatewaySurface(t *testing
require.Equal(t, http.StatusServiceUnavailable, response.StatusCode)
require.JSONEq(t, `{"error":{"code":"service_unavailable","message":"service is unavailable"}}`, response.Body)
}
func TestGatewayAuthsessionMailAuthCodeBypassesNotificationStream(t *testing.T) {
h := newGatewayAuthsessionMailHarness(t)
h.sendChallengeWithAcceptLanguage(t, testEmail, "en")
list := h.eventuallyListDeliveries(t, url.Values{
"source": []string{"authsession"},
"recipient": []string{testEmail},
"template_id": []string{"auth.login_code"},
})
require.Len(t, list.Items, 1)
require.Equal(t, "authsession", list.Items[0].Source)
require.Equal(t, "auth.login_code", list.Items[0].TemplateID)
length, err := h.redis.XLen(context.Background(), "notification:intents").Result()
require.NoError(t, err)
require.Zero(t, length)
}
integration/gatewayauthsessionusermail/gateway_authsession_user_mail_test.go
+691
View File
@@ -0,0 +1,691 @@
package gatewayauthsessionusermail_test
import (
"bytes"
"context"
"crypto/ed25519"
"crypto/sha256"
"encoding/base64"
"encoding/json"
"errors"
"io"
"net/http"
"net/url"
"path/filepath"
"runtime"
"testing"
"time"
gatewayv1 "galaxy/gateway/proto/galaxy/gateway/v1"
contractsgatewayv1 "galaxy/integration/internal/contracts/gatewayv1"
"galaxy/integration/internal/harness"
"github.com/redis/go-redis/v9"
"github.com/stretchr/testify/require"
"google.golang.org/grpc"
"google.golang.org/grpc/credentials/insecure"
)
const (
gatewaySendEmailCodePath = "/api/v1/public/auth/send-email-code"
gatewayConfirmEmailCodePath = "/api/v1/public/auth/confirm-email-code"
mailDeliveriesPath = "/api/v1/internal/deliveries"
testEmail = "pilot@example.com"
testTimeZone = "Europe/Kaliningrad"
)
func TestGatewayAuthsessionUserMailRegistrationCreatesUserProjectsSessionAndBypassesNotification(t *testing.T) {
h := newGatewayAuthsessionUserMailHarness(t)
clientPrivateKey := newClientPrivateKey("full-chain")
challengeID := h.sendChallengeWithAcceptLanguage(t, testEmail, "fr-FR, en;q=0.8")
list := h.eventuallyListDeliveries(t, url.Values{
"source": []string{"authsession"},
"recipient": []string{testEmail},
"template_id": []string{"auth.login_code"},
})
require.Len(t, list.Items, 1)
require.Equal(t, "authsession", list.Items[0].Source)
require.Equal(t, "auth.login_code", list.Items[0].TemplateID)
require.Equal(t, "fr-FR", list.Items[0].Locale)
require.Equal(t, []string{testEmail}, list.Items[0].To)
detail := h.getDelivery(t, list.Items[0].DeliveryID)
code := templateVariableString(t, detail.TemplateVariables, "code")
confirm := h.confirmCode(t, challengeID, code, clientPrivateKey)
require.Equal(t, http.StatusOK, confirm.StatusCode, confirm.Body)
var confirmBody confirmEmailCodeResponse
require.NoError(t, decodeStrictJSONPayload([]byte(confirm.Body), &confirmBody))
require.NotEmpty(t, confirmBody.DeviceSessionID)
account := h.lookupUserByEmail(t, testEmail)
require.Equal(t, testEmail, account.User.Email)
require.Equal(t, "fr-FR", account.User.PreferredLanguage)
require.Equal(t, testTimeZone, account.User.TimeZone)
require.NotEmpty(t, account.User.UserID)
record := h.waitForGatewaySession(t, confirmBody.DeviceSessionID)
require.Equal(t, gatewaySessionRecord{
DeviceSessionID: confirmBody.DeviceSessionID,
UserID: account.User.UserID,
ClientPublicKey: encodePublicKey(clientPrivateKey.Public().(ed25519.PublicKey)),
Status: "active",
}, record)
conn := h.dialGateway(t)
client := gatewayv1.NewEdgeGatewayClient(conn)
stream, err := client.SubscribeEvents(context.Background(), newSubscribeEventsRequest(confirmBody.DeviceSessionID, "request-bootstrap", clientPrivateKey))
require.NoError(t, err)
assertBootstrapEvent(t, recvGatewayEvent(t, stream), h.responseSignerPublicKey, "request-bootstrap")
length, err := h.redis.XLen(context.Background(), "notification:intents").Result()
require.NoError(t, err)
require.Zero(t, length)
}
type gatewayAuthsessionUserMailHarness struct {
redis *redis.Client
userServiceURL string
gatewayPublicURL string
gatewayGRPCAddr string
mailInternalURL string
responseSignerPublicKey ed25519.PublicKey
gatewayProcess *harness.Process
authsessionProcess *harness.Process
userServiceProcess *harness.Process
mailProcess *harness.Process
}
type httpResponse struct {
StatusCode int
Body string
Header http.Header
}
type sendEmailCodeResponse struct {
ChallengeID string `json:"challenge_id"`
}
type confirmEmailCodeResponse struct {
DeviceSessionID string `json:"device_session_id"`
}
type gatewaySessionRecord struct {
DeviceSessionID string `json:"device_session_id"`
UserID string `json:"user_id"`
ClientPublicKey string `json:"client_public_key"`
Status string `json:"status"`
RevokedAtMS *int64 `json:"revoked_at_ms,omitempty"`
}
type mailDeliveryListResponse struct {
Items []mailDeliverySummary `json:"items"`
}
type mailDeliverySummary struct {
DeliveryID string `json:"delivery_id"`
Source string `json:"source"`
TemplateID string `json:"template_id"`
Locale string `json:"locale"`
To []string `json:"to"`
Status string `json:"status"`
}
type mailDeliveryDetailResponse struct {
DeliveryID string `json:"delivery_id"`
Source string `json:"source"`
TemplateID string `json:"template_id"`
Locale string `json:"locale"`
To []string `json:"to"`
IdempotencyKey string `json:"idempotency_key"`
Status string `json:"status"`
TemplateVariables map[string]any `json:"template_variables,omitempty"`
}
type userLookupResponse struct {
User accountView `json:"user"`
}
type accountView struct {
UserID string `json:"user_id"`
Email string `json:"email"`
PreferredLanguage string `json:"preferred_language"`
TimeZone string `json:"time_zone"`
}
func newGatewayAuthsessionUserMailHarness(t *testing.T) *gatewayAuthsessionUserMailHarness {
t.Helper()
redisRuntime := harness.StartRedisContainer(t)
redisClient := redis.NewClient(&redis.Options{
Addr: redisRuntime.Addr,
Protocol: 2,
DisableIdentity: true,
})
t.Cleanup(func() {
require.NoError(t, redisClient.Close())
})
responseSignerPath, responseSignerPublicKey := harness.WriteResponseSignerPEM(t, t.Name())
userServiceAddr := harness.FreeTCPAddress(t)
mailInternalAddr := harness.FreeTCPAddress(t)
authsessionPublicAddr := harness.FreeTCPAddress(t)
authsessionInternalAddr := harness.FreeTCPAddress(t)
gatewayPublicAddr := harness.FreeTCPAddress(t)
gatewayGRPCAddr := harness.FreeTCPAddress(t)
userServiceBinary := harness.BuildBinary(t, "userservice", "./user/cmd/userservice")
mailBinary := harness.BuildBinary(t, "mail", "./mail/cmd/mail")
authsessionBinary := harness.BuildBinary(t, "authsession", "./authsession/cmd/authsession")
gatewayBinary := harness.BuildBinary(t, "gateway", "./gateway/cmd/gateway")
userServiceProcess := harness.StartProcess(t, "userservice", userServiceBinary, map[string]string{
"USERSERVICE_LOG_LEVEL": "info",
"USERSERVICE_INTERNAL_HTTP_ADDR": userServiceAddr,
"USERSERVICE_REDIS_ADDR": redisRuntime.Addr,
"OTEL_TRACES_EXPORTER": "none",
"OTEL_METRICS_EXPORTER": "none",
})
waitForUserServiceReady(t, userServiceProcess, "http://"+userServiceAddr)
mailProcess := harness.StartProcess(t, "mail", mailBinary, map[string]string{
"MAIL_LOG_LEVEL": "info",
"MAIL_INTERNAL_HTTP_ADDR": mailInternalAddr,
"MAIL_REDIS_ADDR": redisRuntime.Addr,
"MAIL_TEMPLATE_DIR": moduleTemplateDir(t),
"MAIL_SMTP_MODE": "stub",
"MAIL_STREAM_BLOCK_TIMEOUT": "100ms",
"MAIL_OPERATOR_REQUEST_TIMEOUT": time.Second.String(),
"MAIL_SHUTDOWN_TIMEOUT": "2s",
"OTEL_TRACES_EXPORTER": "none",
"OTEL_METRICS_EXPORTER": "none",
})
waitForMailReady(t, mailProcess, "http://"+mailInternalAddr)
authsessionProcess := harness.StartProcess(t, "authsession", authsessionBinary, map[string]string{
"AUTHSESSION_LOG_LEVEL": "info",
"AUTHSESSION_PUBLIC_HTTP_ADDR": authsessionPublicAddr,
"AUTHSESSION_PUBLIC_HTTP_REQUEST_TIMEOUT": time.Second.String(),
"AUTHSESSION_INTERNAL_HTTP_ADDR": authsessionInternalAddr,
"AUTHSESSION_INTERNAL_HTTP_REQUEST_TIMEOUT": time.Second.String(),
"AUTHSESSION_REDIS_ADDR": redisRuntime.Addr,
"AUTHSESSION_USER_SERVICE_MODE": "rest",
"AUTHSESSION_USER_SERVICE_BASE_URL": "http://" + userServiceAddr,
"AUTHSESSION_USER_SERVICE_REQUEST_TIMEOUT": time.Second.String(),
"AUTHSESSION_MAIL_SERVICE_MODE": "rest",
"AUTHSESSION_MAIL_SERVICE_BASE_URL": "http://" + mailInternalAddr,
"AUTHSESSION_MAIL_SERVICE_REQUEST_TIMEOUT": time.Second.String(),
"AUTHSESSION_REDIS_GATEWAY_SESSION_CACHE_KEY_PREFIX": "gateway:session:",
"AUTHSESSION_REDIS_GATEWAY_SESSION_EVENTS_STREAM": "gateway:session_events",
"OTEL_TRACES_EXPORTER": "none",
"OTEL_METRICS_EXPORTER": "none",
})
waitForAuthsessionPublicReady(t, authsessionProcess, "http://"+authsessionPublicAddr)
gatewayProcess := harness.StartProcess(t, "gateway", gatewayBinary, map[string]string{
"GATEWAY_LOG_LEVEL": "info",
"GATEWAY_PUBLIC_HTTP_ADDR": gatewayPublicAddr,
"GATEWAY_AUTHENTICATED_GRPC_ADDR": gatewayGRPCAddr,
"GATEWAY_SESSION_CACHE_REDIS_ADDR": redisRuntime.Addr,
"GATEWAY_SESSION_CACHE_REDIS_KEY_PREFIX": "gateway:session:",
"GATEWAY_SESSION_EVENTS_REDIS_STREAM": "gateway:session_events",
"GATEWAY_CLIENT_EVENTS_REDIS_STREAM": "gateway:client_events",
"GATEWAY_REPLAY_REDIS_KEY_PREFIX": "gateway:replay:",
"GATEWAY_RESPONSE_SIGNER_PRIVATE_KEY_PEM_PATH": filepath.Clean(responseSignerPath),
"GATEWAY_AUTH_SERVICE_BASE_URL": "http://" + authsessionPublicAddr,
"GATEWAY_PUBLIC_AUTH_UPSTREAM_TIMEOUT": (500 * time.Millisecond).String(),
"GATEWAY_PUBLIC_HTTP_ANTI_ABUSE_PUBLIC_AUTH_RATE_LIMIT_REQUESTS": "100",
"GATEWAY_PUBLIC_HTTP_ANTI_ABUSE_PUBLIC_AUTH_RATE_LIMIT_WINDOW": "1s",
"GATEWAY_PUBLIC_HTTP_ANTI_ABUSE_PUBLIC_AUTH_RATE_LIMIT_BURST": "100",
"GATEWAY_PUBLIC_HTTP_ANTI_ABUSE_SEND_EMAIL_CODE_IDENTITY_RATE_LIMIT_REQUESTS": "100",
"GATEWAY_PUBLIC_HTTP_ANTI_ABUSE_SEND_EMAIL_CODE_IDENTITY_RATE_LIMIT_WINDOW": "1s",
"GATEWAY_PUBLIC_HTTP_ANTI_ABUSE_SEND_EMAIL_CODE_IDENTITY_RATE_LIMIT_BURST": "100",
"GATEWAY_PUBLIC_HTTP_ANTI_ABUSE_CONFIRM_EMAIL_CODE_IDENTITY_RATE_LIMIT_REQUESTS": "100",
"GATEWAY_PUBLIC_HTTP_ANTI_ABUSE_CONFIRM_EMAIL_CODE_IDENTITY_RATE_LIMIT_WINDOW": "1s",
"GATEWAY_PUBLIC_HTTP_ANTI_ABUSE_CONFIRM_EMAIL_CODE_IDENTITY_RATE_LIMIT_BURST": "100",
"OTEL_TRACES_EXPORTER": "none",
"OTEL_METRICS_EXPORTER": "none",
})
harness.WaitForHTTPStatus(t, gatewayProcess, "http://"+gatewayPublicAddr+"/healthz", http.StatusOK)
harness.WaitForTCP(t, gatewayProcess, gatewayGRPCAddr)
return &gatewayAuthsessionUserMailHarness{
redis: redisClient,
userServiceURL: "http://" + userServiceAddr,
gatewayPublicURL: "http://" + gatewayPublicAddr,
gatewayGRPCAddr: gatewayGRPCAddr,
mailInternalURL: "http://" + mailInternalAddr,
responseSignerPublicKey: responseSignerPublicKey,
gatewayProcess: gatewayProcess,
authsessionProcess: authsessionProcess,
userServiceProcess: userServiceProcess,
mailProcess: mailProcess,
}
}
func (h *gatewayAuthsessionUserMailHarness) sendChallengeWithAcceptLanguage(t *testing.T, email string, acceptLanguage string) string {
t.Helper()
response := postJSONValueWithHeaders(
t,
h.gatewayPublicURL+gatewaySendEmailCodePath,
map[string]string{"email": email},
map[string]string{"Accept-Language": acceptLanguage},
)
require.Equal(t, http.StatusOK, response.StatusCode, response.Body)
var body sendEmailCodeResponse
require.NoError(t, decodeStrictJSONPayload([]byte(response.Body), &body))
require.NotEmpty(t, body.ChallengeID)
return body.ChallengeID
}
func (h *gatewayAuthsessionUserMailHarness) confirmCode(t *testing.T, challengeID string, code string, clientPrivateKey ed25519.PrivateKey) httpResponse {
t.Helper()
return postJSONValue(t, h.gatewayPublicURL+gatewayConfirmEmailCodePath, map[string]string{
"challenge_id": challengeID,
"code": code,
"client_public_key": encodePublicKey(clientPrivateKey.Public().(ed25519.PublicKey)),
"time_zone": testTimeZone,
})
}
func (h *gatewayAuthsessionUserMailHarness) eventuallyListDeliveries(t *testing.T, query url.Values) mailDeliveryListResponse {
t.Helper()
var response mailDeliveryListResponse
require.Eventually(t, func() bool {
response = h.listDeliveries(t, query)
return len(response.Items) > 0
}, 10*time.Second, 50*time.Millisecond)
return response
}
func (h *gatewayAuthsessionUserMailHarness) listDeliveries(t *testing.T, query url.Values) mailDeliveryListResponse {
t.Helper()
target := h.mailInternalURL + mailDeliveriesPath
if encoded := query.Encode(); encoded != "" {
target += "?" + encoded
}
request, err := http.NewRequest(http.MethodGet, target, nil)
require.NoError(t, err)
return doJSONRequest[mailDeliveryListResponse](t, request, http.StatusOK)
}
func (h *gatewayAuthsessionUserMailHarness) getDelivery(t *testing.T, deliveryID string) mailDeliveryDetailResponse {
t.Helper()
request, err := http.NewRequest(http.MethodGet, h.mailInternalURL+mailDeliveriesPath+"/"+url.PathEscape(deliveryID), nil)
require.NoError(t, err)
return doJSONRequest[mailDeliveryDetailResponse](t, request, http.StatusOK)
}
func (h *gatewayAuthsessionUserMailHarness) lookupUserByEmail(t *testing.T, email string) userLookupResponse {
t.Helper()
response := postJSONValue(t, h.userServiceURL+"/api/v1/internal/user-lookups/by-email", map[string]string{
"email": email,
})
return decodeJSONResponse[userLookupResponse](t, response, http.StatusOK)
}
func (h *gatewayAuthsessionUserMailHarness) waitForGatewaySession(t *testing.T, deviceSessionID string) gatewaySessionRecord {
t.Helper()
deadline := time.Now().Add(5 * time.Second)
for time.Now().Before(deadline) {
payload, err := h.redis.Get(context.Background(), "gateway:session:"+deviceSessionID).Bytes()
if err == nil {
var record gatewaySessionRecord
require.NoError(t, decodeStrictJSONPayload(payload, &record))
return record
}
time.Sleep(25 * time.Millisecond)
}
t.Fatalf("gateway session projection for %s was not published in time", deviceSessionID)
return gatewaySessionRecord{}
}
func (h *gatewayAuthsessionUserMailHarness) dialGateway(t *testing.T) *grpc.ClientConn {
t.Helper()
ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
defer cancel()
conn, err := grpc.DialContext(
ctx,
h.gatewayGRPCAddr,
grpc.WithTransportCredentials(insecure.NewCredentials()),
grpc.WithBlock(),
)
require.NoError(t, err)
t.Cleanup(func() {
require.NoError(t, conn.Close())
})
return conn
}
func postJSONValue(t *testing.T, targetURL string, body any) httpResponse {
t.Helper()
return postJSONValueWithHeaders(t, targetURL, body, nil)
}
func postJSONValueWithHeaders(t *testing.T, targetURL string, body any, headers map[string]string) httpResponse {
t.Helper()
payload, err := json.Marshal(body)
require.NoError(t, err)
request, err := http.NewRequest(http.MethodPost, targetURL, bytes.NewReader(payload))
require.NoError(t, err)
request.Header.Set("Content-Type", "application/json")
for key, value := range headers {
if value == "" {
continue
}
request.Header.Set(key, value)
}
return doRequest(t, request)
}
func doJSONRequest[T any](t *testing.T, request *http.Request, wantStatus int) T {
t.Helper()
response := doRequest(t, request)
return decodeJSONResponse[T](t, response, wantStatus)
}
func decodeJSONResponse[T any](t *testing.T, response httpResponse, wantStatus int) T {
t.Helper()
require.Equal(t, wantStatus, response.StatusCode, response.Body)
var decoded T
require.NoError(t, decodeJSONPayload([]byte(response.Body), &decoded), response.Body)
return decoded
}
func doRequest(t *testing.T, request *http.Request) httpResponse {
t.Helper()
client := &http.Client{
Timeout: 5 * time.Second,
Transport: &http.Transport{
DisableKeepAlives: true,
},
}
t.Cleanup(client.CloseIdleConnections)
response, err := client.Do(request)
require.NoError(t, err)
defer response.Body.Close()
payload, err := io.ReadAll(response.Body)
require.NoError(t, err)
return httpResponse{
StatusCode: response.StatusCode,
Body: string(payload),
Header: response.Header.Clone(),
}
}
func decodeStrictJSONPayload(payload []byte, target any) error {
decoder := json.NewDecoder(bytes.NewReader(payload))
decoder.DisallowUnknownFields()
if err := decoder.Decode(target); err != nil {
return err
}
if err := decoder.Decode(&struct{}{}); err != io.EOF {
if err == nil {
return errors.New("unexpected trailing JSON input")
}
return err
}
return nil
}
func decodeJSONPayload(payload []byte, target any) error {
decoder := json.NewDecoder(bytes.NewReader(payload))
if err := decoder.Decode(target); err != nil {
return err
}
if err := decoder.Decode(&struct{}{}); err != io.EOF {
if err == nil {
return errors.New("unexpected trailing JSON input")
}
return err
}
return nil
}
func templateVariableString(t *testing.T, variables map[string]any, field string) string {
t.Helper()
value, ok := variables[field]
require.True(t, ok, "template variable %q is missing", field)
text, ok := value.(string)
require.True(t, ok, "template variable %q must be a string", field)
require.NotEmpty(t, text)
return text
}
func newClientPrivateKey(label string) ed25519.PrivateKey {
seed := sha256.Sum256([]byte("galaxy-integration-gateway-authsession-user-mail-client-" + label))
return ed25519.NewKeyFromSeed(seed[:])
}
func encodePublicKey(publicKey ed25519.PublicKey) string {
return base64.StdEncoding.EncodeToString(publicKey)
}
func newSubscribeEventsRequest(deviceSessionID string, requestID string, clientPrivateKey ed25519.PrivateKey) *gatewayv1.SubscribeEventsRequest {
payloadHash := contractsgatewayv1.ComputePayloadHash(nil)
request := &gatewayv1.SubscribeEventsRequest{
ProtocolVersion: contractsgatewayv1.ProtocolVersionV1,
DeviceSessionId: deviceSessionID,
MessageType: contractsgatewayv1.SubscribeMessageType,
TimestampMs: time.Now().UnixMilli(),
RequestId: requestID,
PayloadHash: payloadHash,
TraceId: "trace-" + requestID,
}
request.Signature = contractsgatewayv1.SignRequest(clientPrivateKey, contractsgatewayv1.RequestSigningFields{
ProtocolVersion: request.GetProtocolVersion(),
DeviceSessionID: request.GetDeviceSessionId(),
MessageType: request.GetMessageType(),
TimestampMS: request.GetTimestampMs(),
RequestID: request.GetRequestId(),
PayloadHash: request.GetPayloadHash(),
})
return request
}
func recvGatewayEvent(t *testing.T, stream grpc.ServerStreamingClient[gatewayv1.GatewayEvent]) *gatewayv1.GatewayEvent {
t.Helper()
eventCh := make(chan *gatewayv1.GatewayEvent, 1)
errCh := make(chan error, 1)
go func() {
event, err := stream.Recv()
if err != nil {
errCh <- err
return
}
eventCh <- event
}()
select {
case event := <-eventCh:
return event
case err := <-errCh:
require.NoError(t, err)
case <-time.After(5 * time.Second):
require.FailNow(t, "timed out waiting for gateway event")
}
return nil
}
func assertBootstrapEvent(t *testing.T, event *gatewayv1.GatewayEvent, responseSignerPublicKey ed25519.PublicKey, wantRequestID string) {
t.Helper()
require.Equal(t, contractsgatewayv1.ServerTimeEventType, event.GetEventType())
require.Equal(t, wantRequestID, event.GetEventId())
require.Equal(t, wantRequestID, event.GetRequestId())
require.NoError(t, contractsgatewayv1.VerifyPayloadHash(event.GetPayloadBytes(), event.GetPayloadHash()))
require.NoError(t, contractsgatewayv1.VerifyEventSignature(responseSignerPublicKey, event.GetSignature(), contractsgatewayv1.EventSigningFields{
EventType: event.GetEventType(),
EventID: event.GetEventId(),
TimestampMS: event.GetTimestampMs(),
RequestID: event.GetRequestId(),
TraceID: event.GetTraceId(),
PayloadHash: event.GetPayloadHash(),
}))
}
func waitForUserServiceReady(t *testing.T, process *harness.Process, baseURL string) {
t.Helper()
client := &http.Client{Timeout: 250 * time.Millisecond}
t.Cleanup(client.CloseIdleConnections)
deadline := time.Now().Add(10 * time.Second)
for time.Now().Before(deadline) {
request, err := http.NewRequest(http.MethodGet, baseURL+"/api/v1/internal/users/user-missing/exists", nil)
require.NoError(t, err)
response, err := client.Do(request)
if err == nil {
_, _ = io.Copy(io.Discard, response.Body)
response.Body.Close()
if response.StatusCode == http.StatusOK {
return
}
}
time.Sleep(25 * time.Millisecond)
}
t.Fatalf("wait for userservice readiness: timeout\n%s", process.Logs())
}
func waitForMailReady(t *testing.T, process *harness.Process, baseURL string) {
t.Helper()
client := &http.Client{Timeout: 250 * time.Millisecond}
t.Cleanup(client.CloseIdleConnections)
deadline := time.Now().Add(10 * time.Second)
for time.Now().Before(deadline) {
request, err := http.NewRequest(http.MethodGet, baseURL+mailDeliveriesPath, nil)
require.NoError(t, err)
response, err := client.Do(request)
if err == nil {
_, _ = io.Copy(io.Discard, response.Body)
response.Body.Close()
if response.StatusCode == http.StatusOK {
return
}
}
time.Sleep(25 * time.Millisecond)
}
t.Fatalf("wait for mail readiness: timeout\n%s", process.Logs())
}
func waitForAuthsessionPublicReady(t *testing.T, process *harness.Process, baseURL string) {
t.Helper()
client := &http.Client{Timeout: 250 * time.Millisecond}
t.Cleanup(client.CloseIdleConnections)
deadline := time.Now().Add(10 * time.Second)
for time.Now().Before(deadline) {
response, err := postJSONValueMaybe(client, baseURL+gatewaySendEmailCodePath, map[string]string{
"email": "",
})
if err == nil && response.StatusCode == http.StatusBadRequest {
return
}
time.Sleep(25 * time.Millisecond)
}
t.Fatalf("wait for authsession public readiness: timeout\n%s", process.Logs())
}
func postJSONValueMaybe(client *http.Client, targetURL string, body any) (httpResponse, error) {
payload, err := json.Marshal(body)
if err != nil {
return httpResponse{}, err
}
request, err := http.NewRequest(http.MethodPost, targetURL, bytes.NewReader(payload))
if err != nil {
return httpResponse{}, err
}
request.Header.Set("Content-Type", "application/json")
response, err := client.Do(request)
if err != nil {
return httpResponse{}, err
}
defer response.Body.Close()
responseBody, err := io.ReadAll(response.Body)
if err != nil {
return httpResponse{}, err
}
return httpResponse{
StatusCode: response.StatusCode,
Body: string(responseBody),
Header: response.Header.Clone(),
}, nil
}
func moduleTemplateDir(t *testing.T) string {
t.Helper()
return filepath.Join(repositoryRoot(t), "mail", "templates")
}
func repositoryRoot(t *testing.T) string {
t.Helper()
_, file, _, ok := runtime.Caller(0)
if !ok {
t.Fatal("resolve repository root: runtime caller is unavailable")
}
return filepath.Clean(filepath.Join(filepath.Dir(file), "..", ".."))
}
integration/internal/harness/process.go
+16 -5
View File
@@ -32,8 +32,9 @@ type Process struct {
logsMu sync.Mutex
logs bytes.Buffer
doneCh chan struct{}
waitErr error
doneCh chan struct{}
waitErr error
allowUnexpectedExit bool
}
// StartProcess starts binaryPath with envOverrides and registers cleanup that
@@ -82,7 +83,7 @@ func (p *Process) Stop(t testing.TB) {
select {
case <-p.doneCh:
err := p.waitErr
if err != nil && !isExpectedProcessExit(err) {
if err != nil && !isExpectedProcessExit(err) && !p.allowUnexpectedExit {
t.Errorf("%s exited unexpectedly: %v", p.name, err)
}
return
@@ -96,7 +97,7 @@ func (p *Process) Stop(t testing.TB) {
select {
case <-p.doneCh:
err := p.waitErr
if err != nil && !isExpectedProcessExit(err) {
if err != nil && !isExpectedProcessExit(err) && !p.allowUnexpectedExit {
t.Errorf("%s exited unexpectedly: %v", p.name, err)
}
case <-time.After(defaultStopWait):
@@ -105,12 +106,22 @@ func (p *Process) Stop(t testing.TB) {
}
<-p.doneCh
err := p.waitErr
if err != nil && !isExpectedProcessExit(err) {
if err != nil && !isExpectedProcessExit(err) && !p.allowUnexpectedExit {
t.Errorf("%s exited unexpectedly: %v", p.name, err)
}
}
}
// AllowUnexpectedExit marks a process exit as expected for tests that
// deliberately trigger a fatal runtime dependency failure.
func (p *Process) AllowUnexpectedExit() {
if p == nil {
return
}
p.allowUnexpectedExit = true
}
// Logs returns the captured combined stdout/stderr output of the process.
func (p *Process) Logs() string {
if p == nil {
integration/notificationgateway/notification_gateway_test.go
+526
View File
@@ -0,0 +1,526 @@
package notificationgateway_test
import (
"bytes"
"context"
"crypto/ed25519"
"crypto/sha256"
"encoding/base64"
"encoding/json"
"errors"
"io"
"net/http"
"path/filepath"
"testing"
"time"
gatewayv1 "galaxy/gateway/proto/galaxy/gateway/v1"
contractsgatewayv1 "galaxy/integration/internal/contracts/gatewayv1"
"galaxy/integration/internal/harness"
"github.com/redis/go-redis/v9"
"github.com/stretchr/testify/require"
"google.golang.org/grpc"
"google.golang.org/grpc/credentials/insecure"
)
const (
notificationGatewayClientEventsStream = "gateway:client_events"
notificationGatewayIntentsStream = "notification:intents"
)
func TestNotificationGatewayFanOutsAllUserPushTypesToAllUserSessions(t *testing.T) {
h := newNotificationGatewayHarness(t)
recipient := h.ensureUser(t, "pilot@example.com", "fr-FR")
firstPrivateKey := newClientPrivateKey("first")
secondPrivateKey := newClientPrivateKey("second")
unrelatedPrivateKey := newClientPrivateKey("unrelated")
h.seedGatewaySession(t, "device-session-1", recipient.UserID, firstPrivateKey)
h.seedGatewaySession(t, "device-session-2", recipient.UserID, secondPrivateKey)
h.seedGatewaySession(t, "device-session-3", "user-unrelated", unrelatedPrivateKey)
conn := h.dialGateway(t)
client := gatewayv1.NewEdgeGatewayClient(conn)
firstCtx, cancelFirst := context.WithCancel(context.Background())
defer cancelFirst()
firstStream, err := client.SubscribeEvents(firstCtx, newSubscribeEventsRequest("device-session-1", "request-1", firstPrivateKey))
require.NoError(t, err)
assertBootstrapEvent(t, recvGatewayEvent(t, firstStream), h.responseSignerPublicKey, "request-1")
secondCtx, cancelSecond := context.WithCancel(context.Background())
defer cancelSecond()
secondStream, err := client.SubscribeEvents(secondCtx, newSubscribeEventsRequest("device-session-2", "request-2", secondPrivateKey))
require.NoError(t, err)
assertBootstrapEvent(t, recvGatewayEvent(t, secondStream), h.responseSignerPublicKey, "request-2")
unrelatedCtx, cancelUnrelated := context.WithCancel(context.Background())
defer cancelUnrelated()
unrelatedStream, err := client.SubscribeEvents(unrelatedCtx, newSubscribeEventsRequest("device-session-3", "request-3", unrelatedPrivateKey))
require.NoError(t, err)
assertBootstrapEvent(t, recvGatewayEvent(t, unrelatedStream), h.responseSignerPublicKey, "request-3")
cases := []pushIntentCase{
{
notificationType: "game.turn.ready",
producer: "game_master",
payloadJSON: `{"game_id":"game-123","game_name":"Nebula Clash","turn_number":54}`,
},
{
notificationType: "game.finished",
producer: "game_master",
payloadJSON: `{"game_id":"game-123","game_name":"Nebula Clash","final_turn_number":55}`,
},
{
notificationType: "lobby.application.submitted",
producer: "game_lobby",
payloadJSON: `{"game_id":"game-123","game_name":"Nebula Clash","applicant_user_id":"applicant-1","applicant_name":"Nova Pilot"}`,
},
{
notificationType: "lobby.membership.approved",
producer: "game_lobby",
payloadJSON: `{"game_id":"game-123","game_name":"Nebula Clash"}`,
},
{
notificationType: "lobby.membership.rejected",
producer: "game_lobby",
payloadJSON: `{"game_id":"game-123","game_name":"Nebula Clash"}`,
},
{
notificationType: "lobby.invite.created",
producer: "game_lobby",
payloadJSON: `{"game_id":"game-123","game_name":"Nebula Clash","inviter_user_id":"owner-1","inviter_name":"Owner Pilot"}`,
},
{
notificationType: "lobby.invite.redeemed",
producer: "game_lobby",
payloadJSON: `{"game_id":"game-123","game_name":"Nebula Clash","invitee_user_id":"invitee-1","invitee_name":"Nova Pilot"}`,
},
}
for index, tc := range cases {
messageID := h.publishPushIntent(t, tc, recipient.UserID, index)
firstEvent := recvGatewayEvent(t, firstStream)
assertNotificationPushEvent(t, firstEvent, h.responseSignerPublicKey, tc.notificationType, messageID, recipient.UserID, index)
secondEvent := recvGatewayEvent(t, secondStream)
assertNotificationPushEvent(t, secondEvent, h.responseSignerPublicKey, tc.notificationType, messageID, recipient.UserID, index)
}
assertNoGatewayEvent(t, unrelatedStream, cancelUnrelated)
messages, err := h.redis.XRange(context.Background(), notificationGatewayClientEventsStream, "-", "+").Result()
require.NoError(t, err)
require.Len(t, messages, len(cases))
for index, message := range messages {
require.Equal(t, recipient.UserID, message.Values["user_id"])
require.Equal(t, cases[index].notificationType, message.Values["event_type"])
require.NotContains(t, message.Values, "device_session_id")
}
}
type notificationGatewayHarness struct {
redis *redis.Client
userServiceURL string
gatewayGRPCAddr string
responseSignerPublicKey ed25519.PublicKey
notificationProcess *harness.Process
gatewayProcess *harness.Process
userServiceProcess *harness.Process
}
type pushIntentCase struct {
notificationType string
producer string
payloadJSON string
}
type ensureByEmailResponse struct {
Outcome string `json:"outcome"`
UserID string `json:"user_id"`
}
func newNotificationGatewayHarness(t *testing.T) *notificationGatewayHarness {
t.Helper()
redisRuntime := harness.StartRedisContainer(t)
redisClient := redis.NewClient(&redis.Options{
Addr: redisRuntime.Addr,
Protocol: 2,
DisableIdentity: true,
})
t.Cleanup(func() {
require.NoError(t, redisClient.Close())
})
responseSignerPath, responseSignerPublicKey := harness.WriteResponseSignerPEM(t, t.Name())
userServiceAddr := harness.FreeTCPAddress(t)
notificationInternalAddr := harness.FreeTCPAddress(t)
gatewayPublicAddr := harness.FreeTCPAddress(t)
gatewayGRPCAddr := harness.FreeTCPAddress(t)
userServiceBinary := harness.BuildBinary(t, "userservice", "./user/cmd/userservice")
notificationBinary := harness.BuildBinary(t, "notification", "./notification/cmd/notification")
gatewayBinary := harness.BuildBinary(t, "gateway", "./gateway/cmd/gateway")
userServiceProcess := harness.StartProcess(t, "userservice", userServiceBinary, map[string]string{
"USERSERVICE_LOG_LEVEL": "info",
"USERSERVICE_INTERNAL_HTTP_ADDR": userServiceAddr,
"USERSERVICE_REDIS_ADDR": redisRuntime.Addr,
"OTEL_TRACES_EXPORTER": "none",
"OTEL_METRICS_EXPORTER": "none",
})
waitForUserServiceReady(t, userServiceProcess, "http://"+userServiceAddr)
notificationProcess := harness.StartProcess(t, "notification", notificationBinary, map[string]string{
"NOTIFICATION_LOG_LEVEL": "info",
"NOTIFICATION_INTERNAL_HTTP_ADDR": notificationInternalAddr,
"NOTIFICATION_REDIS_ADDR": redisRuntime.Addr,
"NOTIFICATION_USER_SERVICE_BASE_URL": "http://" + userServiceAddr,
"NOTIFICATION_USER_SERVICE_TIMEOUT": time.Second.String(),
"NOTIFICATION_INTENTS_READ_BLOCK_TIMEOUT": "100ms",
"NOTIFICATION_ROUTE_BACKOFF_MIN": "100ms",
"NOTIFICATION_ROUTE_BACKOFF_MAX": "100ms",
"NOTIFICATION_GATEWAY_CLIENT_EVENTS_STREAM": notificationGatewayClientEventsStream,
"OTEL_TRACES_EXPORTER": "none",
"OTEL_METRICS_EXPORTER": "none",
})
harness.WaitForHTTPStatus(t, notificationProcess, "http://"+notificationInternalAddr+"/readyz", http.StatusOK)
gatewayProcess := harness.StartProcess(t, "gateway", gatewayBinary, map[string]string{
"GATEWAY_LOG_LEVEL": "info",
"GATEWAY_PUBLIC_HTTP_ADDR": gatewayPublicAddr,
"GATEWAY_AUTHENTICATED_GRPC_ADDR": gatewayGRPCAddr,
"GATEWAY_SESSION_CACHE_REDIS_ADDR": redisRuntime.Addr,
"GATEWAY_SESSION_CACHE_REDIS_KEY_PREFIX": "gateway:session:",
"GATEWAY_SESSION_EVENTS_REDIS_STREAM": "gateway:session_events",
"GATEWAY_CLIENT_EVENTS_REDIS_STREAM": notificationGatewayClientEventsStream,
"GATEWAY_CLIENT_EVENTS_REDIS_READ_BLOCK_TIMEOUT": "100ms",
"GATEWAY_REPLAY_REDIS_KEY_PREFIX": "gateway:replay:",
"GATEWAY_RESPONSE_SIGNER_PRIVATE_KEY_PEM_PATH": filepath.Clean(responseSignerPath),
"OTEL_TRACES_EXPORTER": "none",
"OTEL_METRICS_EXPORTER": "none",
})
harness.WaitForHTTPStatus(t, gatewayProcess, "http://"+gatewayPublicAddr+"/healthz", http.StatusOK)
harness.WaitForTCP(t, gatewayProcess, gatewayGRPCAddr)
return &notificationGatewayHarness{
redis: redisClient,
userServiceURL: "http://" + userServiceAddr,
gatewayGRPCAddr: gatewayGRPCAddr,
responseSignerPublicKey: responseSignerPublicKey,
notificationProcess: notificationProcess,
gatewayProcess: gatewayProcess,
userServiceProcess: userServiceProcess,
}
}
func (h *notificationGatewayHarness) ensureUser(t *testing.T, email string, preferredLanguage string) ensureByEmailResponse {
t.Helper()
response := postJSONValue(t, h.userServiceURL+"/api/v1/internal/users/ensure-by-email", map[string]any{
"email": email,
"registration_context": map[string]string{
"preferred_language": preferredLanguage,
"time_zone": "Europe/Kaliningrad",
},
})
var body ensureByEmailResponse
requireJSONStatus(t, response, http.StatusOK, &body)
require.Equal(t, "created", body.Outcome)
require.NotEmpty(t, body.UserID)
return body
}
func (h *notificationGatewayHarness) dialGateway(t *testing.T) *grpc.ClientConn {
t.Helper()
ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
defer cancel()
conn, err := grpc.DialContext(
ctx,
h.gatewayGRPCAddr,
grpc.WithTransportCredentials(insecure.NewCredentials()),
grpc.WithBlock(),
)
require.NoError(t, err)
t.Cleanup(func() {
require.NoError(t, conn.Close())
})
return conn
}
func (h *notificationGatewayHarness) seedGatewaySession(t *testing.T, deviceSessionID string, userID string, clientPrivateKey ed25519.PrivateKey) {
t.Helper()
record := gatewaySessionRecord{
DeviceSessionID: deviceSessionID,
UserID: userID,
ClientPublicKey: base64.StdEncoding.EncodeToString(clientPrivateKey.Public().(ed25519.PublicKey)),
Status: "active",
}
payload, err := json.Marshal(record)
require.NoError(t, err)
require.NoError(t, h.redis.Set(context.Background(), "gateway:session:"+deviceSessionID, payload, 0).Err())
}
func (h *notificationGatewayHarness) publishPushIntent(t *testing.T, tc pushIntentCase, recipientUserID string, index int) string {
t.Helper()
messageID, err := h.redis.XAdd(context.Background(), &redis.XAddArgs{
Stream: notificationGatewayIntentsStream,
Values: map[string]any{
"notification_type": tc.notificationType,
"producer": tc.producer,
"audience_kind": "user",
"recipient_user_ids_json": `["` + recipientUserID + `"]`,
"idempotency_key": tc.notificationType + ":gateway:" + string(rune('a'+index)),
"occurred_at_ms": "1775121700000",
"request_id": pushRequestID(index),
"trace_id": pushTraceID(index),
"payload_json": tc.payloadJSON,
},
}).Result()
require.NoError(t, err)
return messageID
}
type gatewaySessionRecord struct {
DeviceSessionID string `json:"device_session_id"`
UserID string `json:"user_id"`
ClientPublicKey string `json:"client_public_key"`
Status string `json:"status"`
RevokedAtMS *int64 `json:"revoked_at_ms,omitempty"`
}
type httpResponse struct {
StatusCode int
Body string
Header http.Header
}
func postJSONValue(t *testing.T, targetURL string, body any) httpResponse {
t.Helper()
payload, err := json.Marshal(body)
require.NoError(t, err)
request, err := http.NewRequest(http.MethodPost, targetURL, bytes.NewReader(payload))
require.NoError(t, err)
request.Header.Set("Content-Type", "application/json")
return doRequest(t, request)
}
func requireJSONStatus(t *testing.T, response httpResponse, wantStatus int, target any) {
t.Helper()
require.Equal(t, wantStatus, response.StatusCode, "response body: %s", response.Body)
require.NoError(t, decodeStrictJSONPayload([]byte(response.Body), target))
}
func doRequest(t *testing.T, request *http.Request) httpResponse {
t.Helper()
client := &http.Client{
Timeout: 5 * time.Second,
Transport: &http.Transport{
DisableKeepAlives: true,
},
}
t.Cleanup(client.CloseIdleConnections)
response, err := client.Do(request)
require.NoError(t, err)
defer response.Body.Close()
payload, err := io.ReadAll(response.Body)
require.NoError(t, err)
return httpResponse{
StatusCode: response.StatusCode,
Body: string(payload),
Header: response.Header.Clone(),
}
}
func decodeStrictJSONPayload(payload []byte, target any) error {
decoder := json.NewDecoder(bytes.NewReader(payload))
decoder.DisallowUnknownFields()
if err := decoder.Decode(target); err != nil {
return err
}
if err := decoder.Decode(&struct{}{}); err != io.EOF {
if err == nil {
return errors.New("unexpected trailing JSON input")
}
return err
}
return nil
}
func waitForUserServiceReady(t *testing.T, process *harness.Process, baseURL string) {
t.Helper()
client := &http.Client{Timeout: 250 * time.Millisecond}
t.Cleanup(client.CloseIdleConnections)
deadline := time.Now().Add(10 * time.Second)
for time.Now().Before(deadline) {
request, err := http.NewRequest(http.MethodGet, baseURL+"/api/v1/internal/users/user-missing/exists", nil)
require.NoError(t, err)
response, err := client.Do(request)
if err == nil {
_, _ = io.Copy(io.Discard, response.Body)
response.Body.Close()
if response.StatusCode == http.StatusOK {
return
}
}
time.Sleep(25 * time.Millisecond)
}
t.Fatalf("wait for userservice readiness: timeout\n%s", process.Logs())
}
func newClientPrivateKey(label string) ed25519.PrivateKey {
seed := sha256.Sum256([]byte("galaxy-integration-notification-gateway-client-" + label))
return ed25519.NewKeyFromSeed(seed[:])
}
func newSubscribeEventsRequest(deviceSessionID string, requestID string, clientPrivateKey ed25519.PrivateKey) *gatewayv1.SubscribeEventsRequest {
payloadHash := contractsgatewayv1.ComputePayloadHash(nil)
request := &gatewayv1.SubscribeEventsRequest{
ProtocolVersion: contractsgatewayv1.ProtocolVersionV1,
DeviceSessionId: deviceSessionID,
MessageType: contractsgatewayv1.SubscribeMessageType,
TimestampMs: time.Now().UnixMilli(),
RequestId: requestID,
PayloadHash: payloadHash,
TraceId: "trace-" + requestID,
}
request.Signature = contractsgatewayv1.SignRequest(clientPrivateKey, contractsgatewayv1.RequestSigningFields{
ProtocolVersion: request.GetProtocolVersion(),
DeviceSessionID: request.GetDeviceSessionId(),
MessageType: request.GetMessageType(),
TimestampMS: request.GetTimestampMs(),
RequestID: request.GetRequestId(),
PayloadHash: request.GetPayloadHash(),
})
return request
}
func recvGatewayEvent(t *testing.T, stream grpc.ServerStreamingClient[gatewayv1.GatewayEvent]) *gatewayv1.GatewayEvent {
t.Helper()
eventCh := make(chan *gatewayv1.GatewayEvent, 1)
errCh := make(chan error, 1)
go func() {
event, err := stream.Recv()
if err != nil {
errCh <- err
return
}
eventCh <- event
}()
select {
case event := <-eventCh:
return event
case err := <-errCh:
require.NoError(t, err)
case <-time.After(5 * time.Second):
require.FailNow(t, "timed out waiting for gateway event")
}
return nil
}
func assertBootstrapEvent(t *testing.T, event *gatewayv1.GatewayEvent, responseSignerPublicKey ed25519.PublicKey, wantRequestID string) {
t.Helper()
require.Equal(t, contractsgatewayv1.ServerTimeEventType, event.GetEventType())
require.Equal(t, wantRequestID, event.GetEventId())
require.Equal(t, wantRequestID, event.GetRequestId())
require.NoError(t, contractsgatewayv1.VerifyPayloadHash(event.GetPayloadBytes(), event.GetPayloadHash()))
require.NoError(t, contractsgatewayv1.VerifyEventSignature(responseSignerPublicKey, event.GetSignature(), contractsgatewayv1.EventSigningFields{
EventType: event.GetEventType(),
EventID: event.GetEventId(),
TimestampMS: event.GetTimestampMs(),
RequestID: event.GetRequestId(),
TraceID: event.GetTraceId(),
PayloadHash: event.GetPayloadHash(),
}))
}
func assertNotificationPushEvent(
t *testing.T,
event *gatewayv1.GatewayEvent,
responseSignerPublicKey ed25519.PublicKey,
notificationType string,
notificationID string,
userID string,
index int,
) {
t.Helper()
require.Equal(t, notificationType, event.GetEventType())
require.Equal(t, notificationID+"/push:user:"+userID, event.GetEventId())
require.Equal(t, pushRequestID(index), event.GetRequestId())
require.Equal(t, pushTraceID(index), event.GetTraceId())
require.NotEmpty(t, event.GetPayloadBytes())
require.NoError(t, contractsgatewayv1.VerifyPayloadHash(event.GetPayloadBytes(), event.GetPayloadHash()))
require.NoError(t, contractsgatewayv1.VerifyEventSignature(responseSignerPublicKey, event.GetSignature(), contractsgatewayv1.EventSigningFields{
EventType: event.GetEventType(),
EventID: event.GetEventId(),
TimestampMS: event.GetTimestampMs(),
RequestID: event.GetRequestId(),
TraceID: event.GetTraceId(),
PayloadHash: event.GetPayloadHash(),
}))
}
func assertNoGatewayEvent(t *testing.T, stream grpc.ServerStreamingClient[gatewayv1.GatewayEvent], cancel context.CancelFunc) {
t.Helper()
eventCh := make(chan *gatewayv1.GatewayEvent, 1)
errCh := make(chan error, 1)
go func() {
event, err := stream.Recv()
if err != nil {
errCh <- err
return
}
eventCh <- event
}()
select {
case event := <-eventCh:
require.FailNowf(t, "unexpected gateway event delivered", "%+v", event)
case <-time.After(200 * time.Millisecond):
cancel()
case err := <-errCh:
require.FailNowf(t, "stream closed unexpectedly", "%v", err)
}
}
func pushRequestID(index int) string {
return "notification-request-" + string(rune('a'+index))
}
func pushTraceID(index int) string {
return "notification-trace-" + string(rune('a'+index))
}
integration/notificationmail/notification_mail_test.go
+622
View File
@@ -0,0 +1,622 @@
package notificationmail_test
import (
"bytes"
"context"
"encoding/json"
"errors"
"fmt"
"io"
"net/http"
"net/url"
"path/filepath"
"runtime"
"testing"
"time"
"galaxy/integration/internal/harness"
"github.com/redis/go-redis/v9"
"github.com/stretchr/testify/require"
)
const (
notificationMailDeliveriesPath = "/api/v1/internal/deliveries"
notificationMailIntentsStream = "notification:intents"
)
func TestNotificationMailPublishesEveryTemplateModeDeliveryToRealMailService(t *testing.T) {
h := newNotificationMailHarness(t)
recipient := h.ensureUser(t, "pilot@example.com", "fr-FR")
cases := []mailIntentCase{
{
name: "geo review recommended admin",
notificationType: "geo.review_recommended",
producer: "geoprofile",
audienceKind: "admin_email",
recipientEmail: "geo-admin@example.com",
routeID: "email:email:geo-admin@example.com",
payload: map[string]any{
"user_id": "user-geo",
"user_email": "traveler@example.com",
"observed_country": "DE",
"usual_connection_country": "PL",
"review_reason": "country_mismatch",
},
},
{
name: "game turn ready user",
notificationType: "game.turn.ready",
producer: "game_master",
audienceKind: "user",
recipientEmail: recipient.Email,
payload: map[string]any{
"game_id": "game-123",
"game_name": "Nebula Clash",
"turn_number": 54,
},
},
{
name: "game finished user",
notificationType: "game.finished",
producer: "game_master",
audienceKind: "user",
recipientEmail: recipient.Email,
payload: map[string]any{
"game_id": "game-123",
"game_name": "Nebula Clash",
"final_turn_number": 55,
},
},
{
name: "game generation failed admin",
notificationType: "game.generation_failed",
producer: "game_master",
audienceKind: "admin_email",
recipientEmail: "game-admin@example.com",
routeID: "email:email:game-admin@example.com",
payload: map[string]any{
"game_id": "game-123",
"game_name": "Nebula Clash",
"failure_reason": "engine_timeout",
},
},
{
name: "lobby runtime paused admin",
notificationType: "lobby.runtime_paused_after_start",
producer: "game_lobby",
audienceKind: "admin_email",
recipientEmail: "lobby-ops@example.com",
routeID: "email:email:lobby-ops@example.com",
payload: map[string]any{
"game_id": "game-123",
"game_name": "Nebula Clash",
},
},
{
name: "lobby application submitted user",
notificationType: "lobby.application.submitted",
producer: "game_lobby",
audienceKind: "user",
recipientEmail: recipient.Email,
payload: map[string]any{
"game_id": "game-123",
"game_name": "Nebula Clash",
"applicant_user_id": "applicant-1",
"applicant_name": "Nova Pilot",
},
},
{
name: "lobby application submitted admin",
notificationType: "lobby.application.submitted",
producer: "game_lobby",
audienceKind: "admin_email",
recipientEmail: "lobby-admin@example.com",
routeID: "email:email:lobby-admin@example.com",
payload: map[string]any{
"game_id": "game-456",
"game_name": "Public Stars",
"applicant_user_id": "applicant-2",
"applicant_name": "Public Pilot",
},
},
{
name: "lobby membership approved user",
notificationType: "lobby.membership.approved",
producer: "game_lobby",
audienceKind: "user",
recipientEmail: recipient.Email,
payload: map[string]any{
"game_id": "game-123",
"game_name": "Nebula Clash",
},
},
{
name: "lobby membership rejected user",
notificationType: "lobby.membership.rejected",
producer: "game_lobby",
audienceKind: "user",
recipientEmail: recipient.Email,
payload: map[string]any{
"game_id": "game-123",
"game_name": "Nebula Clash",
},
},
{
name: "lobby invite created user",
notificationType: "lobby.invite.created",
producer: "game_lobby",
audienceKind: "user",
recipientEmail: recipient.Email,
payload: map[string]any{
"game_id": "game-123",
"game_name": "Nebula Clash",
"inviter_user_id": "owner-1",
"inviter_name": "Owner Pilot",
},
},
{
name: "lobby invite redeemed user",
notificationType: "lobby.invite.redeemed",
producer: "game_lobby",
audienceKind: "user",
recipientEmail: recipient.Email,
payload: map[string]any{
"game_id": "game-123",
"game_name": "Nebula Clash",
"invitee_user_id": "invitee-1",
"invitee_name": "Nova Pilot",
},
},
{
name: "lobby invite expired user",
notificationType: "lobby.invite.expired",
producer: "game_lobby",
audienceKind: "user",
recipientEmail: recipient.Email,
payload: map[string]any{
"game_id": "game-123",
"game_name": "Nebula Clash",
"invitee_user_id": "invitee-1",
"invitee_name": "Nova Pilot",
},
},
}
for index, tc := range cases {
tc := tc
t.Run(tc.name, func(t *testing.T) {
messageID := h.publishMailIntent(t, tc, recipient.UserID, index)
routeID := tc.routeID
if routeID == "" {
routeID = "email:user:" + recipient.UserID
}
idempotencyKey := "notification:" + messageID + "/" + routeID
list := h.eventuallyListDeliveries(t, url.Values{
"source": []string{"notification"},
"status": []string{"sent"},
"recipient": []string{tc.recipientEmail},
"template_id": []string{tc.notificationType},
"idempotency_key": []string{idempotencyKey},
})
require.Len(t, list.Items, 1)
require.Equal(t, "notification", list.Items[0].Source)
require.Equal(t, "sent", list.Items[0].Status)
require.Equal(t, "template", list.Items[0].PayloadMode)
require.Equal(t, tc.notificationType, list.Items[0].TemplateID)
require.Equal(t, "en", list.Items[0].Locale)
require.Equal(t, []string{tc.recipientEmail}, list.Items[0].To)
detail := h.getDelivery(t, list.Items[0].DeliveryID)
require.Equal(t, "notification", detail.Source)
require.Equal(t, "template", detail.PayloadMode)
require.Equal(t, tc.notificationType, detail.TemplateID)
require.Equal(t, "en", detail.Locale)
require.False(t, detail.LocaleFallbackUsed)
require.Equal(t, idempotencyKey, detail.IdempotencyKey)
require.Equal(t, []string{tc.recipientEmail}, detail.To)
require.Empty(t, detail.Cc)
require.Empty(t, detail.Bcc)
require.Empty(t, detail.ReplyTo)
require.Empty(t, detail.Attachments)
assertTemplateVariables(t, tc.payload, detail.TemplateVariables)
})
}
}
type notificationMailHarness struct {
redis *redis.Client
userServiceURL string
mailBaseURL string
notificationProcess *harness.Process
mailProcess *harness.Process
userServiceProcess *harness.Process
}
type mailIntentCase struct {
name string
notificationType string
producer string
audienceKind string
recipientEmail string
routeID string
payload map[string]any
}
type ensureByEmailResponse struct {
Outcome string `json:"outcome"`
UserID string `json:"user_id"`
Email string
}
type mailDeliveryListResponse struct {
Items []mailDeliverySummary `json:"items"`
}
type mailDeliverySummary struct {
DeliveryID string `json:"delivery_id"`
Source string `json:"source"`
PayloadMode string `json:"payload_mode"`
TemplateID string `json:"template_id"`
Locale string `json:"locale"`
LocaleFallbackUsed bool `json:"locale_fallback_used"`
To []string `json:"to"`
Cc []string `json:"cc"`
Bcc []string `json:"bcc"`
ReplyTo []string `json:"reply_to"`
IdempotencyKey string `json:"idempotency_key"`
Status string `json:"status"`
AttemptCount int `json:"attempt_count"`
LastAttemptStatus string `json:"last_attempt_status,omitempty"`
ProviderSummary string `json:"provider_summary,omitempty"`
CreatedAtMS int64 `json:"created_at_ms"`
UpdatedAtMS int64 `json:"updated_at_ms"`
SentAtMS int64 `json:"sent_at_ms,omitempty"`
}
type mailDeliveryDetailResponse struct {
DeliveryID string `json:"delivery_id"`
Source string `json:"source"`
PayloadMode string `json:"payload_mode"`
TemplateID string `json:"template_id"`
Locale string `json:"locale"`
LocaleFallbackUsed bool `json:"locale_fallback_used"`
To []string `json:"to"`
Cc []string `json:"cc"`
Bcc []string `json:"bcc"`
ReplyTo []string `json:"reply_to"`
Subject string `json:"subject,omitempty"`
TextBody string `json:"text_body,omitempty"`
HTMLBody string `json:"html_body,omitempty"`
Attachments []any `json:"attachments"`
IdempotencyKey string `json:"idempotency_key"`
Status string `json:"status"`
AttemptCount int `json:"attempt_count"`
LastAttemptStatus string `json:"last_attempt_status,omitempty"`
ProviderSummary string `json:"provider_summary,omitempty"`
TemplateVariables map[string]any `json:"template_variables,omitempty"`
CreatedAtMS int64 `json:"created_at_ms"`
UpdatedAtMS int64 `json:"updated_at_ms"`
SentAtMS int64 `json:"sent_at_ms,omitempty"`
}
type httpResponse struct {
StatusCode int
Body string
Header http.Header
}
func newNotificationMailHarness(t *testing.T) *notificationMailHarness {
t.Helper()
redisRuntime := harness.StartRedisContainer(t)
redisClient := redis.NewClient(&redis.Options{
Addr: redisRuntime.Addr,
Protocol: 2,
DisableIdentity: true,
})
t.Cleanup(func() {
require.NoError(t, redisClient.Close())
})
userServiceAddr := harness.FreeTCPAddress(t)
mailInternalAddr := harness.FreeTCPAddress(t)
notificationInternalAddr := harness.FreeTCPAddress(t)
userServiceBinary := harness.BuildBinary(t, "userservice", "./user/cmd/userservice")
mailBinary := harness.BuildBinary(t, "mail", "./mail/cmd/mail")
notificationBinary := harness.BuildBinary(t, "notification", "./notification/cmd/notification")
userServiceProcess := harness.StartProcess(t, "userservice", userServiceBinary, map[string]string{
"USERSERVICE_LOG_LEVEL": "info",
"USERSERVICE_INTERNAL_HTTP_ADDR": userServiceAddr,
"USERSERVICE_REDIS_ADDR": redisRuntime.Addr,
"OTEL_TRACES_EXPORTER": "none",
"OTEL_METRICS_EXPORTER": "none",
})
waitForUserServiceReady(t, userServiceProcess, "http://"+userServiceAddr)
mailProcess := harness.StartProcess(t, "mail", mailBinary, map[string]string{
"MAIL_LOG_LEVEL": "info",
"MAIL_INTERNAL_HTTP_ADDR": mailInternalAddr,
"MAIL_REDIS_ADDR": redisRuntime.Addr,
"MAIL_TEMPLATE_DIR": mailTemplateDir(t),
"MAIL_SMTP_MODE": "stub",
"MAIL_STREAM_BLOCK_TIMEOUT": "100ms",
"MAIL_OPERATOR_REQUEST_TIMEOUT": time.Second.String(),
"MAIL_SHUTDOWN_TIMEOUT": "2s",
"OTEL_TRACES_EXPORTER": "none",
"OTEL_METRICS_EXPORTER": "none",
})
waitForMailReady(t, mailProcess, "http://"+mailInternalAddr)
notificationProcess := harness.StartProcess(t, "notification", notificationBinary, map[string]string{
"NOTIFICATION_LOG_LEVEL": "info",
"NOTIFICATION_INTERNAL_HTTP_ADDR": notificationInternalAddr,
"NOTIFICATION_REDIS_ADDR": redisRuntime.Addr,
"NOTIFICATION_USER_SERVICE_BASE_URL": "http://" + userServiceAddr,
"NOTIFICATION_USER_SERVICE_TIMEOUT": time.Second.String(),
"NOTIFICATION_INTENTS_READ_BLOCK_TIMEOUT": "100ms",
"NOTIFICATION_ROUTE_BACKOFF_MIN": "100ms",
"NOTIFICATION_ROUTE_BACKOFF_MAX": "100ms",
"NOTIFICATION_ADMIN_EMAILS_GEO_REVIEW_RECOMMENDED": "geo-admin@example.com",
"NOTIFICATION_ADMIN_EMAILS_GAME_GENERATION_FAILED": "game-admin@example.com",
"NOTIFICATION_ADMIN_EMAILS_LOBBY_RUNTIME_PAUSED_AFTER_START": "lobby-ops@example.com",
"NOTIFICATION_ADMIN_EMAILS_LOBBY_APPLICATION_SUBMITTED": "lobby-admin@example.com",
"OTEL_TRACES_EXPORTER": "none",
"OTEL_METRICS_EXPORTER": "none",
})
harness.WaitForHTTPStatus(t, notificationProcess, "http://"+notificationInternalAddr+"/readyz", http.StatusOK)
return &notificationMailHarness{
redis: redisClient,
userServiceURL: "http://" + userServiceAddr,
mailBaseURL: "http://" + mailInternalAddr,
notificationProcess: notificationProcess,
mailProcess: mailProcess,
userServiceProcess: userServiceProcess,
}
}
func (h *notificationMailHarness) ensureUser(t *testing.T, email string, preferredLanguage string) ensureByEmailResponse {
t.Helper()
response := postJSONValue(t, h.userServiceURL+"/api/v1/internal/users/ensure-by-email", map[string]any{
"email": email,
"registration_context": map[string]string{
"preferred_language": preferredLanguage,
"time_zone": "Europe/Kaliningrad",
},
})
var body ensureByEmailResponse
requireJSONStatus(t, response, http.StatusOK, &body)
require.Equal(t, "created", body.Outcome)
require.NotEmpty(t, body.UserID)
body.Email = email
return body
}
func (h *notificationMailHarness) publishMailIntent(t *testing.T, tc mailIntentCase, recipientUserID string, index int) string {
t.Helper()
payload, err := json.Marshal(tc.payload)
require.NoError(t, err)
values := map[string]any{
"notification_type": tc.notificationType,
"producer": tc.producer,
"audience_kind": tc.audienceKind,
"idempotency_key": fmt.Sprintf("%s:mail:%02d", tc.notificationType, index),
"occurred_at_ms": "1775121700000",
"payload_json": string(payload),
}
if tc.audienceKind == "user" {
values["recipient_user_ids_json"] = `["` + recipientUserID + `"]`
}
messageID, err := h.redis.XAdd(context.Background(), &redis.XAddArgs{
Stream: notificationMailIntentsStream,
Values: values,
}).Result()
require.NoError(t, err)
return messageID
}
func (h *notificationMailHarness) eventuallyListDeliveries(t *testing.T, query url.Values) mailDeliveryListResponse {
t.Helper()
var response mailDeliveryListResponse
require.Eventually(t, func() bool {
response = h.listDeliveries(t, query)
return len(response.Items) > 0
}, 10*time.Second, 50*time.Millisecond)
return response
}
func (h *notificationMailHarness) listDeliveries(t *testing.T, query url.Values) mailDeliveryListResponse {
t.Helper()
target := h.mailBaseURL + notificationMailDeliveriesPath
if encoded := query.Encode(); encoded != "" {
target += "?" + encoded
}
request, err := http.NewRequest(http.MethodGet, target, nil)
require.NoError(t, err)
return doJSONRequest[mailDeliveryListResponse](t, request, http.StatusOK)
}
func (h *notificationMailHarness) getDelivery(t *testing.T, deliveryID string) mailDeliveryDetailResponse {
t.Helper()
request, err := http.NewRequest(http.MethodGet, h.mailBaseURL+notificationMailDeliveriesPath+"/"+url.PathEscape(deliveryID), nil)
require.NoError(t, err)
return doJSONRequest[mailDeliveryDetailResponse](t, request, http.StatusOK)
}
func waitForUserServiceReady(t *testing.T, process *harness.Process, baseURL string) {
t.Helper()
client := &http.Client{Timeout: 250 * time.Millisecond}
t.Cleanup(client.CloseIdleConnections)
deadline := time.Now().Add(10 * time.Second)
for time.Now().Before(deadline) {
request, err := http.NewRequest(http.MethodGet, baseURL+"/api/v1/internal/users/user-missing/exists", nil)
require.NoError(t, err)
response, err := client.Do(request)
if err == nil {
_, _ = io.Copy(io.Discard, response.Body)
response.Body.Close()
if response.StatusCode == http.StatusOK {
return
}
}
time.Sleep(25 * time.Millisecond)
}
t.Fatalf("wait for userservice readiness: timeout\n%s", process.Logs())
}
func waitForMailReady(t *testing.T, process *harness.Process, baseURL string) {
t.Helper()
client := &http.Client{Timeout: 250 * time.Millisecond}
t.Cleanup(client.CloseIdleConnections)
deadline := time.Now().Add(10 * time.Second)
for time.Now().Before(deadline) {
request, err := http.NewRequest(http.MethodGet, baseURL+notificationMailDeliveriesPath, nil)
require.NoError(t, err)
response, err := client.Do(request)
if err == nil {
_, _ = io.Copy(io.Discard, response.Body)
response.Body.Close()
if response.StatusCode == http.StatusOK {
return
}
}
time.Sleep(25 * time.Millisecond)
}
t.Fatalf("wait for mail readiness: timeout\n%s", process.Logs())
}
func doJSONRequest[T any](t *testing.T, request *http.Request, wantStatus int) T {
t.Helper()
response := doRequest(t, request)
require.Equal(t, wantStatus, response.StatusCode, response.Body)
var decoded T
require.NoError(t, decodeStrictJSONPayload([]byte(response.Body), &decoded), response.Body)
return decoded
}
func postJSONValue(t *testing.T, targetURL string, body any) httpResponse {
t.Helper()
payload, err := json.Marshal(body)
require.NoError(t, err)
request, err := http.NewRequest(http.MethodPost, targetURL, bytes.NewReader(payload))
require.NoError(t, err)
request.Header.Set("Content-Type", "application/json")
return doRequest(t, request)
}
func requireJSONStatus(t *testing.T, response httpResponse, wantStatus int, target any) {
t.Helper()
require.Equal(t, wantStatus, response.StatusCode, "response body: %s", response.Body)
require.NoError(t, decodeStrictJSONPayload([]byte(response.Body), target))
}
func doRequest(t *testing.T, request *http.Request) httpResponse {
t.Helper()
client := &http.Client{
Timeout: 5 * time.Second,
Transport: &http.Transport{
DisableKeepAlives: true,
},
}
t.Cleanup(client.CloseIdleConnections)
response, err := client.Do(request)
require.NoError(t, err)
defer response.Body.Close()
payload, err := io.ReadAll(response.Body)
require.NoError(t, err)
return httpResponse{
StatusCode: response.StatusCode,
Body: string(payload),
Header: response.Header.Clone(),
}
}
func decodeStrictJSONPayload(payload []byte, target any) error {
decoder := json.NewDecoder(bytes.NewReader(payload))
decoder.DisallowUnknownFields()
if err := decoder.Decode(target); err != nil {
return err
}
if err := decoder.Decode(&struct{}{}); err != io.EOF {
if err == nil {
return errors.New("unexpected trailing JSON input")
}
return err
}
return nil
}
func assertTemplateVariables(t *testing.T, want map[string]any, got map[string]any) {
t.Helper()
require.NotEmpty(t, got)
for key, wantValue := range want {
gotValue, ok := got[key]
require.Truef(t, ok, "template variable %q is missing", key)
switch typedWant := wantValue.(type) {
case string:
require.Equal(t, typedWant, gotValue)
case int:
require.Equal(t, float64(typedWant), gotValue)
default:
require.Equal(t, typedWant, gotValue)
}
}
}
func mailTemplateDir(t *testing.T) string {
t.Helper()
return filepath.Join(repositoryRoot(t), "mail", "templates")
}
func repositoryRoot(t *testing.T) string {
t.Helper()
_, file, _, ok := runtime.Caller(0)
if !ok {
t.Fatal("resolve repository root: runtime caller is unavailable")
}
return filepath.Clean(filepath.Join(filepath.Dir(file), "..", ".."))
}
integration/notificationuser/notification_user_test.go
+391
View File
@@ -0,0 +1,391 @@
package notificationuser_test
import (
"bytes"
"context"
"encoding/base64"
"encoding/json"
"errors"
"io"
"net/http"
"testing"
"time"
"galaxy/integration/internal/harness"
"github.com/redis/go-redis/v9"
"github.com/stretchr/testify/require"
)
const notificationUserIntentsStream = "notification:intents"
func TestNotificationUserEnrichmentPersistsResolvedRecipient(t *testing.T) {
h := newNotificationUserHarness(t)
recipient := h.ensureUser(t, "pilot@example.com", "fr-FR")
messageID := h.publishUserIntent(t, recipient.UserID, "game.turn.ready", "game_master", "enrichment-success", `{"game_id":"game-123","game_name":"Nebula Clash","turn_number":54}`)
route := h.waitForRoute(t, messageID, "email:user:"+recipient.UserID)
require.Equal(t, messageID, route.NotificationID)
require.Equal(t, "email:user:"+recipient.UserID, route.RouteID)
require.Equal(t, "email", route.Channel)
require.Equal(t, "user:"+recipient.UserID, route.RecipientRef)
require.Equal(t, "pilot@example.com", route.ResolvedEmail)
require.Equal(t, "en", route.ResolvedLocale)
offset := h.waitForStreamOffset(t)
require.Equal(t, messageID, offset.LastProcessedEntryID)
}
func TestNotificationUserMissingRecipientIsMalformedAndAdvancesOffset(t *testing.T) {
h := newNotificationUserHarness(t)
messageID := h.publishUserIntent(t, "user-missing", "game.turn.ready", "game_master", "missing-user", `{"game_id":"game-123","game_name":"Nebula Clash","turn_number":54}`)
malformed := h.waitForMalformedIntent(t, messageID)
require.Equal(t, messageID, malformed.StreamEntryID)
require.Equal(t, "game.turn.ready", malformed.NotificationType)
require.Equal(t, "game_master", malformed.Producer)
require.Equal(t, "recipient_not_found", malformed.FailureCode)
offset := h.waitForStreamOffset(t)
require.Equal(t, messageID, offset.LastProcessedEntryID)
}
func TestNotificationUserTemporaryUnavailabilityDoesNotAdvanceOffset(t *testing.T) {
h := newNotificationUserHarness(t)
recipient := h.ensureUser(t, "temporary@example.com", "en")
h.notificationProcess.AllowUnexpectedExit()
h.userServiceProcess.Stop(t)
messageID := h.publishUserIntent(t, recipient.UserID, "game.turn.ready", "game_master", "temporary-user-service", `{"game_id":"game-123","game_name":"Nebula Clash","turn_number":54}`)
require.Never(t, func() bool {
offset, ok := h.loadStreamOffset(t)
return ok && offset.LastProcessedEntryID == messageID
}, time.Second, 50*time.Millisecond)
exists, err := h.redis.Exists(context.Background(), notificationMalformedIntentKey(messageID)).Result()
require.NoError(t, err)
require.Zero(t, exists)
exists, err = h.redis.Exists(context.Background(), notificationRouteKey(messageID, "email:user:"+recipient.UserID)).Result()
require.NoError(t, err)
require.Zero(t, exists)
}
type notificationUserHarness struct {
redis *redis.Client
userServiceURL string
notificationProcess *harness.Process
userServiceProcess *harness.Process
}
type ensureByEmailResponse struct {
Outcome string `json:"outcome"`
UserID string `json:"user_id"`
}
type notificationRouteRecord struct {
NotificationID string `json:"notification_id"`
RouteID string `json:"route_id"`
Channel string `json:"channel"`
RecipientRef string `json:"recipient_ref"`
Status string `json:"status"`
ResolvedEmail string `json:"resolved_email,omitempty"`
ResolvedLocale string `json:"resolved_locale,omitempty"`
}
type malformedIntentRecord struct {
StreamEntryID string `json:"stream_entry_id"`
NotificationType string `json:"notification_type,omitempty"`
Producer string `json:"producer,omitempty"`
IdempotencyKey string `json:"idempotency_key,omitempty"`
FailureCode string `json:"failure_code"`
FailureMessage string `json:"failure_message"`
RawFields map[string]any `json:"raw_fields_json"`
RecordedAtMS int64 `json:"recorded_at_ms"`
}
type streamOffsetRecord struct {
Stream string `json:"stream"`
LastProcessedEntryID string `json:"last_processed_entry_id"`
UpdatedAtMS int64 `json:"updated_at_ms"`
}
type httpResponse struct {
StatusCode int
Body string
Header http.Header
}
func newNotificationUserHarness(t *testing.T) *notificationUserHarness {
t.Helper()
redisRuntime := harness.StartRedisContainer(t)
redisClient := redis.NewClient(&redis.Options{
Addr: redisRuntime.Addr,
Protocol: 2,
DisableIdentity: true,
})
t.Cleanup(func() {
require.NoError(t, redisClient.Close())
})
userServiceAddr := harness.FreeTCPAddress(t)
notificationInternalAddr := harness.FreeTCPAddress(t)
userServiceBinary := harness.BuildBinary(t, "userservice", "./user/cmd/userservice")
notificationBinary := harness.BuildBinary(t, "notification", "./notification/cmd/notification")
userServiceProcess := harness.StartProcess(t, "userservice", userServiceBinary, map[string]string{
"USERSERVICE_LOG_LEVEL": "info",
"USERSERVICE_INTERNAL_HTTP_ADDR": userServiceAddr,
"USERSERVICE_REDIS_ADDR": redisRuntime.Addr,
"OTEL_TRACES_EXPORTER": "none",
"OTEL_METRICS_EXPORTER": "none",
})
waitForUserServiceReady(t, userServiceProcess, "http://"+userServiceAddr)
notificationProcess := harness.StartProcess(t, "notification", notificationBinary, map[string]string{
"NOTIFICATION_LOG_LEVEL": "info",
"NOTIFICATION_INTERNAL_HTTP_ADDR": notificationInternalAddr,
"NOTIFICATION_REDIS_ADDR": redisRuntime.Addr,
"NOTIFICATION_USER_SERVICE_BASE_URL": "http://" + userServiceAddr,
"NOTIFICATION_USER_SERVICE_TIMEOUT": "250ms",
"NOTIFICATION_INTENTS_READ_BLOCK_TIMEOUT": "100ms",
"NOTIFICATION_ROUTE_BACKOFF_MIN": "100ms",
"NOTIFICATION_ROUTE_BACKOFF_MAX": "100ms",
"OTEL_TRACES_EXPORTER": "none",
"OTEL_METRICS_EXPORTER": "none",
})
harness.WaitForHTTPStatus(t, notificationProcess, "http://"+notificationInternalAddr+"/readyz", http.StatusOK)
return &notificationUserHarness{
redis: redisClient,
userServiceURL: "http://" + userServiceAddr,
notificationProcess: notificationProcess,
userServiceProcess: userServiceProcess,
}
}
func (h *notificationUserHarness) ensureUser(t *testing.T, email string, preferredLanguage string) ensureByEmailResponse {
t.Helper()
response := postJSONValue(t, h.userServiceURL+"/api/v1/internal/users/ensure-by-email", map[string]any{
"email": email,
"registration_context": map[string]string{
"preferred_language": preferredLanguage,
"time_zone": "Europe/Kaliningrad",
},
})
var body ensureByEmailResponse
requireJSONStatus(t, response, http.StatusOK, &body)
require.Equal(t, "created", body.Outcome)
require.NotEmpty(t, body.UserID)
return body
}
func (h *notificationUserHarness) publishUserIntent(t *testing.T, recipientUserID string, notificationType string, producer string, idempotencyKey string, payloadJSON string) string {
t.Helper()
messageID, err := h.redis.XAdd(context.Background(), &redis.XAddArgs{
Stream: notificationUserIntentsStream,
Values: map[string]any{
"notification_type": notificationType,
"producer": producer,
"audience_kind": "user",
"recipient_user_ids_json": `["` + recipientUserID + `"]`,
"idempotency_key": idempotencyKey,
"occurred_at_ms": "1775121700000",
"payload_json": payloadJSON,
},
}).Result()
require.NoError(t, err)
return messageID
}
func (h *notificationUserHarness) waitForRoute(t *testing.T, notificationID string, routeID string) notificationRouteRecord {
t.Helper()
key := notificationRouteKey(notificationID, routeID)
var route notificationRouteRecord
require.Eventually(t, func() bool {
payload, err := h.redis.Get(context.Background(), key).Bytes()
if err != nil {
return false
}
require.NoError(t, decodeJSONPayload(payload, &route))
return true
}, 10*time.Second, 50*time.Millisecond)
return route
}
func (h *notificationUserHarness) waitForMalformedIntent(t *testing.T, streamEntryID string) malformedIntentRecord {
t.Helper()
key := notificationMalformedIntentKey(streamEntryID)
var record malformedIntentRecord
require.Eventually(t, func() bool {
payload, err := h.redis.Get(context.Background(), key).Bytes()
if err != nil {
return false
}
require.NoError(t, decodeStrictJSONPayload(payload, &record))
return true
}, 10*time.Second, 50*time.Millisecond)
return record
}
func (h *notificationUserHarness) waitForStreamOffset(t *testing.T) streamOffsetRecord {
t.Helper()
var offset streamOffsetRecord
require.Eventually(t, func() bool {
var ok bool
offset, ok = h.loadStreamOffset(t)
return ok
}, 10*time.Second, 50*time.Millisecond)
return offset
}
func (h *notificationUserHarness) loadStreamOffset(t *testing.T) (streamOffsetRecord, bool) {
t.Helper()
payload, err := h.redis.Get(context.Background(), notificationStreamOffsetKey()).Bytes()
if errors.Is(err, redis.Nil) {
return streamOffsetRecord{}, false
}
require.NoError(t, err)
var offset streamOffsetRecord
require.NoError(t, decodeStrictJSONPayload(payload, &offset))
return offset, true
}
func waitForUserServiceReady(t *testing.T, process *harness.Process, baseURL string) {
t.Helper()
client := &http.Client{Timeout: 250 * time.Millisecond}
t.Cleanup(client.CloseIdleConnections)
deadline := time.Now().Add(10 * time.Second)
for time.Now().Before(deadline) {
request, err := http.NewRequest(http.MethodGet, baseURL+"/api/v1/internal/users/user-missing/exists", nil)
require.NoError(t, err)
response, err := client.Do(request)
if err == nil {
_, _ = io.Copy(io.Discard, response.Body)
response.Body.Close()
if response.StatusCode == http.StatusOK {
return
}
}
time.Sleep(25 * time.Millisecond)
}
t.Fatalf("wait for userservice readiness: timeout\n%s", process.Logs())
}
func postJSONValue(t *testing.T, targetURL string, body any) httpResponse {
t.Helper()
payload, err := json.Marshal(body)
require.NoError(t, err)
request, err := http.NewRequest(http.MethodPost, targetURL, bytes.NewReader(payload))
require.NoError(t, err)
request.Header.Set("Content-Type", "application/json")
return doRequest(t, request)
}
func requireJSONStatus(t *testing.T, response httpResponse, wantStatus int, target any) {
t.Helper()
require.Equal(t, wantStatus, response.StatusCode, "response body: %s", response.Body)
require.NoError(t, decodeStrictJSONPayload([]byte(response.Body), target))
}
func doRequest(t *testing.T, request *http.Request) httpResponse {
t.Helper()
client := &http.Client{
Timeout: 5 * time.Second,
Transport: &http.Transport{
DisableKeepAlives: true,
},
}
t.Cleanup(client.CloseIdleConnections)
response, err := client.Do(request)
require.NoError(t, err)
defer response.Body.Close()
payload, err := io.ReadAll(response.Body)
require.NoError(t, err)
return httpResponse{
StatusCode: response.StatusCode,
Body: string(payload),
Header: response.Header.Clone(),
}
}
func decodeStrictJSONPayload(payload []byte, target any) error {
decoder := json.NewDecoder(bytes.NewReader(payload))
decoder.DisallowUnknownFields()
if err := decoder.Decode(target); err != nil {
return err
}
if err := decoder.Decode(&struct{}{}); err != io.EOF {
if err == nil {
return errors.New("unexpected trailing JSON input")
}
return err
}
return nil
}
func decodeJSONPayload(payload []byte, target any) error {
decoder := json.NewDecoder(bytes.NewReader(payload))
if err := decoder.Decode(target); err != nil {
return err
}
if err := decoder.Decode(&struct{}{}); err != io.EOF {
if err == nil {
return errors.New("unexpected trailing JSON input")
}
return err
}
return nil
}
func notificationRouteKey(notificationID string, routeID string) string {
return "notification:routes:" + encodeKeyComponent(notificationID) + ":" + encodeKeyComponent(routeID)
}
func notificationMalformedIntentKey(streamEntryID string) string {
return "notification:malformed_intents:" + encodeKeyComponent(streamEntryID)
}
func notificationStreamOffsetKey() string {
return "notification:stream_offsets:" + encodeKeyComponent(notificationUserIntentsStream)
}
func encodeKeyComponent(value string) string {
return base64.RawURLEncoding.EncodeToString([]byte(value))
}