chore: sync testing plan with authsession

2026-04-09 12:52:00 +02:00
parent 9065b82fe2
commit 85ccefc7ff
4 changed files with 367 additions and 114 deletions
@@ -3,6 +3,7 @@ package app
 import (
 	"bytes"
 	"context"
+	"errors"
 	"io"
 	"net"
 	"net/http"
@@ -28,6 +29,7 @@ func TestNewRuntimeStartsAndStopsHTTPServers(t *testing.T) {
 	cfg.Redis.Addr = redisServer.Addr()
 	cfg.PublicHTTP.Addr = mustFreeAddr(t)
 	cfg.InternalHTTP.Addr = mustFreeAddr(t)
+	cfg.ShutdownTimeout = 10 * time.Second

 	runtime, err := NewRuntime(context.Background(), cfg, zap.NewNop(), nil)
 	require.NoError(t, err)
@@ -43,34 +45,12 @@ func TestNewRuntimeStartsAndStopsHTTPServers(t *testing.T) {
 		runErrCh <- runtime.App.Run(runCtx)
 	}()

-	require.Eventually(t, func() bool {
-		response, err := http.Post(
-			"http://"+cfg.PublicHTTP.Addr+"/api/v1/public/auth/send-email-code",
-			"application/json",
-			bytes.NewBufferString(`{"email":"pilot@example.com"}`),
-		)
-		if err != nil {
-			return false
-		}
-		defer response.Body.Close()
-		_, _ = io.ReadAll(response.Body)
-
-		return response.StatusCode == http.StatusOK
-	}, 5*time.Second, 25*time.Millisecond)
-
-	require.Eventually(t, func() bool {
-		response, err := http.Get("http://" + cfg.InternalHTTP.Addr + "/api/v1/internal/sessions/missing")
-		if err != nil {
-			return false
-		}
-		defer response.Body.Close()
-		_, _ = io.ReadAll(response.Body)
-
-		return response.StatusCode == http.StatusNotFound
-	}, 5*time.Second, 25*time.Millisecond)
+	client := newTestHTTPClient(t)
+	waitForPublicSendEmailCodeReady(t, client, cfg.PublicHTTP.Addr)
+	waitForInternalGetMissingReady(t, client, cfg.InternalHTTP.Addr)

 	cancel()
-	require.NoError(t, <-runErrCh)
+	waitForAppRunResult(t, runErrCh, cfg.ShutdownTimeout+2*time.Second)
 }

 func TestNewRuntimeUsesRESTUserDirectoryWhenConfigured(t *testing.T) {
@@ -95,6 +75,7 @@ func TestNewRuntimeUsesRESTUserDirectoryWhenConfigured(t *testing.T) {
 	cfg.UserService.Mode = "rest"
 	cfg.UserService.BaseURL = userService.URL
 	cfg.UserService.RequestTimeout = 250 * time.Millisecond
+	cfg.ShutdownTimeout = 10 * time.Second

 	runtime, err := NewRuntime(context.Background(), cfg, zap.NewNop(), nil)
 	require.NoError(t, err)
@@ -110,29 +91,11 @@ func TestNewRuntimeUsesRESTUserDirectoryWhenConfigured(t *testing.T) {
 		runErrCh <- runtime.App.Run(runCtx)
 	}()

-	require.Eventually(t, func() bool {
-		response, err := http.Post(
-			"http://"+cfg.InternalHTTP.Addr+"/api/v1/internal/users/user-1/sessions/revoke-all",
-			"application/json",
-			bytes.NewBufferString(`{"reason_code":"logout_all","actor":{"type":"system"}}`),
-		)
-		if err != nil {
-			return false
-		}
-		defer response.Body.Close()
-
-		payload, err := io.ReadAll(response.Body)
-		if err != nil {
-			return false
-		}
-
-		return response.StatusCode == http.StatusOK &&
-			bytes.Contains(payload, []byte(`"outcome":"no_active_sessions"`)) &&
-			bytes.Contains(payload, []byte(`"user_id":"user-1"`))
-	}, 5*time.Second, 25*time.Millisecond)
+	client := newTestHTTPClient(t)
+	waitForInternalRevokeAllReady(t, client, cfg.InternalHTTP.Addr, "user-1")

 	cancel()
-	require.NoError(t, <-runErrCh)
+	waitForAppRunResult(t, runErrCh, cfg.ShutdownTimeout+2*time.Second)
 }

 func TestNewRuntimeUsesRESTMailSenderWhenConfigured(t *testing.T) {
@@ -159,6 +122,7 @@ func TestNewRuntimeUsesRESTMailSenderWhenConfigured(t *testing.T) {
 	cfg.MailService.Mode = "rest"
 	cfg.MailService.BaseURL = mailService.URL
 	cfg.MailService.RequestTimeout = 250 * time.Millisecond
+	cfg.ShutdownTimeout = 10 * time.Second

 	runtime, err := NewRuntime(context.Background(), cfg, zap.NewNop(), nil)
 	require.NoError(t, err)
@@ -174,29 +138,26 @@ func TestNewRuntimeUsesRESTMailSenderWhenConfigured(t *testing.T) {
 		runErrCh <- runtime.App.Run(runCtx)
 	}()

+	client := newTestHTTPClient(t)
+	waitForPublicSendEmailCodeReady(t, client, cfg.PublicHTTP.Addr)
 	require.Eventually(t, func() bool {
-		response, err := http.Post(
-			"http://"+cfg.PublicHTTP.Addr+"/api/v1/public/auth/send-email-code",
-			"application/json",
-			bytes.NewBufferString(`{"email":"pilot@example.com"}`),
-		)
-		if err != nil {
-			return false
-		}
-		defer response.Body.Close()
-
-		payload, err := io.ReadAll(response.Body)
-		if err != nil {
-			return false
-		}
-
-		return response.StatusCode == http.StatusOK &&
-			bytes.Contains(payload, []byte(`"challenge_id":"`)) &&
-			calls.Load() == 1
-	}, 5*time.Second, 25*time.Millisecond)
+		return calls.Load() == 1
+	}, 5*time.Second, 25*time.Millisecond, "REST mail sender was not invoked")

 	cancel()
-	require.NoError(t, <-runErrCh)
+	waitForAppRunResult(t, runErrCh, cfg.ShutdownTimeout+2*time.Second)
+}
+
+func TestNewRuntimeFailsFastWhenRedisPingChecksFail(t *testing.T) {
+	t.Parallel()
+
+	cfg := config.DefaultConfig()
+	cfg.Redis.Addr = mustFreeAddr(t)
+
+	runtime, err := NewRuntime(context.Background(), cfg, zap.NewNop(), nil)
+	require.Nil(t, runtime)
+	require.Error(t, err)
+	assert.ErrorContains(t, err, "new authsession runtime: ping")
 }

 func mustFreeAddr(t *testing.T) string {
@@ -210,3 +171,95 @@ func mustFreeAddr(t *testing.T) string {

 	return listener.Addr().String()
 }
+
+func newTestHTTPClient(t *testing.T) *http.Client {
+	t.Helper()
+
+	transport := &http.Transport{
+		DisableKeepAlives: true,
+	}
+	t.Cleanup(transport.CloseIdleConnections)
+
+	return &http.Client{
+		Timeout:   250 * time.Millisecond,
+		Transport: transport,
+	}
+}
+
+func waitForPublicSendEmailCodeReady(t *testing.T, client *http.Client, addr string) {
+	t.Helper()
+
+	require.Eventually(t, func() bool {
+		response, err := client.Post(
+			"http://"+addr+"/api/v1/public/auth/send-email-code",
+			"application/json",
+			bytes.NewBufferString(`{"email":"pilot@example.com"}`),
+		)
+		if err != nil {
+			return false
+		}
+		defer response.Body.Close()
+		_, _ = io.ReadAll(response.Body)
+
+		return response.StatusCode == http.StatusOK
+	}, 5*time.Second, 25*time.Millisecond, "public authsession listener did not become reachable")
+}
+
+func waitForInternalGetMissingReady(t *testing.T, client *http.Client, addr string) {
+	t.Helper()
+
+	require.Eventually(t, func() bool {
+		response, err := client.Get("http://" + addr + "/api/v1/internal/sessions/missing")
+		if err != nil {
+			return false
+		}
+		defer response.Body.Close()
+		_, _ = io.ReadAll(response.Body)
+
+		return response.StatusCode == http.StatusNotFound
+	}, 5*time.Second, 25*time.Millisecond, "internal authsession listener did not become reachable")
+}
+
+func waitForInternalRevokeAllReady(t *testing.T, client *http.Client, addr string, userID string) {
+	t.Helper()
+
+	require.Eventually(t, func() bool {
+		response, err := client.Post(
+			"http://"+addr+"/api/v1/internal/users/"+userID+"/sessions/revoke-all",
+			"application/json",
+			bytes.NewBufferString(`{"reason_code":"logout_all","actor":{"type":"system"}}`),
+		)
+		if err != nil {
+			return false
+		}
+		defer response.Body.Close()
+
+		payload, err := io.ReadAll(response.Body)
+		if err != nil {
+			return false
+		}
+
+		return response.StatusCode == http.StatusOK &&
+			bytes.Contains(payload, []byte(`"outcome":"no_active_sessions"`)) &&
+			bytes.Contains(payload, []byte(`"user_id":"`+userID+`"`))
+	}, 5*time.Second, 25*time.Millisecond, "internal revoke-all route did not become reachable")
+}
+
+func waitForAppRunResult(t *testing.T, runErrCh <-chan error, waitTimeout time.Duration) {
+	t.Helper()
+
+	require.Positive(t, waitTimeout, "wait timeout must be positive")
+
+	var err error
+	require.Eventually(t, func() bool {
+		select {
+		case err = <-runErrCh:
+			return true
+		default:
+			return false
+		}
+	}, waitTimeout, 10*time.Millisecond, "authsession app did not stop")
+
+	require.True(t, err == nil || errors.Is(err, context.Canceled), "unexpected app run error: %v", err)
+	require.NoError(t, err)
+}