developer/galaxy-game
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

feat: runtime manager

Browse Source
This commit is contained in:
Ilia Denisov
2026-04-28 20:39:18 +02:00
committed by GitHub
parent e0a99b346b
commit a7cee15115
289 changed files with 45660 additions and 2207 deletions
Download Patch File Download Diff File Expand all files Collapse all files
integration/lobbyauthsession/lobby_authsession_test.go
+508
View File
@@ -0,0 +1,508 @@
// Package lobbyauthsession_test exercises the authenticated context
// propagation between Auth/Session Service and Game Lobby. The
// architecture wires the two services through Gateway: AuthSession
// owns the device-session lifecycle, Gateway projects sessions into
// its cache and signs request envelopes, and Lobby reads the
// resolved `X-User-Id` from the gateway-authenticated downstream
// hop.
//
// The boundary contract under test is: revoking a device session
// through AuthSession's internal API removes the session projection
// from the gateway cache, after which Gateway refuses to route any
// subsequent `lobby.*` command for that session. The suite asserts
// the boundary on the public surfaces: AuthSession internal REST,
// Gateway authenticated gRPC, and Lobby state via direct REST
// observation.
//
// Coverage maps onto `TESTING.md §6` `Lobby ↔ Auth/Session`:
// "authenticated context correctly propagated from gateway".
package lobbyauthsession_test
import (
"bytes"
"context"
"crypto/ed25519"
"crypto/sha256"
"encoding/base64"
"encoding/json"
"errors"
"io"
"net/http"
"path/filepath"
"testing"
"time"
gatewayv1 "galaxy/gateway/proto/galaxy/gateway/v1"
contractsgatewayv1 "galaxy/integration/internal/contracts/gatewayv1"
"galaxy/integration/internal/harness"
lobbymodel "galaxy/model/lobby"
"galaxy/transcoder"
"github.com/redis/go-redis/v9"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
"google.golang.org/grpc"
"google.golang.org/grpc/codes"
"google.golang.org/grpc/credentials/insecure"
"google.golang.org/grpc/status"
)
// TestSessionRevocationStopsGatewayFromRoutingLobbyCommands proves
// that AuthSession owns the authenticated context: a successful
// `lobby.my.games.list` command before the revoke must succeed, and
// the same command after the revoke must fail at Gateway with
// Unauthenticated, never reaching Lobby.
func TestSessionRevocationStopsGatewayFromRoutingLobbyCommands(t *testing.T) {
h := newHarness(t)
clientKey := newClientPrivateKey("g4-revoke")
deviceSessionID, _ := h.authenticate(t, "revoke@example.com", clientKey)
conn := h.dialGateway(t)
client := gatewayv1.NewEdgeGatewayClient(conn)
// Pre-revoke: lobby.my.games.list must succeed.
requestBytes, err := transcoder.MyGamesListRequestToPayload(&lobbymodel.MyGamesListRequest{})
require.NoError(t, err)
preResponse, err := client.ExecuteCommand(context.Background(),
newExecuteCommandRequest(deviceSessionID, "req-pre-revoke", lobbymodel.MessageTypeMyGamesList, requestBytes, clientKey),
)
require.NoError(t, err)
assert.Equal(t, "ok", preResponse.GetResultCode())
// Revoke through AuthSession internal API.
h.revokeSession(t, deviceSessionID)
// Wait for the gateway projection to drop / flip to revoked.
h.waitForSessionGone(t, deviceSessionID, 5*time.Second)
// Post-revoke: same command must be rejected at Gateway.
postResponse, err := client.ExecuteCommand(context.Background(),
newExecuteCommandRequest(deviceSessionID, "req-post-revoke", lobbymodel.MessageTypeMyGamesList, requestBytes, clientKey),
)
require.Error(t, err, "post-revoke command must fail at Gateway")
require.Nil(t, postResponse)
statusCode := status.Code(err)
require.Truef(t,
statusCode == codes.Unauthenticated ||
statusCode == codes.PermissionDenied ||
statusCode == codes.FailedPrecondition,
"post-revoke must fail with Unauthenticated/PermissionDenied/FailedPrecondition, got %s: %v",
statusCode, err,
)
}
// --- harness ---
type lobbyAuthsessionHarness struct {
redis *redis.Client
mailStub *harness.MailStub
authsessionPublicURL string
authsessionInternalURL string
gatewayPublicURL string
gatewayGRPCAddr string
userServiceURL string
lobbyPublicURL string
processes []*harness.Process
}
func newHarness(t *testing.T) *lobbyAuthsessionHarness {
t.Helper()
redisRuntime := harness.StartRedisContainer(t)
redisClient := redis.NewClient(&redis.Options{
Addr: redisRuntime.Addr,
Protocol: 2,
DisableIdentity: true,
})
t.Cleanup(func() { require.NoError(t, redisClient.Close()) })
mailStub := harness.NewMailStub(t)
responseSignerPath, _ := harness.WriteResponseSignerPEM(t, t.Name())
userServiceAddr := harness.FreeTCPAddress(t)
authsessionPublicAddr := harness.FreeTCPAddress(t)
authsessionInternalAddr := harness.FreeTCPAddress(t)
gatewayPublicAddr := harness.FreeTCPAddress(t)
gatewayGRPCAddr := harness.FreeTCPAddress(t)
lobbyPublicAddr := harness.FreeTCPAddress(t)
lobbyInternalAddr := harness.FreeTCPAddress(t)
userServiceBinary := harness.BuildBinary(t, "userservice", "./user/cmd/userservice")
authsessionBinary := harness.BuildBinary(t, "authsession", "./authsession/cmd/authsession")
gatewayBinary := harness.BuildBinary(t, "gateway", "./gateway/cmd/gateway")
lobbyBinary := harness.BuildBinary(t, "lobby", "./lobby/cmd/lobby")
userServiceEnv := harness.StartUserServicePersistence(t, redisRuntime.Addr).Env
userServiceEnv["USERSERVICE_LOG_LEVEL"] = "info"
userServiceEnv["USERSERVICE_INTERNAL_HTTP_ADDR"] = userServiceAddr
userServiceEnv["OTEL_TRACES_EXPORTER"] = "none"
userServiceEnv["OTEL_METRICS_EXPORTER"] = "none"
userServiceProcess := harness.StartProcess(t, "userservice", userServiceBinary, userServiceEnv)
waitForUserServiceReady(t, userServiceProcess, "http://"+userServiceAddr)
authsessionEnv := map[string]string{
"AUTHSESSION_LOG_LEVEL": "info",
"AUTHSESSION_PUBLIC_HTTP_ADDR": authsessionPublicAddr,
"AUTHSESSION_PUBLIC_HTTP_REQUEST_TIMEOUT": time.Second.String(),
"AUTHSESSION_INTERNAL_HTTP_ADDR": authsessionInternalAddr,
"AUTHSESSION_INTERNAL_HTTP_REQUEST_TIMEOUT": time.Second.String(),
"AUTHSESSION_REDIS_MASTER_ADDR": redisRuntime.Addr,
"AUTHSESSION_REDIS_PASSWORD": "integration",
"AUTHSESSION_USER_SERVICE_MODE": "rest",
"AUTHSESSION_USER_SERVICE_BASE_URL": "http://" + userServiceAddr,
"AUTHSESSION_USER_SERVICE_REQUEST_TIMEOUT": time.Second.String(),
"AUTHSESSION_MAIL_SERVICE_MODE": "rest",
"AUTHSESSION_MAIL_SERVICE_BASE_URL": mailStub.BaseURL(),
"AUTHSESSION_MAIL_SERVICE_REQUEST_TIMEOUT": time.Second.String(),
"AUTHSESSION_REDIS_GATEWAY_SESSION_CACHE_KEY_PREFIX": "gateway:session:",
"AUTHSESSION_REDIS_GATEWAY_SESSION_EVENTS_STREAM": "gateway:session_events",
"OTEL_TRACES_EXPORTER": "none",
"OTEL_METRICS_EXPORTER": "none",
}
authsessionProcess := harness.StartProcess(t, "authsession", authsessionBinary, authsessionEnv)
waitForAuthsessionReady(t, authsessionProcess, "http://"+authsessionPublicAddr)
lobbyEnv := harness.StartLobbyServicePersistence(t, redisRuntime.Addr).Env
lobbyEnv["LOBBY_LOG_LEVEL"] = "info"
lobbyEnv["LOBBY_PUBLIC_HTTP_ADDR"] = lobbyPublicAddr
lobbyEnv["LOBBY_INTERNAL_HTTP_ADDR"] = lobbyInternalAddr
lobbyEnv["LOBBY_USER_SERVICE_BASE_URL"] = "http://" + userServiceAddr
lobbyEnv["LOBBY_GM_BASE_URL"] = mailStub.BaseURL()
lobbyEnv["LOBBY_RUNTIME_JOB_RESULTS_READ_BLOCK_TIMEOUT"] = "200ms"
lobbyEnv["LOBBY_USER_LIFECYCLE_READ_BLOCK_TIMEOUT"] = "200ms"
lobbyEnv["LOBBY_GM_EVENTS_READ_BLOCK_TIMEOUT"] = "200ms"
lobbyEnv["OTEL_TRACES_EXPORTER"] = "none"
lobbyEnv["OTEL_METRICS_EXPORTER"] = "none"
lobbyProcess := harness.StartProcess(t, "lobby", lobbyBinary, lobbyEnv)
harness.WaitForHTTPStatus(t, lobbyProcess, "http://"+lobbyInternalAddr+"/readyz", http.StatusOK)
gatewayEnv := map[string]string{
"GATEWAY_LOG_LEVEL": "info",
"GATEWAY_PUBLIC_HTTP_ADDR": gatewayPublicAddr,
"GATEWAY_AUTHENTICATED_GRPC_ADDR": gatewayGRPCAddr,
"GATEWAY_REDIS_MASTER_ADDR": redisRuntime.Addr,
"GATEWAY_REDIS_PASSWORD": "integration",
"GATEWAY_SESSION_CACHE_REDIS_KEY_PREFIX": "gateway:session:",
"GATEWAY_SESSION_EVENTS_REDIS_STREAM": "gateway:session_events",
"GATEWAY_CLIENT_EVENTS_REDIS_STREAM": "gateway:client_events",
"GATEWAY_REPLAY_REDIS_KEY_PREFIX": "gateway:replay:",
"GATEWAY_RESPONSE_SIGNER_PRIVATE_KEY_PEM_PATH": filepath.Clean(responseSignerPath),
"GATEWAY_AUTH_SERVICE_BASE_URL": "http://" + authsessionPublicAddr,
"GATEWAY_USER_SERVICE_BASE_URL": "http://" + userServiceAddr,
"GATEWAY_LOBBY_SERVICE_BASE_URL": "http://" + lobbyPublicAddr,
"GATEWAY_PUBLIC_AUTH_UPSTREAM_TIMEOUT": (500 * time.Millisecond).String(),
"GATEWAY_PUBLIC_HTTP_ANTI_ABUSE_PUBLIC_AUTH_RATE_LIMIT_REQUESTS": "100",
"GATEWAY_PUBLIC_HTTP_ANTI_ABUSE_PUBLIC_AUTH_RATE_LIMIT_WINDOW": "1s",
"GATEWAY_PUBLIC_HTTP_ANTI_ABUSE_PUBLIC_AUTH_RATE_LIMIT_BURST": "100",
"GATEWAY_PUBLIC_HTTP_ANTI_ABUSE_SEND_EMAIL_CODE_IDENTITY_RATE_LIMIT_REQUESTS": "100",
"GATEWAY_PUBLIC_HTTP_ANTI_ABUSE_SEND_EMAIL_CODE_IDENTITY_RATE_LIMIT_WINDOW": "1s",
"GATEWAY_PUBLIC_HTTP_ANTI_ABUSE_SEND_EMAIL_CODE_IDENTITY_RATE_LIMIT_BURST": "100",
"GATEWAY_PUBLIC_HTTP_ANTI_ABUSE_CONFIRM_EMAIL_CODE_IDENTITY_RATE_LIMIT_REQUESTS": "100",
"GATEWAY_PUBLIC_HTTP_ANTI_ABUSE_CONFIRM_EMAIL_CODE_IDENTITY_RATE_LIMIT_WINDOW": "1s",
"GATEWAY_PUBLIC_HTTP_ANTI_ABUSE_CONFIRM_EMAIL_CODE_IDENTITY_RATE_LIMIT_BURST": "100",
"OTEL_TRACES_EXPORTER": "none",
"OTEL_METRICS_EXPORTER": "none",
}
gatewayProcess := harness.StartProcess(t, "gateway", gatewayBinary, gatewayEnv)
harness.WaitForHTTPStatus(t, gatewayProcess, "http://"+gatewayPublicAddr+"/healthz", http.StatusOK)
harness.WaitForTCP(t, gatewayProcess, gatewayGRPCAddr)
return &lobbyAuthsessionHarness{
redis: redisClient,
mailStub: mailStub,
authsessionPublicURL: "http://" + authsessionPublicAddr,
authsessionInternalURL: "http://" + authsessionInternalAddr,
gatewayPublicURL: "http://" + gatewayPublicAddr,
gatewayGRPCAddr: gatewayGRPCAddr,
userServiceURL: "http://" + userServiceAddr,
lobbyPublicURL: "http://" + lobbyPublicAddr,
processes: []*harness.Process{userServiceProcess, authsessionProcess, lobbyProcess, gatewayProcess},
}
}
// authenticate runs the public-auth flow through the Gateway and
// returns the resulting `device_session_id` plus the resolved user_id.
func (h *lobbyAuthsessionHarness) authenticate(t *testing.T, email string, clientKey ed25519.PrivateKey) (string, string) {
t.Helper()
challengeID := h.sendChallenge(t, email)
code := h.waitForChallengeCode(t, email)
confirm := h.confirmCode(t, challengeID, code, clientKey)
require.Equalf(t, http.StatusOK, confirm.StatusCode, "confirm: %s", confirm.Body)
var confirmBody struct {
DeviceSessionID string `json:"device_session_id"`
}
require.NoError(t, decodeStrictJSONPayload([]byte(confirm.Body), &confirmBody))
require.NotEmpty(t, confirmBody.DeviceSessionID)
user := h.lookupUserByEmail(t, email)
deadline := time.Now().Add(5 * time.Second)
for time.Now().Before(deadline) {
if _, err := h.redis.Get(context.Background(), "gateway:session:"+confirmBody.DeviceSessionID).Bytes(); err == nil {
return confirmBody.DeviceSessionID, user.UserID
}
time.Sleep(25 * time.Millisecond)
}
t.Fatalf("gateway session projection for %s never arrived", confirmBody.DeviceSessionID)
return "", ""
}
func (h *lobbyAuthsessionHarness) sendChallenge(t *testing.T, email string) string {
t.Helper()
resp := postJSON(t, h.gatewayPublicURL+"/api/v1/public/auth/send-email-code", map[string]string{
"email": email,
}, nil)
require.Equalf(t, http.StatusOK, resp.StatusCode, "send-email-code: %s", resp.Body)
var body struct {
ChallengeID string `json:"challenge_id"`
}
require.NoError(t, decodeStrictJSONPayload([]byte(resp.Body), &body))
return body.ChallengeID
}
func (h *lobbyAuthsessionHarness) confirmCode(t *testing.T, challengeID, code string, clientKey ed25519.PrivateKey) httpResponse {
t.Helper()
return postJSON(t, h.gatewayPublicURL+"/api/v1/public/auth/confirm-email-code", map[string]string{
"challenge_id": challengeID,
"code": code,
"client_public_key": base64.StdEncoding.EncodeToString(clientKey.Public().(ed25519.PublicKey)),
"time_zone": "Europe/Kaliningrad",
}, nil)
}
func (h *lobbyAuthsessionHarness) waitForChallengeCode(t *testing.T, email string) string {
t.Helper()
deadline := time.Now().Add(5 * time.Second)
for time.Now().Before(deadline) {
for _, delivery := range h.mailStub.RecordedDeliveries() {
if delivery.Email == email && delivery.Code != "" {
return delivery.Code
}
}
time.Sleep(25 * time.Millisecond)
}
t.Fatalf("auth code for %s never arrived", email)
return ""
}
func (h *lobbyAuthsessionHarness) lookupUserByEmail(t *testing.T, email string) struct {
UserID string `json:"user_id"`
} {
t.Helper()
resp := postJSON(t, h.userServiceURL+"/api/v1/internal/user-lookups/by-email", map[string]string{"email": email}, nil)
require.Equalf(t, http.StatusOK, resp.StatusCode, "user lookup: %s", resp.Body)
var body struct {
User struct {
UserID string `json:"user_id"`
} `json:"user"`
}
require.NoError(t, json.Unmarshal([]byte(resp.Body), &body))
return struct {
UserID string `json:"user_id"`
}{UserID: body.User.UserID}
}
// revokeSession calls AuthSession's internal revoke surface for a
// specific device session. The body shape is defined by
// `authsession/api/internal-openapi.yaml#RevokeDeviceSessionRequest`.
func (h *lobbyAuthsessionHarness) revokeSession(t *testing.T, deviceSessionID string) {
t.Helper()
target := h.authsessionInternalURL + "/api/v1/internal/sessions/" + deviceSessionID + "/revoke"
resp := postJSON(t, target, map[string]any{
"reason_code": "test_revocation",
"actor": map[string]string{
"type": "test",
"id": "lobbyauthsession-suite",
},
}, nil)
require.Truef(t,
resp.StatusCode == http.StatusOK || resp.StatusCode == http.StatusNoContent,
"revoke session %s: status=%d body=%s", deviceSessionID, resp.StatusCode, resp.Body,
)
}
// waitForSessionGone polls the gateway session cache until the
// session record is removed or marked revoked.
func (h *lobbyAuthsessionHarness) waitForSessionGone(t *testing.T, deviceSessionID string, timeout time.Duration) {
t.Helper()
deadline := time.Now().Add(timeout)
for time.Now().Before(deadline) {
payload, err := h.redis.Get(context.Background(), "gateway:session:"+deviceSessionID).Bytes()
if err == redis.Nil {
return
}
if err == nil {
var record struct {
Status string `json:"status"`
}
if json.Unmarshal(payload, &record) == nil && record.Status != "active" {
return
}
}
time.Sleep(25 * time.Millisecond)
}
t.Fatalf("session %s still active in gateway cache after %s", deviceSessionID, timeout)
}
func (h *lobbyAuthsessionHarness) dialGateway(t *testing.T) *grpc.ClientConn {
t.Helper()
ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
defer cancel()
conn, err := grpc.DialContext(ctx, h.gatewayGRPCAddr,
grpc.WithTransportCredentials(insecure.NewCredentials()),
grpc.WithBlock(),
)
require.NoError(t, err)
t.Cleanup(func() { require.NoError(t, conn.Close()) })
return conn
}
// --- shared helpers ---
func newExecuteCommandRequest(deviceSessionID, requestID, messageType string, payload []byte, clientKey ed25519.PrivateKey) *gatewayv1.ExecuteCommandRequest {
payloadHash := contractsgatewayv1.ComputePayloadHash(payload)
request := &gatewayv1.ExecuteCommandRequest{
ProtocolVersion: contractsgatewayv1.ProtocolVersionV1,
DeviceSessionId: deviceSessionID,
MessageType: messageType,
TimestampMs: time.Now().UnixMilli(),
RequestId: requestID,
PayloadBytes: payload,
PayloadHash: payloadHash,
TraceId: "trace-" + requestID,
}
request.Signature = contractsgatewayv1.SignRequest(clientKey, contractsgatewayv1.RequestSigningFields{
ProtocolVersion: request.GetProtocolVersion(),
DeviceSessionID: request.GetDeviceSessionId(),
MessageType: request.GetMessageType(),
TimestampMS: request.GetTimestampMs(),
RequestID: request.GetRequestId(),
PayloadHash: request.GetPayloadHash(),
})
return request
}
type httpResponse struct {
StatusCode int
Body string
Header http.Header
}
func postJSON(t *testing.T, url string, body any, header http.Header) httpResponse {
t.Helper()
var reader io.Reader
if body != nil {
payload, err := json.Marshal(body)
require.NoError(t, err)
reader = bytes.NewReader(payload)
}
req, err := http.NewRequest(http.MethodPost, url, reader)
require.NoError(t, err)
if body != nil {
req.Header.Set("Content-Type", "application/json")
}
for k, vs := range header {
for _, v := range vs {
req.Header.Add(k, v)
}
}
return doRequest(t, req)
}
func doRequest(t *testing.T, request *http.Request) httpResponse {
t.Helper()
client := &http.Client{
Timeout: 5 * time.Second,
Transport: &http.Transport{DisableKeepAlives: true},
}
t.Cleanup(client.CloseIdleConnections)
response, err := client.Do(request)
require.NoError(t, err)
defer response.Body.Close()
payload, err := io.ReadAll(response.Body)
require.NoError(t, err)
return httpResponse{
StatusCode: response.StatusCode,
Body: string(payload),
Header: response.Header.Clone(),
}
}
func decodeStrictJSONPayload(payload []byte, target any) error {
decoder := json.NewDecoder(bytes.NewReader(payload))
decoder.DisallowUnknownFields()
if err := decoder.Decode(target); err != nil {
return err
}
if err := decoder.Decode(&struct{}{}); err != io.EOF {
if err == nil {
return errors.New("unexpected trailing JSON input")
}
return err
}
return nil
}
func waitForUserServiceReady(t *testing.T, process *harness.Process, baseURL string) {
t.Helper()
client := &http.Client{Timeout: 250 * time.Millisecond}
t.Cleanup(client.CloseIdleConnections)
deadline := time.Now().Add(10 * time.Second)
for time.Now().Before(deadline) {
req, err := http.NewRequest(http.MethodGet, baseURL+"/api/v1/internal/users/user-readiness-probe/exists", nil)
require.NoError(t, err)
response, err := client.Do(req)
if err == nil {
_, _ = io.Copy(io.Discard, response.Body)
response.Body.Close()
if response.StatusCode == http.StatusOK {
return
}
}
time.Sleep(25 * time.Millisecond)
}
t.Fatalf("wait for userservice readiness: timeout\n%s", process.Logs())
}
func waitForAuthsessionReady(t *testing.T, process *harness.Process, baseURL string) {
t.Helper()
// AuthSession's public listener has no /healthz; posting an empty
// email send-email-code request is the cheapest readiness probe.
client := &http.Client{Timeout: 250 * time.Millisecond}
t.Cleanup(client.CloseIdleConnections)
deadline := time.Now().Add(10 * time.Second)
for time.Now().Before(deadline) {
body := bytes.NewReader([]byte(`{"email":""}`))
req, err := http.NewRequest(http.MethodPost, baseURL+"/api/v1/public/auth/send-email-code", body)
require.NoError(t, err)
req.Header.Set("Content-Type", "application/json")
response, err := client.Do(req)
if err == nil {
_, _ = io.Copy(io.Discard, response.Body)
response.Body.Close()
if response.StatusCode == http.StatusBadRequest {
return
}
}
time.Sleep(25 * time.Millisecond)
}
t.Fatalf("wait for authsession readiness: timeout\n%s", process.Logs())
}
func newClientPrivateKey(label string) ed25519.PrivateKey {
seed := sha256.Sum256([]byte("galaxy-integration-lobby-authsession-client-" + label))
return ed25519.NewKeyFromSeed(seed[:])
}