HydraAdminService와 RelyingParty 간의 통합 및 롤백 로직 검증

2026-02-05 13:29:40 +09:00
parent 7c3295fdc7
commit f362e21774
1 changed files with 295 additions and 0 deletions
--- a/backend/internal/service/relying_party_service_test.go
+++ b/backend/internal/service/relying_party_service_test.go
@@ -0,0 +1,295 @@
+/*
+이 테스트 파일은 RelyingPartyService의 기능을 검증하기 위한 유닛 테스트입니다.
+RelyingPartyService는 HydraAdminService, KetoService, RelyingPartyRepository와 협력하므로
+각 의존성을 모킹(Mocking)하여 통합 로직을 검증합니다.
+
+주요 테스트 항목:
+1. Create: Hydra 클라이언트 생성 -> DB 저장 -> Keto 권한 설정 (성공 및 롤백 시나리오)
+2. Get: DB 및 Hydra에서 정보 조회
+3. Update: Hydra 및 DB 업데이트
+4. Delete: DB 및 Hydra 삭제
+*/
+
+package service
+
+import (
+	"baron-sso-backend/internal/domain"
+	"context"
+	"encoding/json"
+	"errors"
+	"net/http"
+	"strings"
+	"testing"
+
+	"github.com/stretchr/testify/mock"
+)
+
+// --- Mocks ---
+
+type MockRelyingPartyRepository struct {
+	mock.Mock
+}
+
+func (m *MockRelyingPartyRepository) Create(ctx context.Context, rp *domain.RelyingParty) error {
+	args := m.Called(ctx, rp)
+	return args.Error(0)
+}
+
+func (m *MockRelyingPartyRepository) Update(ctx context.Context, rp *domain.RelyingParty) error {
+	args := m.Called(ctx, rp)
+	return args.Error(0)
+}
+
+func (m *MockRelyingPartyRepository) Delete(ctx context.Context, clientID string) error {
+	args := m.Called(ctx, clientID)
+	return args.Error(0)
+}
+
+func (m *MockRelyingPartyRepository) FindByID(ctx context.Context, clientID string) (*domain.RelyingParty, error) {
+	args := m.Called(ctx, clientID)
+	if rp, ok := args.Get(0).(*domain.RelyingParty); ok {
+		return rp, args.Error(1)
+	}
+	return nil, args.Error(1)
+}
+
+func (m *MockRelyingPartyRepository) ListByTenantID(ctx context.Context, tenantID string) ([]domain.RelyingParty, error) {
+	args := m.Called(ctx, tenantID)
+	return args.Get(0).([]domain.RelyingParty), args.Error(1)
+}
+
+func (m *MockRelyingPartyRepository) ListAll(ctx context.Context) ([]domain.RelyingParty, error) {
+	args := m.Called(ctx)
+	return args.Get(0).([]domain.RelyingParty), args.Error(1)
+}
+
+type MockKetoService struct {
+	mock.Mock
+}
+
+func (m *MockKetoService) CheckPermission(ctx context.Context, subject, namespace, object, relation string) (bool, error) {
+	args := m.Called(ctx, subject, namespace, object, relation)
+	return args.Bool(0), args.Error(1)
+}
+
+func (m *MockKetoService) CreateRelation(ctx context.Context, namespace, object, relation, subject string) error {
+	args := m.Called(ctx, namespace, object, relation, subject)
+	return args.Error(0)
+}
+
+func (m *MockKetoService) DeleteRelation(ctx context.Context, namespace, object, relation, subject string) error {
+	args := m.Called(ctx, namespace, object, relation, subject)
+	return args.Error(0)
+}
+
+// --- Tests ---
+
+func TestRelyingPartyService_Create_Success(t *testing.T) {
+	// Setup
+	mockRepo := new(MockRelyingPartyRepository)
+	mockKeto := new(MockKetoService)
+
+	tenantID := "tenant-1"
+	inputClient := domain.HydraClient{
+		ClientName: "Test App",
+	}
+
+	// Hydra Mock
+	hydraHandler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		if r.Method == http.MethodPost && strings.Contains(r.URL.Path, "/clients") {
+			var req domain.HydraClient
+			json.NewDecoder(r.Body).Decode(&req)
+			
+			// Verify metadata injection
+			if req.Metadata["tenant_id"] != tenantID {
+				t.Errorf("expected tenant_id in metadata")
+			}
+
+			req.ClientID = "generated-client-id"
+			w.WriteHeader(http.StatusCreated)
+			json.NewEncoder(w).Encode(req)
+			return
+		}
+		http.NotFound(w, r)
+	})
+	hydraSvc := &HydraAdminService{
+		AdminURL:   "http://hydra:4445",
+		HTTPClient: mockHydraClient(hydraHandler),
+	}
+
+	// Expectations
+	mockRepo.On("Create", mock.Anything, mock.MatchedBy(func(rp *domain.RelyingParty) bool {
+		return rp.ClientID == "generated-client-id" && rp.TenantID == tenantID
+	})).Return(nil)
+
+	mockKeto.On("CreateRelation", mock.Anything, "RelyingParty", "generated-client-id", "parent_tenant", "Tenant:"+tenantID).Return(nil)
+
+	// Execute
+	svc := NewRelyingPartyService(mockRepo, hydraSvc, mockKeto)
+	rp, err := svc.Create(context.Background(), tenantID, inputClient)
+
+	// Verify
+	if err != nil {
+		t.Fatalf("Create failed: %v", err)
+	}
+	if rp.ClientID != "generated-client-id" {
+		t.Errorf("expected client id generated-client-id, got %s", rp.ClientID)
+	}
+
+	mockRepo.AssertExpectations(t)
+	mockKeto.AssertExpectations(t)
+}
+
+func TestRelyingPartyService_Create_HydraFail(t *testing.T) {
+	mockRepo := new(MockRelyingPartyRepository)
+	mockKeto := new(MockKetoService)
+
+	hydraHandler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		w.WriteHeader(http.StatusInternalServerError)
+	})
+	hydraSvc := &HydraAdminService{
+		AdminURL:   "http://hydra:4445",
+		HTTPClient: mockHydraClient(hydraHandler),
+	}
+
+	svc := NewRelyingPartyService(mockRepo, hydraSvc, mockKeto)
+	_, err := svc.Create(context.Background(), "tenant-1", domain.HydraClient{})
+
+	if err == nil {
+		t.Error("expected error from hydra")
+	}
+}
+
+func TestRelyingPartyService_Create_DBFail_Rollback(t *testing.T) {
+	mockRepo := new(MockRelyingPartyRepository)
+	mockKeto := new(MockKetoService)
+
+	clientID := "rollback-client-id"
+
+	// Hydra Mock: Create Succeeds, Delete Called
+	hydraHandler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		if r.Method == http.MethodPost {
+			json.NewEncoder(w).Encode(domain.HydraClient{ClientID: clientID})
+			return
+		}
+		if r.Method == http.MethodDelete && strings.Contains(r.URL.Path, clientID) {
+			w.WriteHeader(http.StatusNoContent)
+			return
+		}
+		http.NotFound(w, r)
+	})
+	hydraSvc := &HydraAdminService{
+		AdminURL:   "http://hydra:4445",
+		HTTPClient: mockHydraClient(hydraHandler),
+	}
+
+	// DB Fails
+	mockRepo.On("Create", mock.Anything, mock.Anything).Return(errors.New("db error"))
+
+	svc := NewRelyingPartyService(mockRepo, hydraSvc, mockKeto)
+	_, err := svc.Create(context.Background(), "tenant-1", domain.HydraClient{})
+
+	if err == nil {
+		t.Error("expected error from db")
+	}
+
+	mockRepo.AssertExpectations(t)
+	// Keto should NOT be called
+	mockKeto.AssertNotCalled(t, "CreateRelation")
+}
+
+func TestRelyingPartyService_Get_Success(t *testing.T) {
+	mockRepo := new(MockRelyingPartyRepository)
+	mockKeto := new(MockKetoService)
+	clientID := "client-123"
+
+	mockRepo.On("FindByID", mock.Anything, clientID).Return(&domain.RelyingParty{ClientID: clientID, Name: "DB Name"}, nil)
+
+	hydraHandler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		json.NewEncoder(w).Encode(domain.HydraClient{ClientID: clientID, ClientName: "Hydra Name"})
+	})
+	hydraSvc := &HydraAdminService{
+		AdminURL:   "http://hydra:4445",
+		HTTPClient: mockHydraClient(hydraHandler),
+	}
+
+	svc := NewRelyingPartyService(mockRepo, hydraSvc, mockKeto)
+	rp, hc, err := svc.Get(context.Background(), clientID)
+
+	if err != nil {
+		t.Fatalf("Get failed: %v", err)
+	}
+	if rp.Name != "DB Name" {
+		t.Errorf("expected DB Name, got %s", rp.Name)
+	}
+	if hc.ClientName != "Hydra Name" {
+		t.Errorf("expected Hydra Name, got %s", hc.ClientName)
+	}
+}
+
+func TestRelyingPartyService_Update_Success(t *testing.T) {
+	mockRepo := new(MockRelyingPartyRepository)
+	mockKeto := new(MockKetoService)
+	clientID := "client-123"
+
+	// Hydra Update
+	hydraHandler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		if r.Method == http.MethodPut {
+			var req domain.HydraClient
+			json.NewDecoder(r.Body).Decode(&req)
+			json.NewEncoder(w).Encode(req)
+			return
+		}
+	})
+	hydraSvc := &HydraAdminService{
+		AdminURL:   "http://hydra:4445",
+		HTTPClient: mockHydraClient(hydraHandler),
+	}
+
+	// DB Update
+	mockRepo.On("FindByID", mock.Anything, clientID).Return(&domain.RelyingParty{ClientID: clientID, Name: "Old Name"}, nil)
+	mockRepo.On("Update", mock.Anything, mock.MatchedBy(func(rp *domain.RelyingParty) bool {
+		return rp.Name == "New Name"
+	})).Return(nil)
+
+	svc := NewRelyingPartyService(mockRepo, hydraSvc, mockKeto)
+	
+	updateReq := domain.HydraClient{ClientName: "New Name"}
+	rp, err := svc.Update(context.Background(), clientID, updateReq)
+
+	if err != nil {
+		t.Fatalf("Update failed: %v", err)
+	}
+	if rp.Name != "New Name" {
+		t.Errorf("expected New Name, got %s", rp.Name)
+	}
+
+	mockRepo.AssertExpectations(t)
+}
+
+func TestRelyingPartyService_Delete_Success(t *testing.T) {
+	mockRepo := new(MockRelyingPartyRepository)
+	mockKeto := new(MockKetoService)
+	clientID := "client-123"
+
+	mockRepo.On("Delete", mock.Anything, clientID).Return(nil)
+
+	hydraHandler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		if r.Method == http.MethodDelete {
+			w.WriteHeader(http.StatusNoContent)
+		}
+	})
+	hydraSvc := &HydraAdminService{
+		AdminURL:   "http://hydra:4445",
+		HTTPClient: mockHydraClient(hydraHandler),
+	}
+
+	svc := NewRelyingPartyService(mockRepo, hydraSvc, mockKeto)
+	err := svc.Delete(context.Background(), clientID)
+
+	if err != nil {
+		t.Fatalf("Delete failed: %v", err)
+	}
+
+	mockRepo.AssertExpectations(t)
+}