kevin/baron-sso
1
0
Fork 0
forked from baron/baron-sso
Code Pull Requests Activity
Files
5d66e983cd3efdfdee624f07bfc4ca8f71652009
baron-sso/backend/internal/service/relying_party_service_test.go
kyy 5294066de6 golangci lint 적용
2026-02-06 16:28:00 +09:00

278 lines
7.7 KiB
Go
Raw Blame History

/*
이 테스트 파일은 RelyingPartyService의 기능을 검증하기 위한 유닛 테스트입니다.
RelyingPartyService는 HydraAdminService, KetoService와 협력하므로
각 의존성을 모킹(Mocking)하여 통합 로직을 검증합니다.
주요 테스트 항목:
1. Create: Hydra 클라이언트 생성 -> Keto 권한 설정
2. Get: Hydra에서 정보 조회
3. Update: Hydra 업데이트
4. Delete: Hydra 삭제 + Keto 권한 정리
*/
package service
import (
"baron-sso-backend/internal/domain"
"context"
"encoding/json"
"errors"
"net/http"
"net/http/httptest"
"strings"
"testing"
"github.com/stretchr/testify/mock"
)
// --- Mocks ---
type MockKetoService struct {
mock.Mock
}
func (m *MockKetoService) CheckPermission(ctx context.Context, subject, namespace, object, relation string) (bool, error) {
args := m.Called(ctx, subject, namespace, object, relation)
return args.Bool(0), args.Error(1)
}
func (m *MockKetoService) CreateRelation(ctx context.Context, namespace, object, relation, subject string) error {
args := m.Called(ctx, namespace, object, relation, subject)
return args.Error(0)
}
func (m *MockKetoService) DeleteRelation(ctx context.Context, namespace, object, relation, subject string) error {
args := m.Called(ctx, namespace, object, relation, subject)
return args.Error(0)
}
func (m *MockKetoService) ListRelations(ctx context.Context, namespace, object, relation, subject string) ([]RelationTuple, error) {
args := m.Called(ctx, namespace, object, relation, subject)
if args.Get(0) == nil {
return nil, args.Error(1)
}
return args.Get(0).([]RelationTuple), args.Error(1)
}
// --- Test Helpers ---
type hydraRoundTripperFunc func(*http.Request) (*http.Response, error)
func (f hydraRoundTripperFunc) RoundTrip(req *http.Request) (*http.Response, error) {
return f(req)
}
func mockHydraClient(handler http.Handler) *http.Client {
return &http.Client{
Transport: hydraRoundTripperFunc(func(req *http.Request) (*http.Response, error) {
rec := httptest.NewRecorder()
handler.ServeHTTP(rec, req)
return rec.Result(), nil
}),
}
}
// --- Tests ---
func TestRelyingPartyService_Create_Success(t *testing.T) {
mockKeto := new(MockKetoService)
tenantID := "tenant-1"
inputClient := domain.HydraClient{
ClientName: "Test App",
}
// Hydra Mock
hydraHandler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
if r.Method == http.MethodPost && strings.Contains(r.URL.Path, "/clients") {
var req domain.HydraClient
_ = json.NewDecoder(r.Body).Decode(&req)
// 메타데이터 tenant_id 주입 확인
if req.Metadata["tenant_id"] != tenantID {
t.Errorf("expected tenant_id in metadata")
}
req.ClientID = "generated-client-id"
w.WriteHeader(http.StatusCreated)
_ = json.NewEncoder(w).Encode(req)
return
}
http.NotFound(w, r)
})
hydraSvc := &HydraAdminService{
AdminURL: "http://hydra:4445",
HTTPClient: mockHydraClient(hydraHandler),
}
mockKeto.On("CreateRelation", mock.Anything, "RelyingParty", "generated-client-id", "parent_tenant", "Tenant:"+tenantID).Return(nil)
svc := NewRelyingPartyService(hydraSvc, mockKeto)
rp, err := svc.Create(context.Background(), tenantID, inputClient)
if err != nil {
t.Fatalf("Create failed: %v", err)
}
if rp.ClientID != "generated-client-id" {
t.Errorf("expected client id generated-client-id, got %s", rp.ClientID)
}
if rp.TenantID != tenantID {
t.Errorf("expected tenant id %s, got %s", tenantID, rp.TenantID)
}
mockKeto.AssertExpectations(t)
}
func TestRelyingPartyService_Create_HydraFail(t *testing.T) {
mockKeto := new(MockKetoService)
hydraHandler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
w.WriteHeader(http.StatusInternalServerError)
})
hydraSvc := &HydraAdminService{
AdminURL: "http://hydra:4445",
HTTPClient: mockHydraClient(hydraHandler),
}
svc := NewRelyingPartyService(hydraSvc, mockKeto)
_, err := svc.Create(context.Background(), "tenant-1", domain.HydraClient{})
if err == nil {
t.Error("expected error from hydra")
}
}
func TestRelyingPartyService_Create_KetoFail_Rollback(t *testing.T) {
mockKeto := new(MockKetoService)
clientID := "rollback-client-id"
deleteCalled := false
hydraHandler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
if r.Method == http.MethodPost {
_ = json.NewEncoder(w).Encode(domain.HydraClient{ClientID: clientID})
return
}
if r.Method == http.MethodDelete && strings.Contains(r.URL.Path, clientID) {
deleteCalled = true
w.WriteHeader(http.StatusNoContent)
return
}
http.NotFound(w, r)
})
hydraSvc := &HydraAdminService{
AdminURL: "http://hydra:4445",
HTTPClient: mockHydraClient(hydraHandler),
}
mockKeto.On("CreateRelation", mock.Anything, "RelyingParty", clientID, "parent_tenant", "Tenant:tenant-1").Return(errors.New("keto error"))
svc := NewRelyingPartyService(hydraSvc, mockKeto)
_, err := svc.Create(context.Background(), "tenant-1", domain.HydraClient{})
if err == nil {
t.Error("expected error from keto")
}
if !deleteCalled {
t.Error("expected hydra client cleanup on keto failure")
}
mockKeto.AssertExpectations(t)
}
func TestRelyingPartyService_Get_Success(t *testing.T) {
mockKeto := new(MockKetoService)
clientID := "client-123"
hydraHandler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
_ = json.NewEncoder(w).Encode(domain.HydraClient{
ClientID: clientID,
ClientName: "Hydra Name",
Metadata: map[string]interface{}{
"tenant_id": "tenant-1",
},
})
})
hydraSvc := &HydraAdminService{
AdminURL: "http://hydra:4445",
HTTPClient: mockHydraClient(hydraHandler),
}
svc := NewRelyingPartyService(hydraSvc, mockKeto)
rp, hc, err := svc.Get(context.Background(), clientID)
if err != nil {
t.Fatalf("Get failed: %v", err)
}
if rp.Name != "Hydra Name" {
t.Errorf("expected Hydra Name, got %s", rp.Name)
}
if hc.ClientName != "Hydra Name" {
t.Errorf("expected Hydra Name, got %s", hc.ClientName)
}
}
func TestRelyingPartyService_Update_Success(t *testing.T) {
mockKeto := new(MockKetoService)
clientID := "client-123"
hydraHandler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
if r.Method == http.MethodPut {
var req domain.HydraClient
_ = json.NewDecoder(r.Body).Decode(&req)
_ = json.NewEncoder(w).Encode(req)
return
}
})
hydraSvc := &HydraAdminService{
AdminURL: "http://hydra:4445",
HTTPClient: mockHydraClient(hydraHandler),
}
svc := NewRelyingPartyService(hydraSvc, mockKeto)
updateReq := domain.HydraClient{ClientName: "New Name"}
rp, err := svc.Update(context.Background(), clientID, updateReq)
if err != nil {
t.Fatalf("Update failed: %v", err)
}
if rp.Name != "New Name" {
t.Errorf("expected New Name, got %s", rp.Name)
}
}
func TestRelyingPartyService_Delete_Success(t *testing.T) {
mockKeto := new(MockKetoService)
clientID := "client-123"
tenantID := "tenant-1"
hydraHandler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
if r.Method == http.MethodGet && strings.Contains(r.URL.Path, clientID) {
_ = json.NewEncoder(w).Encode(domain.HydraClient{
ClientID: clientID,
Metadata: map[string]interface{}{
"tenant_id": tenantID,
},
})
return
}
if r.Method == http.MethodDelete && strings.Contains(r.URL.Path, clientID) {
w.WriteHeader(http.StatusNoContent)
return
}
http.NotFound(w, r)
})
hydraSvc := &HydraAdminService{
AdminURL: "http://hydra:4445",
HTTPClient: mockHydraClient(hydraHandler),
}
mockKeto.On("DeleteRelation", mock.Anything, "RelyingParty", clientID, "parent_tenant", "Tenant:"+tenantID).Return(nil)
svc := NewRelyingPartyService(hydraSvc, mockKeto)
err := svc.Delete(context.Background(), clientID)
if err != nil {
t.Fatalf("Delete failed: %v", err)
}
mockKeto.AssertExpectations(t)
}
View Git Blame Copy Permalink