fix(notification-service): resolve NotificationService-010,011,012 — disconnect SMTP on failure, relocate exception type, OAuth2/token-cache test coverage
This commit is contained in:
Joseph Doherty
@@ -1,3 +1,4 @@
|
||||
using System.Text.Json;
|
||||
using MailKit;
|
||||
using MailKit.Net.Smtp;
|
||||
using Microsoft.Extensions.Logging.Abstractions;
|
||||
@@ -407,6 +408,78 @@ public class NotificationDeliveryServiceTests
|
||||
storage, new StoreAndForwardOptions(), NullLogger<StoreAndForwardService>.Instance);
|
||||
}
|
||||
|
||||
// ── NotificationService-010: SMTP client is disconnected on the failure path ──
|
||||
|
||||
/// <summary>
|
||||
/// An SMTP wrapper that records whether <see cref="DisconnectAsync"/> ran and
|
||||
/// can be told to fail at a chosen stage of the delivery sequence.
|
||||
/// </summary>
|
||||
private sealed class DisconnectTrackingClient : ISmtpClientWrapper, IDisposable
|
||||
{
|
||||
private readonly Func<Exception>? _failOnSend;
|
||||
private readonly Func<Exception>? _failOnAuthenticate;
|
||||
|
||||
public DisconnectTrackingClient(
|
||||
Func<Exception>? failOnSend = null, Func<Exception>? failOnAuthenticate = null)
|
||||
{
|
||||
_failOnSend = failOnSend;
|
||||
_failOnAuthenticate = failOnAuthenticate;
|
||||
}
|
||||
|
||||
public bool Disconnected { get; private set; }
|
||||
public bool Disposed { get; private set; }
|
||||
|
||||
public Task ConnectAsync(string host, int port, SmtpTlsMode tlsMode, int connectionTimeoutSeconds, CancellationToken cancellationToken = default)
|
||||
=> Task.CompletedTask;
|
||||
|
||||
public Task AuthenticateAsync(string authType, string? credentials, CancellationToken cancellationToken = default)
|
||||
=> _failOnAuthenticate != null ? Task.FromException(_failOnAuthenticate()) : Task.CompletedTask;
|
||||
|
||||
public Task SendAsync(string from, IEnumerable<string> bccRecipients, string subject, string body, CancellationToken cancellationToken = default)
|
||||
=> _failOnSend != null ? Task.FromException(_failOnSend()) : Task.CompletedTask;
|
||||
|
||||
public Task DisconnectAsync(CancellationToken cancellationToken = default)
|
||||
{
|
||||
Disconnected = true;
|
||||
return Task.CompletedTask;
|
||||
}
|
||||
|
||||
public void Dispose() => Disposed = true;
|
||||
}
|
||||
|
||||
[Fact]
|
||||
public async Task Send_TransientFailureDuringSend_StillDisconnectsClient()
|
||||
{
|
||||
// NS-010: DisconnectAsync used to run only on the success path inside the
|
||||
// try block. A failure in SendAsync left the authenticated connection open
|
||||
// (the SMTP QUIT was never issued), leaking server connection slots under
|
||||
// sustained transient failures.
|
||||
SetupHappyPath();
|
||||
var tracking = new DisconnectTrackingClient(
|
||||
failOnSend: () => new SmtpProtocolException("protocol error"));
|
||||
var service = new NotificationDeliveryService(
|
||||
_repository, () => tracking, NullLogger<NotificationDeliveryService>.Instance);
|
||||
|
||||
await service.SendAsync("ops-team", "Alert", "Body");
|
||||
|
||||
Assert.True(tracking.Disconnected, "DeliverAsync must disconnect the SMTP client even when the send fails");
|
||||
}
|
||||
|
||||
[Fact]
|
||||
public async Task Send_FailureDuringAuthenticate_StillDisconnectsClient()
|
||||
{
|
||||
// NS-010: an AuthenticateAsync failure must also tear the connection down.
|
||||
SetupHappyPath();
|
||||
var tracking = new DisconnectTrackingClient(
|
||||
failOnAuthenticate: () => new SmtpProtocolException("auth handshake failed"));
|
||||
var service = new NotificationDeliveryService(
|
||||
_repository, () => tracking, NullLogger<NotificationDeliveryService>.Instance);
|
||||
|
||||
await service.SendAsync("ops-team", "Alert", "Body");
|
||||
|
||||
Assert.True(tracking.Disconnected, "DeliverAsync must disconnect the SMTP client even when authentication fails");
|
||||
}
|
||||
|
||||
// ── NotificationService-005: explicit TLS mode passed through to the wrapper ──
|
||||
|
||||
/// <summary>An SMTP wrapper that records the TLS mode and timeout it was connected with.</summary>
|
||||
@@ -642,4 +715,77 @@ public class NotificationDeliveryServiceTests
|
||||
Assert.False(result.Success);
|
||||
Assert.Contains("address", result.ErrorMessage, StringComparison.OrdinalIgnoreCase);
|
||||
}
|
||||
|
||||
// ── NotificationService-012: OAuth2 delivery path coverage ──
|
||||
|
||||
/// <summary>An SMTP wrapper that records the auth type and credentials it received.</summary>
|
||||
private sealed class RecordingAuthClient : ISmtpClientWrapper
|
||||
{
|
||||
public string? AuthType { get; private set; }
|
||||
public string? Credentials { get; private set; }
|
||||
public Task ConnectAsync(string host, int port, SmtpTlsMode tlsMode, int connectionTimeoutSeconds, CancellationToken cancellationToken = default)
|
||||
=> Task.CompletedTask;
|
||||
public Task AuthenticateAsync(string authType, string? credentials, CancellationToken cancellationToken = default)
|
||||
{
|
||||
AuthType = authType;
|
||||
Credentials = credentials;
|
||||
return Task.CompletedTask;
|
||||
}
|
||||
public Task SendAsync(string from, IEnumerable<string> bccRecipients, string subject, string body, CancellationToken cancellationToken = default)
|
||||
=> Task.CompletedTask;
|
||||
public Task DisconnectAsync(CancellationToken cancellationToken = default) => Task.CompletedTask;
|
||||
}
|
||||
|
||||
private static OAuth2TokenService CreateTokenService(string accessToken, int expiresIn = 3600)
|
||||
{
|
||||
var json = JsonSerializer.Serialize(new
|
||||
{
|
||||
access_token = accessToken,
|
||||
expires_in = expiresIn,
|
||||
token_type = "Bearer"
|
||||
});
|
||||
var factory = Substitute.For<IHttpClientFactory>();
|
||||
factory.CreateClient(Arg.Any<string>())
|
||||
.Returns(_ => new HttpClient(new StubHttpHandler(json)));
|
||||
return new OAuth2TokenService(factory, NullLogger<OAuth2TokenService>.Instance);
|
||||
}
|
||||
|
||||
private sealed class StubHttpHandler : HttpMessageHandler
|
||||
{
|
||||
private readonly string _json;
|
||||
public StubHttpHandler(string json) => _json = json;
|
||||
protected override Task<HttpResponseMessage> SendAsync(
|
||||
HttpRequestMessage request, CancellationToken cancellationToken)
|
||||
=> Task.FromResult(new HttpResponseMessage(System.Net.HttpStatusCode.OK)
|
||||
{
|
||||
Content = new StringContent(_json)
|
||||
});
|
||||
}
|
||||
|
||||
[Fact]
|
||||
public async Task Send_OAuth2Config_AuthenticatesWithResolvedAccessToken()
|
||||
{
|
||||
// NS-012: the OAuth2 delivery branch in DeliverAsync (token resolution during
|
||||
// a send) was never exercised — every other test uses Basic Auth and a null
|
||||
// token service. The credentials reaching the SMTP client must be the access
|
||||
// token from OAuth2TokenService, not the raw tenant:client:secret triple.
|
||||
var cfg = new SmtpConfiguration("smtp.office365.com", "oauth2", "noreply@example.com")
|
||||
{
|
||||
Id = 1, Port = 587, Credentials = "tenant1:client1:secret1", TlsMode = "starttls"
|
||||
};
|
||||
SetupHappyPathWithSmtp(cfg);
|
||||
|
||||
var recording = new RecordingAuthClient();
|
||||
var service = new NotificationDeliveryService(
|
||||
_repository,
|
||||
() => recording,
|
||||
NullLogger<NotificationDeliveryService>.Instance,
|
||||
tokenService: CreateTokenService("oauth2-access-token-xyz"));
|
||||
|
||||
var result = await service.SendAsync("ops-team", "Alert", "Body");
|
||||
|
||||
Assert.True(result.Success);
|
||||
Assert.Equal("oauth2", recording.AuthType);
|
||||
Assert.Equal("oauth2-access-token-xyz", recording.Credentials);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -124,6 +124,105 @@ public class OAuth2TokenServiceTests
|
||||
Assert.Equal(2, handler.CallCount); // one per distinct credential, not per call
|
||||
}
|
||||
|
||||
// ── NotificationService-012: token expiry/refresh and concurrent acquisition ──
|
||||
|
||||
[Fact]
|
||||
public async Task GetTokenAsync_ExpiredToken_RefreshesOnNextCall()
|
||||
{
|
||||
// NS-012: token expiry/refresh was untested — the cache test used a 3600s
|
||||
// token so the refresh branch never ran. The service refreshes 60s before
|
||||
// the stated expiry, so an expires_in of 60 makes the token immediately
|
||||
// stale and the next call must fetch a fresh one.
|
||||
var handler = new SequenceHttpMessageHandler(
|
||||
TokenJson("first-token", expiresIn: 60),
|
||||
TokenJson("second-token", expiresIn: 3600));
|
||||
var client = new HttpClient(handler);
|
||||
var factory = CreateMockFactory(client);
|
||||
var service = new OAuth2TokenService(factory, NullLogger<OAuth2TokenService>.Instance);
|
||||
|
||||
var token1 = await service.GetTokenAsync("tenant:client:secret");
|
||||
var token2 = await service.GetTokenAsync("tenant:client:secret");
|
||||
|
||||
Assert.Equal("first-token", token1);
|
||||
Assert.Equal("second-token", token2); // refreshed because the first was already stale
|
||||
Assert.Equal(2, handler.CallCount);
|
||||
}
|
||||
|
||||
[Fact]
|
||||
public async Task GetTokenAsync_ConcurrentCalls_MakeExactlyOneHttpRequest()
|
||||
{
|
||||
// NS-012: the double-checked-locking path was never exercised. Many callers
|
||||
// racing for the same uncached credential must collapse to a single token
|
||||
// fetch, not one HTTP call per caller.
|
||||
var handler = new SlowCountingHttpMessageHandler(
|
||||
TokenJson("concurrent-token", expiresIn: 3600), delay: TimeSpan.FromMilliseconds(100));
|
||||
var client = new HttpClient(handler);
|
||||
var factory = CreateMockFactory(client);
|
||||
var service = new OAuth2TokenService(factory, NullLogger<OAuth2TokenService>.Instance);
|
||||
|
||||
var tasks = Enumerable.Range(0, 20)
|
||||
.Select(_ => service.GetTokenAsync("tenant:client:secret"))
|
||||
.ToArray();
|
||||
var tokens = await Task.WhenAll(tasks);
|
||||
|
||||
Assert.All(tokens, t => Assert.Equal("concurrent-token", t));
|
||||
Assert.Equal(1, handler.CallCount);
|
||||
}
|
||||
|
||||
private static string TokenJson(string accessToken, int expiresIn) =>
|
||||
JsonSerializer.Serialize(new
|
||||
{
|
||||
access_token = accessToken,
|
||||
expires_in = expiresIn,
|
||||
token_type = "Bearer"
|
||||
});
|
||||
|
||||
/// <summary>HTTP handler returning a different response per invocation, in order.</summary>
|
||||
private class SequenceHttpMessageHandler : HttpMessageHandler
|
||||
{
|
||||
private readonly string[] _responses;
|
||||
public int CallCount { get; private set; }
|
||||
|
||||
public SequenceHttpMessageHandler(params string[] responses) => _responses = responses;
|
||||
|
||||
protected override Task<HttpResponseMessage> SendAsync(
|
||||
HttpRequestMessage request, CancellationToken cancellationToken)
|
||||
{
|
||||
var body = _responses[Math.Min(CallCount, _responses.Length - 1)];
|
||||
CallCount++;
|
||||
return Task.FromResult(new HttpResponseMessage(HttpStatusCode.OK)
|
||||
{
|
||||
Content = new StringContent(body)
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
/// <summary>HTTP handler that delays and counts invocations (thread-safe count).</summary>
|
||||
private class SlowCountingHttpMessageHandler : HttpMessageHandler
|
||||
{
|
||||
private readonly string _response;
|
||||
private readonly TimeSpan _delay;
|
||||
private int _callCount;
|
||||
public int CallCount => _callCount;
|
||||
|
||||
public SlowCountingHttpMessageHandler(string response, TimeSpan delay)
|
||||
{
|
||||
_response = response;
|
||||
_delay = delay;
|
||||
}
|
||||
|
||||
protected override async Task<HttpResponseMessage> SendAsync(
|
||||
HttpRequestMessage request, CancellationToken cancellationToken)
|
||||
{
|
||||
Interlocked.Increment(ref _callCount);
|
||||
await Task.Delay(_delay, cancellationToken);
|
||||
return new HttpResponseMessage(HttpStatusCode.OK)
|
||||
{
|
||||
Content = new StringContent(_response)
|
||||
};
|
||||
}
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// HTTP handler that returns a distinct access token per tenant id, parsed from
|
||||
/// the request URL (<c>https://login.microsoftonline.com/{tenantId}/...</c>).
|
||||
|
||||
Reference in New Issue
Block a user