fix(notification-service): resolve NotificationService-010,011,012 — disconnect SMTP on failure, relocate exception type, OAuth2/token-cache test coverage

2026-05-16 22:24:03 -04:00
parent dab0056d1b
commit a9bd017c88
5 changed files with 328 additions and 18 deletions
--- a/tests/ScadaLink.NotificationService.Tests/OAuth2TokenServiceTests.cs
+++ b/tests/ScadaLink.NotificationService.Tests/OAuth2TokenServiceTests.cs
@@ -124,6 +124,105 @@ public class OAuth2TokenServiceTests
        Assert.Equal(2, handler.CallCount); // one per distinct credential, not per call
    }

+    // ── NotificationService-012: token expiry/refresh and concurrent acquisition ──
+
+    [Fact]
+    public async Task GetTokenAsync_ExpiredToken_RefreshesOnNextCall()
+    {
+        // NS-012: token expiry/refresh was untested — the cache test used a 3600s
+        // token so the refresh branch never ran. The service refreshes 60s before
+        // the stated expiry, so an expires_in of 60 makes the token immediately
+        // stale and the next call must fetch a fresh one.
+        var handler = new SequenceHttpMessageHandler(
+            TokenJson("first-token", expiresIn: 60),
+            TokenJson("second-token", expiresIn: 3600));
+        var client = new HttpClient(handler);
+        var factory = CreateMockFactory(client);
+        var service = new OAuth2TokenService(factory, NullLogger<OAuth2TokenService>.Instance);
+
+        var token1 = await service.GetTokenAsync("tenant:client:secret");
+        var token2 = await service.GetTokenAsync("tenant:client:secret");
+
+        Assert.Equal("first-token", token1);
+        Assert.Equal("second-token", token2); // refreshed because the first was already stale
+        Assert.Equal(2, handler.CallCount);
+    }
+
+    [Fact]
+    public async Task GetTokenAsync_ConcurrentCalls_MakeExactlyOneHttpRequest()
+    {
+        // NS-012: the double-checked-locking path was never exercised. Many callers
+        // racing for the same uncached credential must collapse to a single token
+        // fetch, not one HTTP call per caller.
+        var handler = new SlowCountingHttpMessageHandler(
+            TokenJson("concurrent-token", expiresIn: 3600), delay: TimeSpan.FromMilliseconds(100));
+        var client = new HttpClient(handler);
+        var factory = CreateMockFactory(client);
+        var service = new OAuth2TokenService(factory, NullLogger<OAuth2TokenService>.Instance);
+
+        var tasks = Enumerable.Range(0, 20)
+            .Select(_ => service.GetTokenAsync("tenant:client:secret"))
+            .ToArray();
+        var tokens = await Task.WhenAll(tasks);
+
+        Assert.All(tokens, t => Assert.Equal("concurrent-token", t));
+        Assert.Equal(1, handler.CallCount);
+    }
+
+    private static string TokenJson(string accessToken, int expiresIn) =>
+        JsonSerializer.Serialize(new
+        {
+            access_token = accessToken,
+            expires_in = expiresIn,
+            token_type = "Bearer"
+        });
+
+    /// <summary>HTTP handler returning a different response per invocation, in order.</summary>
+    private class SequenceHttpMessageHandler : HttpMessageHandler
+    {
+        private readonly string[] _responses;
+        public int CallCount { get; private set; }
+
+        public SequenceHttpMessageHandler(params string[] responses) => _responses = responses;
+
+        protected override Task<HttpResponseMessage> SendAsync(
+            HttpRequestMessage request, CancellationToken cancellationToken)
+        {
+            var body = _responses[Math.Min(CallCount, _responses.Length - 1)];
+            CallCount++;
+            return Task.FromResult(new HttpResponseMessage(HttpStatusCode.OK)
+            {
+                Content = new StringContent(body)
+            });
+        }
+    }
+
+    /// <summary>HTTP handler that delays and counts invocations (thread-safe count).</summary>
+    private class SlowCountingHttpMessageHandler : HttpMessageHandler
+    {
+        private readonly string _response;
+        private readonly TimeSpan _delay;
+        private int _callCount;
+        public int CallCount => _callCount;
+
+        public SlowCountingHttpMessageHandler(string response, TimeSpan delay)
+        {
+            _response = response;
+            _delay = delay;
+        }
+
+        protected override async Task<HttpResponseMessage> SendAsync(
+            HttpRequestMessage request, CancellationToken cancellationToken)
+        {
+            Interlocked.Increment(ref _callCount);
+            await Task.Delay(_delay, cancellationToken);
+            return new HttpResponseMessage(HttpStatusCode.OK)
+            {
+                Content = new StringContent(_response)
+            };
+        }
+    }
+
    /// <summary>
    /// HTTP handler that returns a distinct access token per tenant id, parsed from
    /// the request URL (<c>https://login.microsoftonline.com/{tenantId}/...</c>).