feat: add pkg internal/e2e/e2ehooks

This is to prepare for adding hook calls to the API package. In
addition the test coverage of all e2e was increased to 100%.

Author: Chris Stockton

internal/e2e/e2e.go

@@ -16,8 +16,14 @@ var (
 	configPath  string
 )
 
+var isTesting func() bool = testing.Testing
+
 func init() {
-	if testing.Testing() {
+	initPackage()
+}
+
+func initPackage() {
+	if isTesting() {
 		_, thisFile, _, _ := runtime.Caller(0)
 		projectRoot = filepath.Join(filepath.Dir(thisFile), "../..")
 		configPath = filepath.Join(GetProjectRoot(), "hack", "test.env")

internal/e2e/e2e_test.go

@@ -94,4 +94,27 @@ func TestUtils(t *testing.T) {
 			t.Fatal("exp non-nil err")
 		}
 	}()
+
+	// block init from main()
+	func() {
+		restore := isTesting
+		defer func() {
+			isTesting = restore
+		}()
+		isTesting = func() bool { return false }
+
+		var errStr string
+		func() {
+			defer func() {
+				errStr = recover().(string)
+			}()
+
+			initPackage()
+		}()
+
+		exp := "package e2e may not be used in a main package"
+		if errStr != exp {
+			t.Fatalf("exp %v; got %v", exp, errStr)
+		}
+	}()
 }

internal/e2e/e2eapi/e2eapi.go

@@ -90,12 +90,18 @@ func Do(
 	if err != nil {
 		return err
 	}
-	if err := json.Unmarshal(data, res); err != nil {
-		return err
+	if len(data) > 0 {
+		if err := json.Unmarshal(data, res); err != nil {
+			return err
+		}
 	}
 	return nil
 }
 
+const responseLimit = 1e6
+
+var defaultClient = http.DefaultClient
+
 func do(
 	ctx context.Context,
 	method string,
@@ -113,7 +119,7 @@ func do(
 	h.Add("Content-Type", "application/json")
 	h.Add("Accept", "application/json")
 
-	httpRes, err := http.DefaultClient.Do(httpReq)
+	httpRes, err := defaultClient.Do(httpReq)
 	if err != nil {
 		return nil, err
 	}
@@ -124,7 +130,7 @@ func do(
 		return nil, nil
 
 	case sc >= 400:
-		data, err := io.ReadAll(io.LimitReader(httpRes.Body, 1e8))
+		data, err := io.ReadAll(io.LimitReader(httpRes.Body, responseLimit))
 		if err != nil {
 			return nil, err
 		}
@@ -142,7 +148,7 @@ func do(
 		return nil, err
 
 	default:
-		data, err := io.ReadAll(io.LimitReader(httpRes.Body, 1e8))
+		data, err := io.ReadAll(io.LimitReader(httpRes.Body, responseLimit))
 		if err != nil {
 			return nil, err
 		}

internal/e2e/e2eapi/e2eapi_test.go

@@ -2,8 +2,12 @@ package e2eapi
 
 import (
 	"context"
+	"errors"
+	"io"
 	"net/http"
+	"net/http/httptest"
 	"testing"
+	"testing/iotest"
 	"time"
 
 	"github.com/gofrs/uuid"
@@ -116,4 +120,56 @@ func TestDo(t *testing.T) {
 		}
 		require.ErrorContains(t, err, "unsupported protocol")
 	}
+
+	func() {
+		hr := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+			w.WriteHeader(http.StatusNoContent)
+		})
+
+		ts := httptest.NewServer(hr)
+		defer ts.Close()
+
+		err := Do(ctx, http.MethodPost, ts.URL, nil, nil)
+		if err != nil {
+			t.Fatalf("exp nil err; got %v", err)
+		}
+	}()
+
+	for _, statusCode := range []int{http.StatusBadRequest, http.StatusOK} {
+		func() {
+			sentinel := errors.New("sentinel")
+			rtFn := roundTripperFunc(func(req *http.Request) (*http.Response, error) {
+				res, err := http.DefaultClient.Do(req)
+				if err != nil {
+					return nil, err
+				}
+				res.Body = io.NopCloser(iotest.ErrReader(sentinel))
+				return res, nil
+			})
+
+			prev := defaultClient
+			defer func() {
+				defaultClient = prev
+			}()
+			defaultClient = new(http.Client)
+			defaultClient.Transport = rtFn
+
+			hr := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+				w.WriteHeader(statusCode)
+			})
+
+			ts := httptest.NewServer(hr)
+			defer ts.Close()
+
+			err := Do(ctx, http.MethodPost, ts.URL, nil, nil)
+			require.Error(t, err)
+			require.Equal(t, sentinel, err)
+		}()
+	}
+}
+
+type roundTripperFunc func(*http.Request) (*http.Response, error)
+
+func (f roundTripperFunc) RoundTrip(req *http.Request) (*http.Response, error) {
+	return f(req)
 }

internal/e2e/e2ehooks/e2ehooks.go

@@ -0,0 +1,201 @@
+// Package e2ehooks provides utilities for end-to-end testing of hooks.
+package e2ehooks
+
+import (
+	"bytes"
+	"encoding/json"
+	"io"
+	"net/http"
+	"net/http/httptest"
+	"net/http/httputil"
+	"slices"
+	"sync"
+
+	"github.com/supabase/auth/internal/conf"
+	"github.com/supabase/auth/internal/e2e/e2eapi"
+	"github.com/supabase/auth/internal/hooks/v0hooks"
+)
+
+type Instance struct {
+	*e2eapi.Instance
+
+	HookServer   *httptest.Server
+	HookRecorder *HookRecorder
+}
+
+func (o *Instance) Close() error {
+	defer o.Instance.Close()
+	defer o.HookServer.Close()
+	return nil
+}
+
+func New(globalCfg *conf.GlobalConfiguration) (*Instance, error) {
+	hookRec := NewHookRecorder()
+	hookSrv := httptest.NewServer(hookRec)
+	hookRec.Register(&globalCfg.Hook, hookSrv.URL)
+
+	test, err := e2eapi.New(globalCfg)
+	if err != nil {
+		defer hookSrv.Close()
+
+		return nil, err
+	}
+
+	o := &Instance{
+		Instance:     test,
+		HookServer:   hookSrv,
+		HookRecorder: hookRec,
+	}
+	return o, nil
+}
+
+func HandleSuccess() http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		w.Header().Add("content-type", "application/json")
+		_, _ = io.WriteString(w, "{}")
+	})
+}
+
+type Hook struct {
+	mu    sync.Mutex
+	name  v0hooks.Name
+	calls []*HookCall
+
+	hr http.Handler
+}
+
+func NewHook(name v0hooks.Name) *Hook {
+	o := &Hook{
+		name: name,
+	}
+	o.SetHandler(HandleSuccess())
+	return o
+}
+
+func (o *Hook) ClearCalls() {
+	o.mu.Lock()
+	defer o.mu.Unlock()
+	o.calls = nil
+}
+
+func (o *Hook) GetCalls() []*HookCall {
+	o.mu.Lock()
+	defer o.mu.Unlock()
+	return slices.Clone(o.calls)
+}
+
+func (o *Hook) SetHandler(hr http.Handler) {
+	o.mu.Lock()
+	defer o.mu.Unlock()
+	o.hr = hr
+}
+
+func (o *Hook) ServeHTTP(w http.ResponseWriter, r *http.Request) {
+	o.mu.Lock()
+	defer o.mu.Unlock()
+
+	dump, _ := httputil.DumpRequest(r, true)
+	body, err := io.ReadAll(r.Body)
+	if err != nil {
+		code := http.StatusInternalServerError
+		http.Error(w, http.StatusText(code), code)
+		return
+	}
+	r.Body = io.NopCloser(bytes.NewReader(body))
+
+	hc := &HookCall{
+		Dump:   string(dump),
+		Body:   string(body),
+		Header: r.Header.Clone(),
+	}
+	o.calls = append(o.calls, hc)
+
+	o.hr.ServeHTTP(w, r)
+}
+
+type HookCall struct {
+	Header http.Header
+	Body   string
+	Dump   string
+}
+
+func (o *HookCall) Unmarshal(v any) error {
+	return json.Unmarshal([]byte(o.Body), v)
+}
+
+type HookRecorder struct {
+	mux                  *http.ServeMux
+	BeforeUserCreated    *Hook
+	AfterUserCreated     *Hook
+	CustomizeAccessToken *Hook
+	MFAVerification      *Hook
+	PasswordVerification *Hook
+	SendEmail            *Hook
+	SendSMS              *Hook
+}
+
+func NewHookRecorder() *HookRecorder {
+	o := &HookRecorder{
+		mux:                  http.NewServeMux(),
+		BeforeUserCreated:    NewHook(v0hooks.BeforeUserCreated),
+		AfterUserCreated:     NewHook(v0hooks.AfterUserCreated),
+		CustomizeAccessToken: NewHook(v0hooks.CustomizeAccessToken),
+		MFAVerification:      NewHook(v0hooks.MFAVerification),
+		PasswordVerification: NewHook(v0hooks.PasswordVerification),
+		SendEmail:            NewHook(v0hooks.SendEmail),
+		SendSMS:              NewHook(v0hooks.SendSMS),
+	}
+
+	o.mux.HandleFunc("POST /hooks/{hook}", func(w http.ResponseWriter, r *http.Request) {
+		//exhaustive:ignore
+		switch v0hooks.Name(r.PathValue("hook")) {
+		case v0hooks.BeforeUserCreated:
+			o.BeforeUserCreated.ServeHTTP(w, r)
+
+		case v0hooks.AfterUserCreated:
+			o.AfterUserCreated.ServeHTTP(w, r)
+
+		case v0hooks.CustomizeAccessToken:
+			o.CustomizeAccessToken.ServeHTTP(w, r)
+
+		case v0hooks.MFAVerification:
+			o.MFAVerification.ServeHTTP(w, r)
+
+		case v0hooks.PasswordVerification:
+			o.PasswordVerification.ServeHTTP(w, r)
+
+		case v0hooks.SendEmail:
+			o.SendEmail.ServeHTTP(w, r)
+
+		case v0hooks.SendSMS:
+			o.SendSMS.ServeHTTP(w, r)
+
+		default:
+			http.NotFound(w, r)
+		}
+	})
+	return o
+}
+
+func (o *HookRecorder) Register(
+	hookCfg *conf.HookConfiguration,
+	baseURL string,
+) {
+	set := func(cfg *conf.ExtensibilityPointConfiguration, name v0hooks.Name) {
+		*cfg = conf.ExtensibilityPointConfiguration{
+			Enabled: true,
+			URI:     baseURL + "/hooks/" + string(name),
+		}
+	}
+	set(&hookCfg.BeforeUserCreated, v0hooks.BeforeUserCreated)
+	set(&hookCfg.AfterUserCreated, v0hooks.AfterUserCreated)
+	set(&hookCfg.CustomAccessToken, v0hooks.CustomizeAccessToken)
+	set(&hookCfg.MFAVerificationAttempt, v0hooks.MFAVerification)
+	set(&hookCfg.PasswordVerificationAttempt, v0hooks.PasswordVerification)
+	set(&hookCfg.SendEmail, v0hooks.SendEmail)
+	set(&hookCfg.SendSMS, v0hooks.SendSMS)
+}
+
+func (o *HookRecorder) ServeHTTP(w http.ResponseWriter, r *http.Request) {
+	o.mux.ServeHTTP(w, r)
+}