feature: 테스트 코드 추가

six-standard · six-standard · commit 0116921b6752 · 2025-07-04T12:03:52.000+09:00
diff --git a/src/controllers/__test__/webhook.controller.test.ts b/src/controllers/__test__/webhook.controller.test.ts
@@ -2,9 +2,11 @@ import 'reflect-metadata';
 import { Request, Response } from 'express';
 import { WebhookController } from '@/controllers/webhook.controller';
 import { sendSlackMessage } from '@/modules/slack/slack.notifier';
+import { verifySignature } from '@/utils/verify.util';
 
 // Mock dependencies
 jest.mock('@/modules/slack/slack.notifier');
+jest.mock('@/utils/verify.util');
 
 // logger 모킹
 jest.mock('@/configs/logger.config', () => ({
@@ -18,6 +20,7 @@ describe('WebhookController', () => {
   let mockResponse: Partial<Response>;
   let nextFunction: jest.Mock;
   let mockSendSlackMessage: jest.MockedFunction<typeof sendSlackMessage>;
+  let mockVerifySignature: jest.MockedFunction<typeof verifySignature>;
 
   beforeEach(() => {
     // WebhookController 인스턴스 생성
@@ -36,6 +39,10 @@ describe('WebhookController', () => {
 
     nextFunction = jest.fn();
     mockSendSlackMessage = sendSlackMessage as jest.MockedFunction<typeof sendSlackMessage>;
+    mockVerifySignature = verifySignature as jest.MockedFunction<typeof verifySignature>;
+    
+    // 기본적으로 시그니처 검증이 성공하도록 설정
+    mockVerifySignature.mockReturnValue(true);
   });
 
   afterEach(() => {
@@ -308,4 +315,108 @@ describe('WebhookController', () => {
       expect(mockSendSlackMessage).toHaveBeenCalledWith(expectedMessage);
     });
   });
+
+  describe('Signature Verification', () => {
+    const mockSentryData = {
+      action: 'created',
+      data: {
+        issue: {
+          id: 'test-issue-123',
+          title: '시그니처 테스트 오류',
+          culprit: 'TestFile.js:10',
+          status: 'unresolved',
+          count: "1",
+          userCount: 1,
+          firstSeen: '2024-01-01T12:00:00.000Z',
+          permalink: 'https://velog-dashboardv2.sentry.io/issues/test-issue-123/',
+          project: {
+            id: 'project-123',
+            name: 'Velog Dashboard',
+            slug: 'velog-dashboard'
+          }
+        }
+      }
+    };
+
+    it('유효한 시그니처로 웹훅 처리에 성공해야 한다', async () => {
+      mockRequest.body = mockSentryData;
+      mockRequest.headers = {
+        'sentry-hook-signature': 'valid-signature'
+      };
+      mockVerifySignature.mockReturnValue(true);
+      mockSendSlackMessage.mockResolvedValue();
+
+      await webhookController.handleSentryWebhook(
+        mockRequest as Request,
+        mockResponse as Response,
+        nextFunction
+      );
+
+      expect(mockVerifySignature).toHaveBeenCalledWith(mockRequest);
+      expect(mockSendSlackMessage).toHaveBeenCalled();
+      expect(mockResponse.status).toHaveBeenCalledWith(200);
+    });
+
+    it('잘못된 시그니처로 400 에러를 반환해야 한다', async () => {
+      mockRequest.body = mockSentryData;
+      mockRequest.headers = {
+        'sentry-hook-signature': 'invalid-signature'
+      };
+      mockVerifySignature.mockReturnValue(false);
+
+      await webhookController.handleSentryWebhook(
+        mockRequest as Request,
+        mockResponse as Response,
+        nextFunction
+      );
+
+      expect(mockVerifySignature).toHaveBeenCalledWith(mockRequest);
+      expect(mockSendSlackMessage).not.toHaveBeenCalled();
+      expect(mockResponse.status).toHaveBeenCalledWith(400);
+      expect(mockResponse.json).toHaveBeenCalledWith({
+        success: true,
+        message: 'Sentry 웹훅 처리에 실패했습니다',
+        data: {},
+        error: null
+      });
+    });
+
+    it('시그니처 헤더가 누락된 경우 400 에러를 반환해야 한다', async () => {
+      mockRequest.body = mockSentryData;
+      mockRequest.headers = {}; // 시그니처 헤더 누락
+      mockVerifySignature.mockReturnValue(false);
+
+      await webhookController.handleSentryWebhook(
+        mockRequest as Request,
+        mockResponse as Response,
+        nextFunction
+      );
+
+      expect(mockVerifySignature).toHaveBeenCalledWith(mockRequest);
+      expect(mockSendSlackMessage).not.toHaveBeenCalled();
+      expect(mockResponse.status).toHaveBeenCalledWith(400);
+    });
+
+    it('시그니처 검증 중 예외 발생 시 에러를 전달해야 한다', async () => {
+      mockRequest.body = mockSentryData;
+      mockRequest.headers = {
+        'sentry-hook-signature': 'some-signature'
+      };
+      const verificationError = new Error('SENTRY_CLIENT_SECRET is not defined');
+      mockVerifySignature.mockImplementation(() => {
+        throw verificationError;
+      });
+
+      await webhookController.handleSentryWebhook(
+        mockRequest as Request,
+        mockResponse as Response,
+        nextFunction
+      );
+
+      expect(mockVerifySignature).toHaveBeenCalledWith(mockRequest);
+      expect(nextFunction).toHaveBeenCalledWith(verificationError);
+      expect(mockSendSlackMessage).not.toHaveBeenCalled();
+      expect(mockResponse.json).not.toHaveBeenCalled();
+    });
+  });
 }); 
diff --git a/src/utils/__test__/verify.util.test.ts b/src/utils/__test__/verify.util.test.ts
@@ -0,0 +1,158 @@
+import { Request } from 'express';
+import { verifySignature } from '../verify.util';
+import crypto from 'crypto';
+
+// 환경 변수 모킹
+const mockEnv = {
+  SENTRY_CLIENT_SECRET: 'test-secret-key'
+};
+
+describe('verifySignature', () => {
+  let mockRequest: Partial<Request>;
+  let originalEnv: NodeJS.ProcessEnv;
+
+  beforeAll(() => {
+    originalEnv = process.env;
+  });
+
+  beforeEach(() => {
+    process.env = { ...originalEnv, ...mockEnv };
+    mockRequest = {
+      body: {},
+      headers: {}
+    };
+  });
+
+  afterAll(() => {
+    process.env = originalEnv;
+  });
+
+  afterEach(() => {
+    jest.clearAllMocks();
+  });
+
+  describe('성공 케이스', () => {
+    it('유효한 시그니처로 검증에 성공해야 한다', () => {
+      const testBody = { action: 'created', data: { issue: { id: 'test' } } };
+      const bodyString = JSON.stringify(testBody);
+      const expectedSignature = crypto
+        .createHmac('sha256', mockEnv.SENTRY_CLIENT_SECRET)
+        .update(bodyString)
+        .digest('hex');
+
+      mockRequest.body = testBody;
+      mockRequest.headers = {
+        'sentry-hook-signature': expectedSignature
+      };
+
+      const result = verifySignature(mockRequest as Request);
+
+      expect(result).toBe(true);
+    });
+
+    it('복잡한 객체 body로 검증에 성공해야 한다', () => {
+      const testBody = {
+        action: 'created',
+        data: {
+          issue: {
+            id: 'complex-issue-123',
+            title: 'Complex Error with Special Characters: áéíóú',
+            culprit: 'components/User@Profile.tsx:42',
+            status: 'unresolved',
+            count: "15",
+            userCount: 8,
+            firstSeen: '2024-01-01T12:00:00.000Z'
+          }
+        }
+      };
+
+      const bodyString = JSON.stringify(testBody);
+      const expectedSignature = crypto
+        .createHmac('sha256', mockEnv.SENTRY_CLIENT_SECRET)
+        .update(bodyString)
+        .digest('hex');
+
+      mockRequest.body = testBody;
+      mockRequest.headers = {
+        'sentry-hook-signature': expectedSignature
+      };
+
+      const result = verifySignature(mockRequest as Request);
+
+      expect(result).toBe(true);
+    });
+  });
+
+  describe('실패 케이스', () => {
+    it('잘못된 시그니처로 검증에 실패해야 한다', () => {
+      const testBody = { action: 'created', data: { issue: { id: 'test' } } };
+      
+      mockRequest.body = testBody;
+      mockRequest.headers = {
+        'sentry-hook-signature': 'invalid-signature'
+      };
+
+      const result = verifySignature(mockRequest as Request);
+
+      expect(result).toBe(false);
+    });
+
+    it('시그니처 헤더가 누락된 경우 false를 반환해야 한다', () => {
+      const testBody = { action: 'created', data: { issue: { id: 'test' } } };
+      
+      mockRequest.body = testBody;
+      mockRequest.headers = {}; // 시그니처 헤더 누락
+
+      const result = verifySignature(mockRequest as Request);
+
+      expect(result).toBe(false);
+    });
+
+    it('빈 시그니처로 검증에 실패해야 한다', () => {
+      const testBody = { action: 'created', data: { issue: { id: 'test' } } };
+      
+      mockRequest.body = testBody;
+      mockRequest.headers = {
+        'sentry-hook-signature': ''
+      };
+
+      const result = verifySignature(mockRequest as Request);
+
+      expect(result).toBe(false);
+    });
+
+    it('다른 secret으로 생성된 시그니처로 검증에 실패해야 한다', () => {
+      const testBody = { action: 'created', data: { issue: { id: 'test' } } };
+      const bodyString = JSON.stringify(testBody);
+      const wrongSignature = crypto
+        .createHmac('sha256', 'wrong-secret')
+        .update(bodyString)
+        .digest('hex');
+
+      mockRequest.body = testBody;
+      mockRequest.headers = {
+        'sentry-hook-signature': wrongSignature
+      };
+
+      const result = verifySignature(mockRequest as Request);
+
+      expect(result).toBe(false);
+    });
+  });
+
+  describe('에러 케이스', () => {
+    it('SENTRY_CLIENT_SECRET이 없는 경우 에러를 발생시켜야 한다', () => {
+      delete process.env.SENTRY_CLIENT_SECRET;
+      
+      const testBody = { action: 'created', data: { issue: { id: 'test' } } };
+      mockRequest.body = testBody;
+      mockRequest.headers = {
+        'sentry-hook-signature': 'some-signature'
+      };
+
+      expect(() => {
+        verifySignature(mockRequest as Request);
+      }).toThrow('SENTRY_CLIENT_SECRET is not defined');
+    });
+  });
+}); 
