@bernierllc/email-domain-verification 1.0.0

package/__tests__/EmailDomainVerificationService.test.ts

@@ -0,0 +1,582 @@
+/*
+Copyright (c) 2025 Bernier LLC
+
+This file is licensed to the client under a limited-use license.
+The client may use and modify this code *only within the scope of the project it was delivered for*.
+Redistribution or use in other products or commercial offerings is not permitted without written consent from Bernier LLC.
+*/
+
+import { EmailDomainVerificationService } from '../src/EmailDomainVerificationService';
+import { DNSRecord } from '../src/types';
+
+// Create mock logger directly to avoid type conflicts with real logger
+const createMockLogger = () => ({
+  debug: jest.fn(),
+  info: jest.fn(),
+  warn: jest.fn(),
+  error: jest.fn(),
+  fatal: jest.fn()
+});
+
+// Mock external dependencies only (logger and neverhub-adapter are mocked via moduleNameMapper)
+jest.mock('dns2', () => ({
+  Resolver: jest.fn().mockImplementation(() => ({
+    resolve: jest.fn().mockResolvedValue({
+      answers: [
+        { type: 'TXT', data: 'v=spf1 include:sendgrid.net -all' },
+        { ns: '8.8.8.8' }
+      ]
+    })
+  }))
+}));
+
+jest.mock('axios', () => ({
+  create: jest.fn(() => ({
+    post: jest.fn().mockResolvedValue({
+      data: {
+        id: 'domain-123',
+        dns: [],
+        domain: {
+          name: 'example.com',
+          state: 'active'
+        },
+        receiving_dns_records: [],
+        sending_dns_records: []
+      }
+    }),
+    get: jest.fn().mockResolvedValue({
+      data: [{
+        domain: 'example.com',
+        id: 'domain-123'
+      }]
+    })
+  }))
+}));
+
+jest.mock('cron', () => ({
+  CronJob: jest.fn().mockImplementation((_schedule: string, _callback: () => void) => ({
+    start: jest.fn(),
+    stop: jest.fn()
+  }))
+}));
+
+describe('EmailDomainVerificationService', () => {
+  let service: EmailDomainVerificationService;
+  let logger: ReturnType<typeof createMockLogger>;
+
+  beforeEach(() => {
+    logger = createMockLogger();
+    service = new EmailDomainVerificationService({ logger: logger as any });
+  });
+
+  afterEach(async () => {
+    await service.shutdown();
+    jest.clearAllMocks();
+  });
+
+  describe('setupDomain', () => {
+    it('should generate SPF record with provider includes', async () => {
+      const result = await service.setupDomain({
+        domain: 'example.com',
+        provider: 'sendgrid',
+        providerCredentials: { apiKey: 'test-key' },
+        dkim: { enabled: false },
+        spf: { enabled: true, strict: true },
+        dmarc: { enabled: false }
+      });
+
+      expect(result.success).toBe(true);
+      expect(result.dnsRecords.length).toBeGreaterThan(0);
+
+      const spfRecord = result.dnsRecords.find(r => r.type === 'SPF');
+      expect(spfRecord).toBeDefined();
+      expect(spfRecord!.value).toContain('include:sendgrid.net');
+      expect(spfRecord!.value).toContain('-all'); // strict mode
+    });
+
+    it('should generate DKIM keypair and DNS record when enabled', async () => {
+      const result = await service.setupDomain({
+        domain: 'example.com',
+        provider: 'sendgrid',
+        providerCredentials: { apiKey: 'test-key' },
+        dkim: { enabled: true, selector: 'default', keySize: 2048 },
+        spf: { enabled: false },
+        dmarc: { enabled: false }
+      });
+
+      expect(result.success).toBe(true);
+      expect(result.dkimConfig).toBeDefined();
+      expect(result.dkimConfig!.selector).toBe('default');
+      expect(result.dkimConfig!.keySize).toBe(2048);
+      expect(result.dkimConfig!.privateKey).toMatch(/-----BEGIN PRIVATE KEY-----/);
+      expect(result.dkimConfig!.publicKey).toMatch(/-----BEGIN PUBLIC KEY-----/);
+
+      const dkimRecord = result.dnsRecords.find(r => r.type === 'DKIM');
+      expect(dkimRecord).toBeDefined();
+      expect(dkimRecord!.host).toBe('default._domainkey.example.com');
+      expect(dkimRecord!.value).toContain('v=DKIM1');
+    });
+
+    it('should generate DMARC record with correct policy', async () => {
+      const result = await service.setupDomain({
+        domain: 'example.com',
+        provider: 'sendgrid',
+        providerCredentials: { apiKey: 'test-key' },
+        dkim: { enabled: false },
+        spf: { enabled: false },
+        dmarc: {
+          enabled: true,
+          policy: 'quarantine',
+          percentage: 50,
+          reportEmail: 'dmarc@example.com'
+        }
+      });
+
+      expect(result.success).toBe(true);
+
+      const dmarcRecord = result.dnsRecords.find(r => r.type === 'DMARC');
+      expect(dmarcRecord).toBeDefined();
+      expect(dmarcRecord!.host).toBe('_dmarc.example.com');
+      expect(dmarcRecord!.value).toContain('p=quarantine');
+      expect(dmarcRecord!.value).toContain('pct=50');
+      expect(dmarcRecord!.value).toContain('rua=mailto:dmarc@example.com');
+    });
+
+    it('should reject invalid domain names', async () => {
+      const result = await service.setupDomain({
+        domain: 'invalid domain with spaces',
+        provider: 'sendgrid',
+        providerCredentials: { apiKey: 'test-key' },
+        dkim: { enabled: false },
+        spf: { enabled: true },
+        dmarc: { enabled: false }
+      });
+
+      expect(result.success).toBe(false);
+      expect(result.status).toBe('failed');
+      expect(result.errors).toBeDefined();
+      expect(result.errors![0]).toContain('Invalid domain name');
+    });
+
+    it('should generate provider-specific records for SendGrid', async () => {
+      const result = await service.setupDomain({
+        domain: 'example.com',
+        provider: 'sendgrid',
+        providerCredentials: { apiKey: 'test-key' },
+        dkim: { enabled: false },
+        spf: { enabled: false },
+        dmarc: { enabled: false }
+      });
+
+      expect(result.success).toBe(true);
+      const cnameRecords = result.dnsRecords.filter(r => r.type === 'CNAME');
+      expect(cnameRecords.length).toBeGreaterThan(0);
+      expect(cnameRecords[0].provider).toBe('sendgrid');
+    });
+
+    it('should generate provider-specific records for Mailgun', async () => {
+      const result = await service.setupDomain({
+        domain: 'example.com',
+        provider: 'mailgun',
+        providerCredentials: { apiKey: 'test-key' },
+        dkim: { enabled: false },
+        spf: { enabled: false },
+        dmarc: { enabled: false }
+      });
+
+      expect(result.success).toBe(true);
+      const txtRecords = result.dnsRecords.filter(r => r.type === 'TXT');
+      expect(txtRecords.length).toBeGreaterThan(0);
+      expect(txtRecords[0].value).toContain('mailgun.org');
+    });
+
+    it('should generate provider-specific records for SES', async () => {
+      const result = await service.setupDomain({
+        domain: 'example.com',
+        provider: 'ses',
+        providerCredentials: { apiKey: 'test-key' },
+        dkim: { enabled: false },
+        spf: { enabled: false },
+        dmarc: { enabled: false }
+      });
+
+      expect(result.success).toBe(true);
+      const txtRecords = result.dnsRecords.filter(r => r.type === 'TXT');
+      expect(txtRecords.length).toBeGreaterThan(0);
+      expect(txtRecords[0].host).toContain('_amazonses');
+    });
+
+    it('should include custom SPF includes', async () => {
+      const result = await service.setupDomain({
+        domain: 'example.com',
+        provider: 'sendgrid',
+        providerCredentials: { apiKey: 'test-key' },
+        dkim: { enabled: false },
+        spf: {
+          enabled: true,
+          includes: ['include:custom-provider.com'],
+          ipv4Addresses: ['192.168.1.1'],
+          ipv6Addresses: ['2001:db8::1']
+        },
+        dmarc: { enabled: false }
+      });
+
+      expect(result.success).toBe(true);
+      const spfRecord = result.dnsRecords.find(r => r.type === 'SPF');
+      expect(spfRecord!.value).toContain('include:custom-provider.com');
+      expect(spfRecord!.value).toContain('ip4:192.168.1.1');
+      expect(spfRecord!.value).toContain('ip6:2001:db8::1');
+    });
+
+    it('should use ~all when strict is false', async () => {
+      const result = await service.setupDomain({
+        domain: 'example.com',
+        provider: 'sendgrid',
+        providerCredentials: { apiKey: 'test-key' },
+        dkim: { enabled: false },
+        spf: { enabled: true, strict: false },
+        dmarc: { enabled: false }
+      });
+
+      expect(result.success).toBe(true);
+      const spfRecord = result.dnsRecords.find(r => r.type === 'SPF');
+      expect(spfRecord!.value).toContain('~all');
+      expect(spfRecord!.value).not.toContain('-all');
+    });
+  });
+
+  describe('checkPropagation', () => {
+    it('should check DNS propagation across nameservers', async () => {
+      const records: DNSRecord[] = [{
+        type: 'SPF',
+        host: 'example.com',
+        value: 'v=spf1 include:sendgrid.net -all',
+        ttl: 3600,
+        provider: 'sendgrid',
+        required: true,
+        instructions: 'Add SPF record'
+      }];
+
+      const results = await service.checkPropagation('example.com', records);
+
+      expect(results).toHaveLength(1);
+      expect(results[0].domain).toBe('example.com');
+      expect(results[0].record).toEqual(records[0]);
+      expect(results[0].propagationPercentage).toBeGreaterThanOrEqual(0);
+      expect(results[0].propagationPercentage).toBeLessThanOrEqual(100);
+    });
+
+    it('should handle DNS query failures gracefully', async () => {
+      const records: DNSRecord[] = [{
+        type: 'DKIM',
+        host: 'nonexistent._domainkey.example.com',
+        value: 'v=DKIM1; k=rsa; p=...',
+        ttl: 3600,
+        provider: 'sendgrid',
+        required: true,
+        instructions: 'Add DKIM record'
+      }];
+
+      const results = await service.checkPropagation('example.com', records);
+
+      expect(results).toHaveLength(1);
+      expect(results[0].propagated).toBe(false);
+      // Should not throw error - graceful degradation
+    });
+
+    it('should return propagation results for multiple records', async () => {
+      const records: DNSRecord[] = [
+        {
+          type: 'SPF',
+          host: 'example.com',
+          value: 'v=spf1 include:sendgrid.net -all',
+          ttl: 3600,
+          provider: 'sendgrid',
+          required: true,
+          instructions: 'Add SPF record'
+        },
+        {
+          type: 'DMARC',
+          host: '_dmarc.example.com',
+          value: 'v=DMARC1; p=none; pct=100; sp=none;',
+          ttl: 3600,
+          provider: 'sendgrid',
+          required: true,
+          instructions: 'Add DMARC record'
+        }
+      ];
+
+      const results = await service.checkPropagation('example.com', records);
+
+      expect(results).toHaveLength(2);
+      expect(results[0].record.type).toBe('SPF');
+      expect(results[1].record.type).toBe('DMARC');
+    });
+  });
+
+  describe('verifyDomain', () => {
+    it('should verify domain with provider', async () => {
+      // Mock successful verification
+      jest.spyOn(service as any, 'verifyWithProvider').mockResolvedValue({
+        verified: true,
+        message: 'Domain verified'
+      });
+
+      const result = await service.verifyDomain(
+        'example.com',
+        'sendgrid',
+        { apiKey: 'test-key' }
+      );
+
+      expect(result.success).toBe(true);
+      expect(result.status).toBe('verified');
+    });
+
+    it('should handle verification failure', async () => {
+      // Mock failed verification
+      jest.spyOn(service as any, 'verifyWithProvider').mockResolvedValue({
+        verified: false,
+        message: 'Verification failed'
+      });
+
+      const result = await service.verifyDomain(
+        'example.com',
+        'sendgrid',
+        { apiKey: 'test-key' }
+      );
+
+      expect(result.success).toBe(false);
+      expect(result.status).toBe('failed');
+      expect(result.errors).toBeDefined();
+    });
+
+    it('should start health monitoring after successful verification', async () => {
+      // Mock successful verification
+      jest.spyOn(service as any, 'verifyWithProvider').mockResolvedValue({
+        verified: true,
+        message: 'Domain verified'
+      });
+
+      const result = await service.verifyDomain(
+        'example.com',
+        'sendgrid',
+        { apiKey: 'test-key' }
+      );
+
+      expect(result.success).toBe(true);
+      expect(result.status).toBe('verified');
+
+      // Health monitoring should be started
+      const jobs = (service as any).healthCheckJobs;
+      expect(jobs.has('example.com')).toBe(true);
+    });
+  });
+
+  describe('getDomainHealth', () => {
+    it('should return domain health status', async () => {
+      const health = await service.getDomainHealth('example.com');
+
+      expect(health.domain).toBe('example.com');
+      expect(health.healthy).toBeDefined();
+      expect(health.verificationStatus).toBeDefined();
+      expect(health.lastChecked).toBeInstanceOf(Date);
+      expect(health.records).toBeDefined();
+    });
+  });
+
+  describe('getVerificationHistory', () => {
+    it('should track verification events in history', async () => {
+      await service.setupDomain({
+        domain: 'example.com',
+        provider: 'sendgrid',
+        providerCredentials: { apiKey: 'test-key' },
+        dkim: { enabled: false },
+        spf: { enabled: true },
+        dmarc: { enabled: false }
+      });
+
+      const history = service.getVerificationHistory('example.com');
+
+      expect(history).toHaveLength(1);
+      expect(history[0].domain).toBe('example.com');
+      expect(history[0].eventType).toBe('initiated');
+      expect(history[0].newStatus).toBe('pending');
+    });
+
+    it('should limit history entries based on limit parameter', async () => {
+      // Add multiple entries
+      for (let i = 0; i < 10; i++) {
+        await service.setupDomain({
+          domain: 'example.com',
+          provider: 'sendgrid',
+          providerCredentials: { apiKey: 'test-key' },
+          dkim: { enabled: false },
+          spf: { enabled: true },
+          dmarc: { enabled: false }
+        });
+      }
+
+      const history = service.getVerificationHistory('example.com', 5);
+
+      expect(history.length).toBeLessThanOrEqual(5);
+    });
+
+    it('should return empty array for domain with no history', () => {
+      const history = service.getVerificationHistory('nonexistent.com');
+
+      expect(history).toEqual([]);
+    });
+  });
+
+  describe('NeverHub Integration', () => {
+    it('should publish events to NeverHub when passed in constructor', async () => {
+      const mockNeverHub = {
+        register: jest.fn(),
+        publishEvent: jest.fn()
+      } as any;
+
+      const serviceWithNH = new EmailDomainVerificationService({
+        logger: logger as any,
+        neverhub: mockNeverHub
+      });
+
+      // When neverhub is passed in constructor, it should publish events
+      await serviceWithNH.setupDomain({
+        domain: 'test-registration.com',
+        provider: 'sendgrid',
+        providerCredentials: { apiKey: 'test-key' },
+        dkim: { enabled: false },
+        spf: { enabled: true },
+        dmarc: { enabled: false }
+      });
+
+      // Events should be published via the passed NeverHub adapter
+      expect(mockNeverHub.publishEvent).toHaveBeenCalled();
+    });
+
+    it('should publish events to NeverHub', async () => {
+      const mockNeverHub = {
+        register: jest.fn(),
+        publishEvent: jest.fn()
+      } as any;
+
+      const serviceWithNH = new EmailDomainVerificationService({
+        logger: logger as any,
+        neverhub: mockNeverHub
+      });
+
+      await serviceWithNH.setupDomain({
+        domain: 'example.com',
+        provider: 'sendgrid',
+        providerCredentials: { apiKey: 'test-key' },
+        dkim: { enabled: false },
+        spf: { enabled: true },
+        dmarc: { enabled: false }
+      });
+
+      expect(mockNeverHub.publishEvent).toHaveBeenCalledWith({
+        type: 'domain.verification.initiated',
+        data: expect.objectContaining({
+          domain: 'example.com',
+          provider: 'sendgrid'
+        }),
+        source: '@bernierllc/email-domain-verification',
+        timestamp: expect.any(String)
+      });
+    });
+
+    it('should work without NeverHub', async () => {
+      const serviceWithoutNH = new EmailDomainVerificationService({ logger: logger as any });
+
+      const result = await serviceWithoutNH.setupDomain({
+        domain: 'example.com',
+        provider: 'sendgrid',
+        providerCredentials: { apiKey: 'test-key' },
+        dkim: { enabled: false },
+        spf: { enabled: true },
+        dmarc: { enabled: false }
+      });
+
+      expect(result.success).toBe(true);
+      // No errors thrown - graceful degradation
+    });
+  });
+
+  describe('Health Monitoring', () => {
+    it('should start health monitoring after successful verification', async () => {
+      // Mock successful verification
+      jest.spyOn(service as any, 'verifyWithProvider').mockResolvedValue({
+        verified: true,
+        message: 'Domain verified'
+      });
+
+      const result = await service.verifyDomain(
+        'example.com',
+        'sendgrid',
+        { apiKey: 'test-key' }
+      );
+
+      expect(result.success).toBe(true);
+      expect(result.status).toBe('verified');
+
+      // Health monitoring should be started
+      const jobs = (service as any).healthCheckJobs;
+      expect(jobs.has('example.com')).toBe(true);
+    });
+
+    it('should stop health monitoring on shutdown', async () => {
+      // Mock successful verification
+      jest.spyOn(service as any, 'verifyWithProvider').mockResolvedValue({
+        verified: true,
+        message: 'Domain verified'
+      });
+
+      await service.verifyDomain('example.com', 'sendgrid', { apiKey: 'test-key' });
+
+      const jobs = (service as any).healthCheckJobs;
+      const initialSize = jobs.size;
+
+      await service.shutdown();
+
+      expect(jobs.size).toBe(0);
+      expect(initialSize).toBeGreaterThan(0);
+    });
+
+    it('should allow manual stop of health monitoring', async () => {
+      // Mock successful verification
+      jest.spyOn(service as any, 'verifyWithProvider').mockResolvedValue({
+        verified: true,
+        message: 'Domain verified'
+      });
+
+      await service.verifyDomain('example.com', 'sendgrid', { apiKey: 'test-key' });
+
+      const jobs = (service as any).healthCheckJobs;
+      expect(jobs.has('example.com')).toBe(true);
+
+      service.stopHealthMonitoring('example.com');
+
+      expect(jobs.has('example.com')).toBe(false);
+    });
+  });
+
+  describe('Shutdown', () => {
+    it('should cleanup all resources on shutdown', async () => {
+      // Start multiple health monitors
+      jest.spyOn(service as any, 'verifyWithProvider').mockResolvedValue({
+        verified: true,
+        message: 'Domain verified'
+      });
+
+      await service.verifyDomain('example1.com', 'sendgrid', { apiKey: 'test-key' });
+      await service.verifyDomain('example2.com', 'sendgrid', { apiKey: 'test-key' });
+
+      const jobs = (service as any).healthCheckJobs;
+      expect(jobs.size).toBe(2);
+
+      await service.shutdown();
+
+      expect(jobs.size).toBe(0);
+    });
+  });
+});