test(proxy): 重构并增强 TlsCertificateManager 测试用例- 重新设计测试用例，使用临时文件模拟证书和密钥

- 增加对 TlsCertificateManager 各种方法的单元测试
- 涉及到的测试场景包括：
  - 构造函数
  - 启动和关闭
  - 注册和注销监听器
  - 文件变更通知（证书、密钥、未知文件等）
  - 多个监听器的情况
  - 监听器抛出异常的情况
  - 增加对内部 CertKeyFileWatchListener 的测试

Signed-off-by: Async <raisinata@foxmail.com>

Author: EnableAsync

proxy/src/main/java/org/apache/rocketmq/proxy/service/cert/TlsCertificateManager.java

@@ -47,6 +47,10 @@ public TlsCertificateManager() {
         }
     }
 
+    public FileWatchService getFileWatchService() {
+        return this.fileWatchService;
+    }
+
     public void registerReloadListener(TlsContextReloadListener listener) {
         if (listener != null) {
             this.reloadListeners.add(listener);
@@ -59,6 +63,10 @@ public void unregisterReloadListener(TlsContextReloadListener listener) {
         }
     }
 
+    public List<TlsContextReloadListener> getReloadListeners() {
+        return this.reloadListeners;
+    }
+
     @Override
     public void start() throws Exception {
         this.fileWatchService.start();

proxy/src/test/java/org/apache/rocketmq/proxy/service/cert/TlsCertificateManagerTest.java

@@ -16,87 +16,311 @@
  */
 package org.apache.rocketmq.proxy.service.cert;
 
+import java.io.FileWriter;
+import org.apache.rocketmq.proxy.config.ConfigurationManager;
+import org.apache.rocketmq.proxy.config.ProxyConfig;
 import org.apache.rocketmq.remoting.netty.TlsSystemConfig;
 import org.apache.rocketmq.srvutil.FileWatchService;
 import org.junit.jupiter.api.AfterEach;
 import org.junit.jupiter.api.BeforeAll;
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
 import org.junit.jupiter.api.extension.ExtendWith;
+import org.junit.jupiter.api.io.TempDir;
 import org.mockito.Mock;
+import org.mockito.MockitoAnnotations;
+import org.mockito.junit.jupiter.MockitoExtension;
+import org.powermock.reflect.Whitebox;
 
+import java.io.File;
 import java.lang.reflect.Constructor;
+import java.lang.reflect.Field;
+import java.lang.reflect.Method;
+import java.nio.file.Files;
+import java.nio.file.Path;
+import java.util.List;
 
-import static org.mockito.Mockito.never;
-import static org.mockito.Mockito.reset;
-import static org.mockito.Mockito.times;
-import static org.mockito.Mockito.verify;
+import static org.junit.jupiter.api.Assertions.*;
+import static org.mockito.Mockito.*;
 
-@ExtendWith(org.mockito.junit.jupiter.MockitoExtension.class)
-class TlsCertificateManagerTest {
+@ExtendWith(MockitoExtension.class)
+public class TlsCertificateManagerTest {
+
+    @TempDir
+    Path tempDir;
+
+    private TlsCertificateManager manager;
 
     @Mock
-    private TlsCertificateManager.TlsContextReloadListener reloadListener;
+    private ProxyConfig proxyConfig;
 
-    private static TlsCertificateManager manager;
+    @Mock
+    private TlsCertificateManager.TlsContextReloadListener listener1;
 
-    private FileWatchService.Listener innerListener;
+    @Mock
+    private TlsCertificateManager.TlsContextReloadListener listener2;
 
-    @BeforeAll
-    static void initTlsConfig() {
-        TlsSystemConfig.tlsServerCertPath      = "/tmp/server.crt";
-        TlsSystemConfig.tlsServerKeyPath       = "/tmp/server.key";
-        TlsSystemConfig.tlsServerTrustCertPath = "/tmp/ca.crt";
+    private File certFile;
+    private File keyFile;
+    private FileWatchService.Listener fileWatchListener;
+    private Field configField;
+    private ProxyConfig originalConfig;
 
-        // Obtain the singleton after the paths are set
-        manager = TlsCertificateManager.getInstance();
+    @BeforeAll
+    public static void setUpAll() throws Exception {
+        ConfigurationManager.initEnv();
+        ConfigurationManager.intConfig();
     }
 
     @BeforeEach
-    void setUp() throws Exception {
-        // Register the external listener
-        manager.registerReloadListener(reloadListener);
+    public void setUp() throws Exception {
+        // Create temporary certificate and key files
+        certFile = new File(tempDir.toFile(), "server.crt");
+        keyFile = new File(tempDir.toFile(), "server.key");
+        try (FileWriter certWriter = new FileWriter(certFile);
+             FileWriter keyWriter = new FileWriter(keyFile)) {
+            certWriter.write("test certificate content");
+            keyWriter.write("test key content");
+        }
+
+        // Set TlsSystemConfig paths
+        TlsSystemConfig.tlsServerCertPath = certFile.getAbsolutePath();
+        TlsSystemConfig.tlsServerKeyPath = keyFile.getAbsolutePath();
 
-        Class<?> innerClazz = Class.forName(
-            "org.apache.rocketmq.proxy.service.cert.TlsCertificateManager$CertKeyFileWatchListener");
-        Constructor<?> ctor = innerClazz.getDeclaredConstructor(TlsCertificateManager.class);
-        ctor.setAccessible(true);
-        innerListener = (FileWatchService.Listener) ctor.newInstance(manager);
+        // Create the TlsCertificateManager
+        manager = new TlsCertificateManager();
+
+        // Extract the file watch listener using reflection
+        fileWatchListener = extractFileWatchListener(manager);
     }
 
     @AfterEach
-    void tearDown() {
-        // Unregister and reset between tests to avoid interference
-        manager.unregisterReloadListener(reloadListener);
-        reset(reloadListener);
+    public void tearDown() throws Exception {
+        // Restore the original config
+        if (configField != null && originalConfig != null) {
+            configField.set(null, originalConfig);
+        }
+    }
+
+    private FileWatchService.Listener extractFileWatchListener(TlsCertificateManager manager) throws Exception {
+        Field fileWatchServiceField = TlsCertificateManager.class.getDeclaredField("fileWatchService");
+        fileWatchServiceField.setAccessible(true);
+        FileWatchService fileWatchService = (FileWatchService) fileWatchServiceField.get(manager);
+
+        Field listenerField = FileWatchService.class.getDeclaredField("listener");
+        listenerField.setAccessible(true);
+        return (FileWatchService.Listener) listenerField.get(fileWatchService);
+    }
+
+    @Test
+    public void testConstructor() {
+        // The constructor should initialize the FileWatchService with the correct paths
+        assertNotNull(manager);
+    }
+
+    @Test
+    public void testStartAndShutdown() throws Exception {
+        // Create a spy to verify the internal fileWatchService methods are called
+        TlsCertificateManager managerSpy = spy(manager);
+
+        // Get access to the internal fileWatchService
+        Field watchServiceField = TlsCertificateManager.class.getDeclaredField("fileWatchService");
+        watchServiceField.setAccessible(true);
+        FileWatchService watchService = (FileWatchService) watchServiceField.get(managerSpy);
+        FileWatchService watchServiceSpy = spy(watchService);
+        watchServiceField.set(managerSpy, watchServiceSpy);
+
+        // Test start method
+        managerSpy.start();
+        verify(watchServiceSpy).start();
+
+        // Test shutdown method
+        managerSpy.shutdown();
+        verify(watchServiceSpy).shutdown();
+    }
+
+    @Test
+    public void testRegisterAndUnregisterListener() {
+        // Test registering a listener
+        manager.registerReloadListener(listener1);
+
+        List<TlsCertificateManager.TlsContextReloadListener> listeners = manager.getReloadListeners();
+        assertEquals(1, listeners.size());
+        assertTrue(listeners.contains(listener1));
+
+        // Test registering another listener
+        manager.registerReloadListener(listener2);
+        assertEquals(2, listeners.size());
+        assertTrue(listeners.contains(listener2));
+
+        // Test unregistering a listener
+        manager.unregisterReloadListener(listener1);
+        assertEquals(1, listeners.size());
+        assertFalse(listeners.contains(listener1));
+        assertTrue(listeners.contains(listener2));
+
+        // Test handling null listeners
+        manager.registerReloadListener(null);
+        assertEquals(1, listeners.size()); // Should remain unchanged
+
+        manager.unregisterReloadListener(null);
+        assertEquals(1, listeners.size()); // Should remain unchanged
+    }
+
+    @Test
+    public void testFileChangeNotification_CertOnly() throws Exception {
+        // Setup test
+        manager.registerReloadListener(listener1);
+
+        // Trigger cert file change only
+        fileWatchListener.onChanged(certFile.getAbsolutePath());
+
+        // Verify listener not called yet
+        verify(listener1, never()).onTlsContextReload();
+    }
+
+    @Test
+    public void testFileChangeNotification_KeyOnly() throws Exception {
+        // Setup test
+        manager.registerReloadListener(listener1);
+
+        // Trigger key file change only
+        fileWatchListener.onChanged(keyFile.getAbsolutePath());
+
+        // Verify listener not called yet
+        verify(listener1, never()).onTlsContextReload();
     }
 
-    // Trust certificate change should trigger immediate reload
     @Test
-    void trustCertChanged_shouldTriggerReload() {
-        innerListener.onChanged(TlsSystemConfig.tlsServerTrustCertPath);
-        verify(reloadListener, times(1)).onTlsContextReload();
+    public void testFileChangeNotification_BothFiles() throws Exception {
+        // Setup test
+        manager.registerReloadListener(listener1);
+
+        // Trigger both file changes
+        fileWatchListener.onChanged(certFile.getAbsolutePath());
+        fileWatchListener.onChanged(keyFile.getAbsolutePath());
+
+        // Verify listener is called
+        verify(listener1, times(1)).onTlsContextReload();
+    }
+
+    @Test
+    public void testFileChangeNotification_MultipleListeners() throws Exception {
+        // Setup test
+        manager.registerReloadListener(listener1);
+        manager.registerReloadListener(listener2);
+
+        // Trigger both file changes
+        fileWatchListener.onChanged(certFile.getAbsolutePath());
+        fileWatchListener.onChanged(keyFile.getAbsolutePath());
+
+        // Verify both listeners are called
+        verify(listener1, times(1)).onTlsContextReload();
+        verify(listener2, times(1)).onTlsContextReload();
     }
 
-    // Only server certificate change should NOT trigger reload
     @Test
-    void certOnlyChanged_shouldNotTriggerReload() {
-        innerListener.onChanged(TlsSystemConfig.tlsServerCertPath);
-        verify(reloadListener, never()).onTlsContextReload();
+    public void testFileChangeNotification_BothFilesReverseOrder() throws Exception {
+        // Setup test
+        manager.registerReloadListener(listener1);
+
+        // Trigger both file changes in reverse order
+        fileWatchListener.onChanged(keyFile.getAbsolutePath());
+        fileWatchListener.onChanged(certFile.getAbsolutePath());
+
+        // Verify listener is called
+        verify(listener1, times(1)).onTlsContextReload();
     }
 
-    // Only private-key change should NOT trigger reload
     @Test
-    void keyOnlyChanged_shouldNotTriggerReload() {
-        innerListener.onChanged(TlsSystemConfig.tlsServerKeyPath);
-        verify(reloadListener, never()).onTlsContextReload();
+    public void testFileChangeNotification_RepeatedChanges() throws Exception {
+        // Setup test
+        manager.registerReloadListener(listener1);
+
+        // First batch of changes
+        fileWatchListener.onChanged(certFile.getAbsolutePath());
+        fileWatchListener.onChanged(keyFile.getAbsolutePath());
+
+        // Verify listener is called once
+        verify(listener1, times(1)).onTlsContextReload();
+
+        // Second batch of changes
+        fileWatchListener.onChanged(certFile.getAbsolutePath());
+        fileWatchListener.onChanged(keyFile.getAbsolutePath());
+
+        // Verify listener is called again (total twice)
+        verify(listener1, times(2)).onTlsContextReload();
     }
 
-    // Server certificate + key both changed -> trigger one reload
     @Test
-    void certAndKeyChanged_shouldTriggerReloadOnce() {
-        innerListener.onChanged(TlsSystemConfig.tlsServerCertPath);
-        innerListener.onChanged(TlsSystemConfig.tlsServerKeyPath);
-        verify(reloadListener, times(1)).onTlsContextReload();
+    public void testFileChangeNotification_UnknownFile() throws Exception {
+        // Setup test
+        manager.registerReloadListener(listener1);
+
+        // Trigger change to an unknown file
+        fileWatchListener.onChanged("/unknown/file/path");
+
+        // Verify listener is not called
+        verify(listener1, never()).onTlsContextReload();
+    }
+
+    @Test
+    public void testFileChangeNotification_ListenerThrowsException() throws Exception {
+        // Setup a listener that throws an exception
+        TlsCertificateManager.TlsContextReloadListener exceptionListener = mock(TlsCertificateManager.TlsContextReloadListener.class);
+        doThrow(new RuntimeException("Test exception")).when(exceptionListener).onTlsContextReload();
+
+        // Register both listeners
+        manager.registerReloadListener(exceptionListener);
+        manager.registerReloadListener(listener1);
+
+        // Trigger both file changes
+        fileWatchListener.onChanged(certFile.getAbsolutePath());
+        fileWatchListener.onChanged(keyFile.getAbsolutePath());
+
+        // Verify both listeners were called despite the exception
+        verify(exceptionListener, times(1)).onTlsContextReload();
+        verify(listener1, times(1)).onTlsContextReload();
+    }
+
+    @Test
+    public void testInnerCertKeyFileWatchListener() throws Exception {
+        // Get the CertKeyFileWatchListener class
+        Class<?> innerClass = null;
+        for (Class<?> clazz : TlsCertificateManager.class.getDeclaredClasses()) {
+            if (clazz.getSimpleName().equals("CertKeyFileWatchListener")) {
+                innerClass = clazz;
+                break;
+            }
+        }
+
+        assertNotNull(innerClass, "CertKeyFileWatchListener class not found");
+
+        // Create a new instance
+        Constructor<?> constructor = innerClass.getDeclaredConstructor(TlsCertificateManager.class);
+        constructor.setAccessible(true);
+        Object innerListener = constructor.newInstance(manager);
+
+        // Register a mock listener to the manager
+        manager.registerReloadListener(listener1);
+
+        // Get the onChanged method
+        Method onChangedMethod = innerClass.getDeclaredMethod("onChanged", String.class);
+        onChangedMethod.setAccessible(true);
+
+        // Test cert file change
+        onChangedMethod.invoke(innerListener, certFile.getAbsolutePath());
+        verify(listener1, never()).onTlsContextReload();
+
+        // Test key file change - should trigger notification
+        onChangedMethod.invoke(innerListener, keyFile.getAbsolutePath());
+        verify(listener1, times(1)).onTlsContextReload();
+
+        // Test reset of flags
+        reset(listener1);
+
+        // Call onChanged again for cert - should not trigger notification as flags are reset
+        onChangedMethod.invoke(innerListener, certFile.getAbsolutePath());
+        verify(listener1, never()).onTlsContextReload();
     }
 }