Actually exercise the OIP cached-key retry in tests

dahlia · dahlia · commit 1c7105b6271b · 2026-05-16T08:54:32.000+09:00
The "cached-key retry emits one measurement, not two" step had two weaknesses. First, it primed the cache with rsaPublicKey2, a CryptographicKey rather than a Multikey, so `fetchKey()` skipped the cache entirely and went straight to a fresh fetch. The retry path inside verifyProofInternal was never triggered; the test passed because verification.duration count was 1 either way. Swap the cached value to ed25519Multikey (a valid Ed25519 Multikey for a different key) so `fetchKey()` returns it as `cached=true`, the Ed25519 algorithm check passes, and the "signature failed with cached key" recursive retry actually runs. Second, the step only checked verification.duration; the per-fetch behavior on the same path was unchecked. Add assertions for the two `activitypub.signature.key_fetch.duration` measurements the retry produces: `result=hit` for the stale cached attempt followed by `result=fetched` for the refetch, mirroring the LD cached-key retry test added earlier in this PR. #769 (comment) Assisted-by: Claude Code:claude-opus-4-7
diff --git a/packages/fedify/src/sig/proof.test.ts b/packages/fedify/src/sig/proof.test.ts
@@ -663,11 +663,13 @@ test("verifyProof() records verification duration metric", async (t) => {
   await t.step("cached-key retry emits one measurement, not two", async () => {
     const [meterProvider, recorder] = createTestMeterProvider();
     const keyId = "https://server.example/users/alice#ed25519-key";
-    // Prime the cache with a wrong-algorithm key (the rsaPublicKey2 is RSA,
-    // not Ed25519) so that verifyProofInternal falls through to the
-    // fresh-fetch retry path.
+    // Prime the cache with a different valid Ed25519 Multikey for the same
+    // keyId.  fetchKey returns it as cached=true, the Ed25519 algorithm
+    // check passes, and verification fails because the key doesn't match
+    // the proof, so verifyProofInternal goes through its
+    // "signature failed with cached key" recursive retry.
     const cache: Record<string, CryptographicKey | Multikey | null> = {
-      [keyId]: rsaPublicKey2,
+      [keyId]: ed25519Multikey,
     };
     const key = await verifyProof(jsonLd, proof, {
       documentLoader: mockDocumentLoader,
@@ -690,6 +692,22 @@ test("verifyProof() records verification duration metric", async (t) => {
       ).length,
       1,
     );
+    // The retry path is observable as a per-fetch sequence on
+    // `activitypub.signature.key_fetch.duration`: a `hit` for the stale
+    // cached attempt, then a `fetched` for the fresh refetch.  Mirrors the
+    // LD cached-key retry test.
+    const keyFetches = recorder.getMeasurements(
+      "activitypub.signature.key_fetch.duration",
+    );
+    assertEquals(keyFetches.length, 2);
+    assertEquals(
+      keyFetches[0].attributes["activitypub.signature.key_fetch.result"],
+      "hit",
+    );
+    assertEquals(
+      keyFetches[1].attributes["activitypub.signature.key_fetch.result"],
+      "fetched",
+    );
   });
 
   await t.step(
