feat: obfuscated precomputed assignments

Makefile

@@ -36,6 +36,7 @@ test-data:
 	mkdir -p $(tempDir)
 	git clone -b ${branchName} --depth 1 --single-branch ${githubRepoLink} ${gitDataDir}
 	cp -r ${gitDataDir}ufc ${testDataDir}
+	cp -r ${gitDataDir}configuration-wire ${testDataDir}
 	rm -rf ${tempDir}
 
 ## prepare

src/client/eppo-precomputed-client.spec.ts

@@ -1,7 +1,12 @@
 import * as td from 'testdouble';
 
+import {
+  MOCK_PRECOMPUTED_WIRE_FILE,
+  readMockConfigurationWireResponse,
+} from '../../test/testHelpers';
 import ApiEndpoints from '../api-endpoints';
 import { IAssignmentLogger } from '../assignment-logger';
+import { IPrecomputedConfigurationResponse } from '../configuration';
 import { IConfigurationStore } from '../configuration-store/configuration-store';
 import { MemoryOnlyConfigurationStore } from '../configuration-store/memory.store';
 import { DEFAULT_POLL_INTERVAL_MS, MAX_EVENT_QUEUE_SIZE, POLL_JITTER_PCT } from '../constants';
@@ -15,61 +20,19 @@ import EppoPrecomputedClient, {
 } from './eppo-precomputed-client';
 
 describe('EppoPrecomputedClient E2E test', () => {
-  const precomputedFlags = {
-    createdAt: '2024-11-18T14:23:39.456Z',
-    format: 'PRECOMPUTED',
-    environment: {
-      name: 'Test',
-    },
-    flags: {
-      'string-flag': {
-        allocationKey: 'allocation-123',
-        variationKey: 'variation-123',
-        variationType: 'STRING',
-        variationValue: 'red',
-        extraLogging: {},
-        doLog: true,
-      },
-      'boolean-flag': {
-        allocationKey: 'allocation-124',
-        variationKey: 'variation-124',
-        variationType: 'BOOLEAN',
-        variationValue: true,
-        extraLogging: {},
-        doLog: true,
-      },
-      'integer-flag': {
-        allocationKey: 'allocation-125',
-        variationKey: 'variation-125',
-        variationType: 'INTEGER',
-        variationValue: 42,
-        extraLogging: {},
-        doLog: true,
-      },
-      'numeric-flag': {
-        allocationKey: 'allocation-126',
-        variationKey: 'variation-126',
-        variationType: 'NUMERIC',
-        variationValue: 3.14,
-        extraLogging: {},
-        doLog: true,
-      },
-      'json-flag': {
-        allocationKey: 'allocation-127',
-        variationKey: 'variation-127',
-        variationType: 'JSON',
-        variationValue: '{"key": "value", "number": 123}',
-        extraLogging: {},
-        doLog: true,
-      },
-    },
-  }; // TODO: readMockPrecomputedFlagsResponse(MOCK_PRECOMPUTED_FLAGS_RESPONSE_FILE);
+  const precomputedConfigurationWire = readMockConfigurationWireResponse(
+    MOCK_PRECOMPUTED_WIRE_FILE,
+  );
+  const unparsedPrecomputedResponse = JSON.parse(precomputedConfigurationWire).precomputed.response;
+  const precomputedResponse: IPrecomputedConfigurationResponse = JSON.parse(
+    unparsedPrecomputedResponse,
+  );
 
   global.fetch = jest.fn(() => {
     return Promise.resolve({
       ok: true,
       status: 200,
-      json: () => Promise.resolve(precomputedFlags),
+      json: () => Promise.resolve(precomputedResponse),
     });
   }) as jest.Mock;
   const storage = new MemoryOnlyConfigurationStore<PrecomputedFlag>();
@@ -106,7 +69,7 @@ describe('EppoPrecomputedClient E2E test', () => {
 
     beforeAll(() => {
       storage.setEntries({ [precomputedFlagKey]: mockPrecomputedFlag });
-      client = new EppoPrecomputedClient(storage);
+      client = new EppoPrecomputedClient(storage, false);
     });
 
     afterAll(() => {
@@ -126,7 +89,7 @@ describe('EppoPrecomputedClient E2E test', () => {
     it('Invokes logger for queued events', () => {
       const mockLogger = td.object<IAssignmentLogger>();
 
-      const client = new EppoPrecomputedClient(storage);
+      const client = new EppoPrecomputedClient(storage, false);
       client.getStringAssignment(precomputedFlagKey, 'default-value');
       client.setAssignmentLogger(mockLogger);
 
@@ -138,7 +101,7 @@ describe('EppoPrecomputedClient E2E test', () => {
     it('Does not log same queued event twice', () => {
       const mockLogger = td.object<IAssignmentLogger>();
 
-      const client = new EppoPrecomputedClient(storage);
+      const client = new EppoPrecomputedClient(storage, false);
 
       client.getStringAssignment(precomputedFlagKey, 'default-value');
       client.setAssignmentLogger(mockLogger);
@@ -149,7 +112,7 @@ describe('EppoPrecomputedClient E2E test', () => {
 
     it('Does not invoke logger for events that exceed queue size', () => {
       const mockLogger = td.object<IAssignmentLogger>();
-      const client = new EppoPrecomputedClient(storage);
+      const client = new EppoPrecomputedClient(storage, false);
 
       for (let i = 0; i < MAX_EVENT_QUEUE_SIZE + 100; i++) {
         client.getStringAssignment(precomputedFlagKey, 'default-value');
@@ -160,23 +123,23 @@ describe('EppoPrecomputedClient E2E test', () => {
   });
 
   it('returns null if getStringAssignment was called for the subject before any precomputed flags were loaded', () => {
-    const localClient = new EppoPrecomputedClient(new MemoryOnlyConfigurationStore());
+    const localClient = new EppoPrecomputedClient(new MemoryOnlyConfigurationStore(), false);
     expect(localClient.getStringAssignment(precomputedFlagKey, 'hello world')).toEqual(
       'hello world',
     );
     expect(localClient.isInitialized()).toBe(false);
   });
 
   it('returns default value when key does not exist', async () => {
-    const client = new EppoPrecomputedClient(storage);
+    const client = new EppoPrecomputedClient(storage, false);
     const nonExistentFlag = 'non-existent-flag';
     expect(client.getStringAssignment(nonExistentFlag, 'default')).toBe('default');
   });
 
   it('logs variation assignment with correct metadata', () => {
     const mockLogger = td.object<IAssignmentLogger>();
     storage.setEntries({ [precomputedFlagKey]: mockPrecomputedFlag });
-    const client = new EppoPrecomputedClient(storage);
+    const client = new EppoPrecomputedClient(storage, false);
     client.setAssignmentLogger(mockLogger);
 
     client.getStringAssignment(precomputedFlagKey, 'default');
@@ -197,7 +160,7 @@ describe('EppoPrecomputedClient E2E test', () => {
     td.when(mockLogger.logAssignment(td.matchers.anything())).thenThrow(new Error('logging error'));
 
     storage.setEntries({ [precomputedFlagKey]: mockPrecomputedFlag });
-    const client = new EppoPrecomputedClient(storage);
+    const client = new EppoPrecomputedClient(storage, false);
     client.setAssignmentLogger(mockLogger);
 
     const assignment = client.getStringAssignment(precomputedFlagKey, 'default');
@@ -212,7 +175,7 @@ describe('EppoPrecomputedClient E2E test', () => {
     beforeEach(() => {
       mockLogger = td.object<IAssignmentLogger>();
       storage.setEntries({ [precomputedFlagKey]: mockPrecomputedFlag });
-      client = new EppoPrecomputedClient(storage);
+      client = new EppoPrecomputedClient(storage, false);
       client.setAssignmentLogger(mockLogger);
     });
 
@@ -382,7 +345,7 @@ describe('EppoPrecomputedClient E2E test', () => {
         return Promise.resolve({
           ok: true,
           status: 200,
-          json: () => Promise.resolve(precomputedFlags),
+          json: () => Promise.resolve(precomputedResponse),
         });
       }) as jest.Mock;
     });
@@ -431,7 +394,7 @@ describe('EppoPrecomputedClient E2E test', () => {
     });
 
     it('Fetches initial configuration with parameters in constructor', async () => {
-      client = new EppoPrecomputedClient(precomputedFlagStore);
+      client = new EppoPrecomputedClient(precomputedFlagStore, true);
       client.setSubjectAndPrecomputedFlagsRequestParameters(requestParameters);
       // no configuration loaded
       let variation = client.getStringAssignment(precomputedFlagKey, 'default');
@@ -443,7 +406,7 @@ describe('EppoPrecomputedClient E2E test', () => {
     });
 
     it('Fetches initial configuration with parameters provided later', async () => {
-      client = new EppoPrecomputedClient(precomputedFlagStore);
+      client = new EppoPrecomputedClient(precomputedFlagStore, true);
       client.setSubjectAndPrecomputedFlagsRequestParameters(requestParameters);
       // no configuration loaded
       let variation = client.getStringAssignment(precomputedFlagKey, 'default');
@@ -464,7 +427,7 @@ describe('EppoPrecomputedClient E2E test', () => {
           }
         }
 
-        client = new EppoPrecomputedClient(new MockStore());
+        client = new EppoPrecomputedClient(new MockStore(), true);
         client.setSubjectAndPrecomputedFlagsRequestParameters({
           ...requestParameters,
           pollAfterSuccessfulInitialization: true,
@@ -494,7 +457,7 @@ describe('EppoPrecomputedClient E2E test', () => {
         }
       }
 
-      client = new EppoPrecomputedClient(new MockStore());
+      client = new EppoPrecomputedClient(new MockStore(), false);
       client.setSubjectAndPrecomputedFlagsRequestParameters(requestParameters);
       // no configuration loaded
       let variation = client.getStringAssignment(precomputedFlagKey, 'default');
@@ -509,7 +472,7 @@ describe('EppoPrecomputedClient E2E test', () => {
       let client: EppoPrecomputedClient;
 
       beforeEach(async () => {
-        client = new EppoPrecomputedClient(storage);
+        client = new EppoPrecomputedClient(storage, true);
         client.setSubjectAndPrecomputedFlagsRequestParameters(requestParameters);
         await client.fetchPrecomputedFlags();
       });
@@ -570,7 +533,7 @@ describe('EppoPrecomputedClient E2E test', () => {
             ok: true,
             status: 200,
             json: () => {
-              return precomputedFlags;
+              return precomputedResponse;
             },
           });
         }
@@ -581,7 +544,7 @@ describe('EppoPrecomputedClient E2E test', () => {
         ...requestParameters,
         pollAfterSuccessfulInitialization,
       };
-      client = new EppoPrecomputedClient(precomputedFlagStore);
+      client = new EppoPrecomputedClient(precomputedFlagStore, true);
       client.setSubjectAndPrecomputedFlagsRequestParameters(requestParameters);
       // no configuration loaded
       let variation = client.getStringAssignment(precomputedFlagKey, 'default');
@@ -629,7 +592,7 @@ describe('EppoPrecomputedClient E2E test', () => {
           return Promise.resolve({
             ok: true,
             status: 200,
-            json: () => Promise.resolve(precomputedFlags),
+            json: () => Promise.resolve(precomputedResponse),
           } as Response);
         }
       });
@@ -646,7 +609,7 @@ describe('EppoPrecomputedClient E2E test', () => {
         throwOnFailedInitialization,
         pollAfterFailedInitialization,
       };
-      client = new EppoPrecomputedClient(precomputedFlagStore);
+      client = new EppoPrecomputedClient(precomputedFlagStore, true);
       client.setSubjectAndPrecomputedFlagsRequestParameters(requestParameters);
       // no configuration loaded
       expect(client.getStringAssignment(precomputedFlagKey, 'default')).toBe('default');
@@ -673,36 +636,40 @@ describe('EppoPrecomputedClient E2E test', () => {
   });
 
   describe('Obfuscated precomputed flags', () => {
-    let client: EppoPrecomputedClient;
+    it('returns decoded variation value', () => {
+      const salt = 'sodium-chloride';
+      const saltedAndHashedFlagKey = getMD5Hash(precomputedFlagKey, salt);
 
-    beforeAll(() => {
       storage.setEntries({
-        [getMD5Hash(precomputedFlagKey)]: {
+        [saltedAndHashedFlagKey]: {
           ...mockPrecomputedFlag,
           allocationKey: encodeBase64(mockPrecomputedFlag.allocationKey),
           variationKey: encodeBase64(mockPrecomputedFlag.variationKey),
           variationValue: encodeBase64(mockPrecomputedFlag.variationValue),
           extraLogging: {},
         },
       });
-      client = new EppoPrecomputedClient(storage, true);
-    });
 
-    afterAll(() => {
-      td.reset();
-    });
+      const client = new EppoPrecomputedClient(storage, true);
+      client.setSubjectSaltAndPrecomputedFlagStore(
+        'test-subject',
+        { attr1: 'value1' },
+        encodeBase64(salt),
+        storage,
+      );
 
-    it('returns decoded variation value', () => {
       expect(client.getStringAssignment(precomputedFlagKey, 'default')).toBe(
         mockPrecomputedFlag.variationValue,
       );
+
+      td.reset();
     });
   });
 
   it('logs variation assignment with format from precomputed flags response', () => {
     const mockLogger = td.object<IAssignmentLogger>();
     storage.setEntries({ [precomputedFlagKey]: mockPrecomputedFlag });
-    const client = new EppoPrecomputedClient(storage);
+    const client = new EppoPrecomputedClient(storage, false);
     client.setAssignmentLogger(mockLogger);
 
     client.getStringAssignment(precomputedFlagKey, 'default');
@@ -721,12 +688,17 @@ describe('EppoPrecomputedClient E2E test', () => {
     beforeEach(() => {
       store = new MemoryOnlyConfigurationStore<PrecomputedFlag>();
       mockLogger = td.object<IAssignmentLogger>();
-      client = new EppoPrecomputedClient(store);
+      client = new EppoPrecomputedClient(store, false);
       client.setAssignmentLogger(mockLogger);
     });
 
     it('returns default value and does not log when store is not initialized', () => {
-      client.setSubjectAndPrecomputedFlagStore('test-subject', {}, store);
+      client.setSubjectSaltAndPrecomputedFlagStore(
+        'test-subject',
+        {},
+        encodeBase64('sodium-chloride'),
+        store,
+      );
       expect(client.getStringAssignment('test-flag', 'default')).toBe('default');
       expect(td.explain(mockLogger.logAssignment).callCount).toEqual(0);
     });
@@ -746,7 +718,12 @@ describe('EppoPrecomputedClient E2E test', () => {
           extraLogging: {},
         },
       });
-      client.setSubjectAndPrecomputedFlagStore(subjectKey, subjectAttributes, store);
+      client.setSubjectSaltAndPrecomputedFlagStore(
+        subjectKey,
+        subjectAttributes,
+        encodeBase64('sodium-chloride'),
+        store,
+      );
       expect(client.getStringAssignment('test-flag', 'default')).toBe('test-value');
 
       expect(td.explain(mockLogger.logAssignment).callCount).toEqual(1);