1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
5 defmodule Pleroma.Integration.MastodonWebsocketTest do
8 import ExUnit.CaptureLog
11 alias Pleroma.Integration.WebsocketClient
12 alias Pleroma.Web.CommonAPI
13 alias Pleroma.Web.OAuth
14 alias Pleroma.Web.Streamer
16 @path Pleroma.Web.Endpoint.url()
18 |> Map.put(:scheme, "ws")
19 |> Map.put(:path, "/api/v1/streaming")
23 GenServer.start(Streamer, %{}, name: Streamer)
26 if pid = Process.whereis(Streamer) do
27 Process.exit(pid, :kill)
32 def start_socket(qs \\ nil, headers \\ []) do
39 WebsocketClient.start_link(self(), path, headers)
42 test "refuses invalid requests" do
44 assert {:error, {400, _}} = start_socket()
45 assert {:error, {404, _}} = start_socket("?stream=ncjdk")
49 test "requires authentication and a valid token for protected streams" do
51 assert {:error, {403, _}} = start_socket("?stream=user&access_token=aaaaaaaaaaaa")
52 assert {:error, {403, _}} = start_socket("?stream=user")
56 test "allows public streams without authentication" do
57 assert {:ok, _} = start_socket("?stream=public")
58 assert {:ok, _} = start_socket("?stream=public:local")
59 assert {:ok, _} = start_socket("?stream=hashtag&tag=lain")
62 test "receives well formatted events" do
64 {:ok, _} = start_socket("?stream=public")
65 {:ok, activity} = CommonAPI.post(user, %{"status" => "nice echo chamber"})
67 assert_receive {:text, raw_json}, 1_000
68 assert {:ok, json} = Jason.decode(raw_json)
70 assert "update" == json["event"]
71 assert json["payload"]
72 assert {:ok, json} = Jason.decode(json["payload"])
75 Pleroma.Web.MastodonAPI.StatusView.render("status.json", activity: activity, for: nil)
79 assert json == view_json
82 describe "with a valid user token" do
86 OAuth.App.register_changeset(%OAuth.App{}, %{
87 client_name: "client",
95 {:ok, auth} = OAuth.Authorization.create_authorization(app, user)
97 {:ok, token} = OAuth.Token.exchange_token(app, auth)
99 %{user: user, token: token}
102 test "accepts valid tokens", state do
103 assert {:ok, _} = start_socket("?stream=user&access_token=#{state.token.token}")
106 test "accepts the 'user' stream", %{token: token} = _state do
107 assert {:ok, _} = start_socket("?stream=user&access_token=#{token.token}")
109 assert capture_log(fn ->
110 assert {:error, {403, "Forbidden"}} = start_socket("?stream=user")
114 test "accepts the 'user:notification' stream", %{token: token} = _state do
115 assert {:ok, _} = start_socket("?stream=user:notification&access_token=#{token.token}")
117 assert capture_log(fn ->
118 assert {:error, {403, "Forbidden"}} = start_socket("?stream=user:notification")
122 test "accepts valid token on Sec-WebSocket-Protocol header", %{token: token} do
123 assert {:ok, _} = start_socket("?stream=user", [{"Sec-WebSocket-Protocol", token.token}])
125 assert capture_log(fn ->
126 assert {:error, {403, "Forbidden"}} =
127 start_socket("?stream=user", [{"Sec-WebSocket-Protocol", "I am a friend"}])