giant massive dep upgrade and dialyxir-found error emporium (#371)
[akkoma] / test / pleroma / signature_test.exs
1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
4
5 defmodule Pleroma.SignatureTest do
6 use Pleroma.DataCase
7
8 import ExUnit.CaptureLog
9 import Pleroma.Factory
10 import Tesla.Mock
11 import Mock
12
13 alias Pleroma.Signature
14
15 setup do
16 mock(fn env -> apply(HttpRequestMock, :request, [env]) end)
17 :ok
18 end
19
20 @private_key "-----BEGIN RSA PRIVATE KEY-----\nMIIEpQIBAAKCAQEA48qb4v6kqigZutO9Ot0wkp27GIF2LiVaADgxQORZozZR63jH\nTaoOrS3Xhngbgc8SSOhfXET3omzeCLqaLNfXnZ8OXmuhJfJSU6mPUvmZ9QdT332j\nfN/g3iWGhYMf/M9ftCKh96nvFVO/tMruzS9xx7tkrfJjehdxh/3LlJMMImPtwcD7\nkFXwyt1qZTAU6Si4oQAJxRDQXHp1ttLl3Ob829VM7IKkrVmY8TD+JSlV0jtVJPj6\n1J19ytKTx/7UaucYvb9HIiBpkuiy5n/irDqKLVf5QEdZoNCdojOZlKJmTLqHhzKP\n3E9TxsUjhrf4/EqegNc/j982RvOxeu4i40zMQwIDAQABAoIBAQDH5DXjfh21i7b4\ncXJuw0cqget617CDUhemdakTDs9yH+rHPZd3mbGDWuT0hVVuFe4vuGpmJ8c+61X0\nRvugOlBlavxK8xvYlsqTzAmPgKUPljyNtEzQ+gz0I+3mH2jkin2rL3D+SksZZgKm\nfiYMPIQWB2WUF04gB46DDb2mRVuymGHyBOQjIx3WC0KW2mzfoFUFRlZEF+Nt8Ilw\nT+g/u0aZ1IWoszbsVFOEdghgZET0HEarum0B2Je/ozcPYtwmU10iBANGMKdLqaP/\nj954BPunrUf6gmlnLZKIKklJj0advx0NA+cL79+zeVB3zexRYSA5o9q0WPhiuTwR\n/aedWHnBAoGBAP0sDWBAM1Y4TRAf8ZI9PcztwLyHPzfEIqzbObJJnx1icUMt7BWi\n+/RMOnhrlPGE1kMhOqSxvXYN3u+eSmWTqai2sSH5Hdw2EqnrISSTnwNUPINX7fHH\njEkgmXQ6ixE48SuBZnb4w1EjdB/BA6/sjL+FNhggOc87tizLTkMXmMtTAoGBAOZV\n+wPuAMBDBXmbmxCuDIjoVmgSlgeRunB1SA8RCPAFAiUo3+/zEgzW2Oz8kgI+xVwM\n33XkLKrWG1Orhpp6Hm57MjIc5MG+zF4/YRDpE/KNG9qU1tiz0UD5hOpIU9pP4bR/\ngxgPxZzvbk4h5BfHWLpjlk8UUpgk6uxqfti48c1RAoGBALBOKDZ6HwYRCSGMjUcg\n3NPEUi84JD8qmFc2B7Tv7h2he2ykIz9iFAGpwCIyETQsJKX1Ewi0OlNnD3RhEEAy\nl7jFGQ+mkzPSeCbadmcpYlgIJmf1KN/x7fDTAepeBpCEzfZVE80QKbxsaybd3Dp8\nCfwpwWUFtBxr4c7J+gNhAGe/AoGAPn8ZyqkrPv9wXtyfqFjxQbx4pWhVmNwrkBPi\nZ2Qh3q4dNOPwTvTO8vjghvzIyR8rAZzkjOJKVFgftgYWUZfM5gE7T2mTkBYq8W+U\n8LetF+S9qAM2gDnaDx0kuUTCq7t87DKk6URuQ/SbI0wCzYjjRD99KxvChVGPBHKo\n1DjqMuECgYEAgJGNm7/lJCS2wk81whfy/ttKGsEIkyhPFYQmdGzSYC5aDc2gp1R3\nxtOkYEvdjfaLfDGEa4UX8CHHF+w3t9u8hBtcdhMH6GYb9iv6z0VBTt4A/11HUR49\n3Z7TQ18Iyh3jAUCzFV9IJlLIExq5Y7P4B3ojWFBN607sDCt8BMPbDYs=\n-----END RSA PRIVATE KEY-----"
21
22 @public_key "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw0P/Tq4gb4G/QVuMGbJo\nC/AfMNcv+m7NfrlOwkVzcU47jgESuYI4UtJayissCdBycHUnfVUd9qol+eznSODz\nCJhfJloqEIC+aSnuEPGA0POtWad6DU0E6/Ho5zQn5WAWUwbRQqowbrsm/GHo2+3v\neR5jGenwA6sYhINg/c3QQbksyV0uJ20Umyx88w8+TJuv53twOfmyDWuYNoQ3y5cc\nHKOZcLHxYOhvwg3PFaGfFHMFiNmF40dTXt9K96r7sbzc44iLD+VphbMPJEjkMuf8\nPGEFOBzy8pm3wJZw2v32RNW2VESwMYyqDzwHXGSq1a73cS7hEnc79gXlELsK04L9\nQQIDAQAB\n-----END PUBLIC KEY-----\n"
23
24 @rsa_public_key {
25 :RSAPublicKey,
26 24_650_000_183_914_698_290_885_268_529_673_621_967_457_234_469_123_179_408_466_269_598_577_505_928_170_923_974_132_111_403_341_217_239_999_189_084_572_368_839_502_170_501_850_920_051_662_384_964_248_315_257_926_552_945_648_828_895_432_624_227_029_881_278_113_244_073_644_360_744_504_606_177_648_469_825_063_267_913_017_309_199_785_535_546_734_904_379_798_564_556_494_962_268_682_532_371_146_333_972_821_570_577_277_375_020_977_087_539_994_500_097_107_935_618_711_808_260_846_821_077_839_605_098_669_707_417_692_791_905_543_116_911_754_774_323_678_879_466_618_738_207_538_013_885_607_095_203_516_030_057_611_111_308_904_599_045_146_148_350_745_339_208_006_497_478_057_622_336_882_506_112_530_056_970_653_403_292_123_624_453_213_574_011_183_684_739_084_105_206_483_178_943_532_208_537_215_396_831_110_268_758_639_826_369_857,
27 # credo:disable-for-previous-line Credo.Check.Readability.MaxLineLength
28 65_537
29 }
30
31 defp make_fake_signature(key_id), do: "keyId=\"#{key_id}\""
32
33 defp make_fake_conn(key_id),
34 do: %Plug.Conn{req_headers: %{"signature" => make_fake_signature(key_id <> "#main-key")}}
35
36 describe "fetch_public_key/1" do
37 test "it returns key" do
38 expected_result = {:ok, @rsa_public_key}
39
40 user = insert(:user, public_key: @public_key)
41
42 assert Signature.fetch_public_key(make_fake_conn(user.ap_id)) == expected_result
43 end
44
45 test "it returns error when not found user" do
46 assert capture_log(fn ->
47 assert Signature.fetch_public_key(make_fake_conn("https://test-ap-id")) ==
48 {:error, :error}
49 end) =~ "[error] Could not decode user"
50 end
51
52 test "it returns error if public key is nil" do
53 user = insert(:user, public_key: nil)
54
55 assert Signature.fetch_public_key(make_fake_conn(user.ap_id)) == {:error, :error}
56 end
57 end
58
59 describe "refetch_public_key/1" do
60 test "it returns key" do
61 ap_id = "https://mastodon.social/users/lambadalambda"
62
63 assert Signature.refetch_public_key(make_fake_conn(ap_id)) == {:ok, @rsa_public_key}
64 end
65
66 test "it returns error when not found user" do
67 assert capture_log(fn ->
68 {:error, _} = Signature.refetch_public_key(make_fake_conn("https://test-ap_id"))
69 end) =~ "[error] Could not decode user"
70 end
71 end
72
73 describe "sign/2" do
74 test "it returns signature headers" do
75 user =
76 insert(:user, %{
77 ap_id: "https://mastodon.social/users/lambadalambda",
78 keys: @private_key
79 })
80
81 assert Signature.sign(
82 user,
83 %{
84 host: "test.test",
85 "content-length": 100
86 }
87 ) ==
88 "keyId=\"https://mastodon.social/users/lambadalambda#main-key\",algorithm=\"rsa-sha256\",headers=\"content-length host\",signature=\"sibUOoqsFfTDerquAkyprxzDjmJm6erYc42W5w1IyyxusWngSinq5ILTjaBxFvfarvc7ci1xAi+5gkBwtshRMWm7S+Uqix24Yg5EYafXRun9P25XVnYBEIH4XQ+wlnnzNIXQkU3PU9e6D8aajDZVp3hPJNeYt1gIPOA81bROI8/glzb1SAwQVGRbqUHHHKcwR8keiR/W2h7BwG3pVRy4JgnIZRSW7fQogKedDg02gzRXwUDFDk0pr2p3q6bUWHUXNV8cZIzlMK+v9NlyFbVYBTHctAR26GIAN6Hz0eV0mAQAePHDY1mXppbA8Gpp6hqaMuYfwifcXmcc+QFm4e+n3A==\""
89 end
90
91 test "it returns error" do
92 user = insert(:user, %{ap_id: "https://mastodon.social/users/lambadalambda", keys: ""})
93
94 assert Signature.sign(
95 user,
96 %{host: "test.test", "content-length": 100}
97 ) == {:error, []}
98 end
99 end
100
101 describe "key_id_to_actor_id/1" do
102 test "it properly deduces the actor id for misskey" do
103 assert Signature.key_id_to_actor_id("https://example.com/users/1234/publickey") ==
104 {:ok, "https://example.com/users/1234"}
105 end
106
107 test "it properly deduces the actor id for mastodon and pleroma" do
108 assert Signature.key_id_to_actor_id("https://example.com/users/1234#main-key") ==
109 {:ok, "https://example.com/users/1234"}
110 end
111
112 test "it deduces the actor id for gotoSocial" do
113 assert Signature.key_id_to_actor_id("https://example.com/users/1234/main-key") ==
114 {:ok, "https://example.com/users/1234"}
115 end
116
117 test "it calls webfinger for 'acct:' accounts" do
118 with_mock(Pleroma.Web.WebFinger,
119 finger: fn _ -> {:ok, %{"ap_id" => "https://gensokyo.2hu/users/raymoo"}} end
120 ) do
121 assert Signature.key_id_to_actor_id("acct:raymoo@gensokyo.2hu") ==
122 {:ok, "https://gensokyo.2hu/users/raymoo"}
123 end
124 end
125 end
126
127 describe "signed_date" do
128 test "it returns formatted current date" do
129 with_mock(NaiveDateTime, utc_now: fn -> ~N[2019-08-23 18:11:24.822233] end) do
130 assert Signature.signed_date() == "Fri, 23 Aug 2019 18:11:24 GMT"
131 end
132 end
133
134 test "it returns formatted date" do
135 assert Signature.signed_date(~N[2019-08-23 08:11:24.822233]) ==
136 "Fri, 23 Aug 2019 08:11:24 GMT"
137 end
138 end
139 end