git.squeep.com Git - akkoma/blob - test/pleroma/web/plugs/mapped_signature_to_identity_plug_test.exs

   1 # Pleroma: A lightweight social networking server
   2 # Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
   3 # SPDX-License-Identifier: AGPL-3.0-only
   4
   5 defmodule Pleroma.Web.Plugs.MappedSignatureToIdentityPlugTest do
   6   use Pleroma.Web.ConnCase
   7   alias Pleroma.Web.Plugs.MappedSignatureToIdentityPlug
   8
   9   import Tesla.Mock
  10   import Plug.Conn
  11
  12   import Pleroma.Tests.Helpers, only: [clear_config: 2]
  13
  14   setup do
  15     mock(fn env -> apply(HttpRequestMock, :request, [env]) end)
  16     :ok
  17   end
  18
  19   defp set_signature(conn, key_id) do
  20     conn
  21     |> put_req_header("signature", "keyId=\"#{key_id}\"")
  22     |> assign(:valid_signature, true)
  23   end
  24
  25   test "it successfully maps a valid identity with a valid signature" do
  26     conn =
  27       build_conn(:get, "/doesntmattter")
  28       |> set_signature("http://mastodon.example.org/users/admin")
  29       |> MappedSignatureToIdentityPlug.call(%{})
  30
  31     refute is_nil(conn.assigns.user)
  32   end
  33
  34   test "it successfully maps a valid identity with a valid signature with payload" do
  35     conn =
  36       build_conn(:post, "/doesntmattter", %{"actor" => "http://mastodon.example.org/users/admin"})
  37       |> set_signature("http://mastodon.example.org/users/admin")
  38       |> MappedSignatureToIdentityPlug.call(%{})
  39
  40     refute is_nil(conn.assigns.user)
  41   end
  42
  43   test "it considers a mapped identity to be invalid when it mismatches a payload" do
  44     conn =
  45       build_conn(:post, "/doesntmattter", %{"actor" => "http://mastodon.example.org/users/admin"})
  46       |> set_signature("https://niu.moe/users/rye")
  47       |> MappedSignatureToIdentityPlug.call(%{})
  48
  49     assert %{valid_signature: false} == conn.assigns
  50   end
  51
  52   test "it considers a mapped identity to be invalid when the associated instance is blocked" do
  53     clear_config([:activitypub, :authorized_fetch_mode], true)
  54
  55     clear_config([:mrf_simple, :reject], [
  56       {"mastodon.example.org", "anime is banned"}
  57     ])
  58
  59     on_exit(fn ->
  60       Pleroma.Config.put([:activitypub, :authorized_fetch_mode], false)
  61       Pleroma.Config.put([:mrf_simple, :reject], [])
  62     end)
  63
  64     conn =
  65       build_conn(:post, "/doesntmattter", %{"actor" => "http://mastodon.example.org/users/admin"})
  66       |> set_signature("http://mastodon.example.org/users/admin")
  67       |> MappedSignatureToIdentityPlug.call(%{})
  68
  69     assert %{valid_signature: false} == conn.assigns
  70   end
  71
  72   @tag skip: "known breakage; the testsuite presently depends on it"
  73   test "it considers a mapped identity to be invalid when the identity cannot be found" do
  74     conn =
  75       build_conn(:post, "/doesntmattter", %{"actor" => "http://mastodon.example.org/users/admin"})
  76       |> set_signature("http://niu.moe/users/rye")
  77       |> MappedSignatureToIdentityPlug.call(%{})
  78
  79     assert %{valid_signature: false} == conn.assigns
  80   end
  81 end