mirror of
https://github.com/glitch-soc/mastodon.git
synced 2024-11-13 19:54:01 -05:00
1618b68bfa
* Add Request class with HTTP signature generator Spec: https://tools.ietf.org/html/draft-cavage-http-signatures-06 * Add HTTP signature verification concern * Add test for SignatureVerification concern * Add basic test for Request class * Make PuSH subscribe/unsubscribe requests use new Request class Accidentally fix lease_seconds not being set and sent properly, and change the new minimum subscription duration to 1 day * Make all PuSH workers use new Request class * Make Salmon sender use new Request class * Make FetchLinkService use new Request class * Make FetchAtomService use the new Request class * Make Remotable use the new Request class * Make ResolveRemoteAccountService use the new Request class * Add more tests * Allow +-30 seconds window for signed request to remain valid * Disable time window validation for signed requests, restore 7 days as PuSH subscription duration (which was previous default due to a bug)
89 lines
3.0 KiB
Ruby
89 lines
3.0 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
require 'rails_helper'
|
|
|
|
describe Pubsubhubbub::ConfirmationWorker do
|
|
include RoutingHelper
|
|
|
|
subject { described_class.new }
|
|
|
|
let!(:alice) { Fabricate(:account, username: 'alice') }
|
|
let!(:subscription) { Fabricate(:subscription, account: alice, callback_url: 'http://example.com/api', confirmed: false, expires_at: 3.days.from_now, secret: nil) }
|
|
|
|
describe 'perform' do
|
|
describe 'with subscribe mode' do
|
|
it 'confirms and updates subscription when challenge matches' do
|
|
stub_random_value
|
|
stub_request(:get, url_for_mode('subscribe'))
|
|
.with(headers: http_headers)
|
|
.to_return(status: 200, body: challenge_value, headers: {})
|
|
|
|
seconds = 10.days.seconds.to_i
|
|
subject.perform(subscription.id, 'subscribe', 'asdf', seconds)
|
|
|
|
subscription.reload
|
|
expect(subscription.secret).to eq 'asdf'
|
|
expect(subscription.confirmed).to eq true
|
|
expect(subscription.expires_at).to be_within(5).of(10.days.from_now)
|
|
end
|
|
|
|
it 'does not update subscription when challenge does not match' do
|
|
stub_random_value
|
|
stub_request(:get, url_for_mode('subscribe'))
|
|
.with(headers: http_headers)
|
|
.to_return(status: 200, body: 'wrong value', headers: {})
|
|
|
|
seconds = 10.days.seconds.to_i
|
|
subject.perform(subscription.id, 'subscribe', 'asdf', seconds)
|
|
|
|
subscription.reload
|
|
expect(subscription.secret).to be_blank
|
|
expect(subscription.confirmed).to eq false
|
|
expect(subscription.expires_at).to be_within(5).of(3.days.from_now)
|
|
end
|
|
end
|
|
|
|
describe 'with unsubscribe mode' do
|
|
it 'confirms and destroys subscription when challenge matches' do
|
|
stub_random_value
|
|
stub_request(:get, url_for_mode('unsubscribe'))
|
|
.with(headers: http_headers)
|
|
.to_return(status: 200, body: challenge_value, headers: {})
|
|
|
|
seconds = 10.days.seconds.to_i
|
|
subject.perform(subscription.id, 'unsubscribe', 'asdf', seconds)
|
|
|
|
expect { subscription.reload }.to raise_error(ActiveRecord::RecordNotFound)
|
|
end
|
|
|
|
it 'does not destroy subscription when challenge does not match' do
|
|
stub_random_value
|
|
stub_request(:get, url_for_mode('unsubscribe'))
|
|
.with(headers: http_headers)
|
|
.to_return(status: 200, body: 'wrong value', headers: {})
|
|
|
|
seconds = 10.days.seconds.to_i
|
|
subject.perform(subscription.id, 'unsubscribe', 'asdf', seconds)
|
|
|
|
expect { subscription.reload }.not_to raise_error
|
|
end
|
|
end
|
|
end
|
|
|
|
def url_for_mode(mode)
|
|
"http://example.com/api?hub.challenge=#{challenge_value}&hub.lease_seconds=863999&hub.mode=#{mode}&hub.topic=https://#{Rails.configuration.x.local_domain}/users/alice.atom"
|
|
end
|
|
|
|
def stub_random_value
|
|
allow(SecureRandom).to receive(:hex).and_return(challenge_value)
|
|
end
|
|
|
|
def challenge_value
|
|
'1a2s3d4f'
|
|
end
|
|
|
|
def http_headers
|
|
{ 'Connection' => 'close', 'Host' => 'example.com', 'User-Agent' => 'http.rb/2.2.2 (Mastodon/1.4.7; +https://cb6e6126.ngrok.io/)' }
|
|
end
|
|
end
|