[github/Chocobozzz/PeerTube.git] / server / tests / api / activitypub / helpers.ts

/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */

import 'mocha'
import { expect } from 'chai'
import { buildRequestStub } from '../../../../shared/extra-utils/miscs/stubs'
import { isHTTPSignatureVerified, isJsonLDSignatureVerified, parseHTTPSignature } from '../../../helpers/peertube-crypto'
import { cloneDeep } from 'lodash'
import { buildSignedActivity } from '../../../helpers/activitypub'
import { buildAbsoluteFixturePath } from '@shared/extra-utils'

describe('Test activity pub helpers', function () {
  describe('When checking the Linked Signature', function () {

    it('Should fail with an invalid Mastodon signature', async function () {
      const body = require(buildAbsoluteFixturePath('./ap-json/mastodon/create-bad-signature.json'))
      const publicKey = require(buildAbsoluteFixturePath('./ap-json/mastodon/public-key.json')).publicKey
      const fromActor = { publicKey, url: 'http://localhost:9002/accounts/peertube' }

      const result = await isJsonLDSignatureVerified(fromActor as any, body)

      expect(result).to.be.false
    })

    it('Should fail with an invalid public key', async function () {
      const body = require(buildAbsoluteFixturePath('./ap-json/mastodon/create.json'))
      const publicKey = require(buildAbsoluteFixturePath('./ap-json/mastodon/bad-public-key.json')).publicKey
      const fromActor = { publicKey, url: 'http://localhost:9002/accounts/peertube' }

      const result = await isJsonLDSignatureVerified(fromActor as any, body)

      expect(result).to.be.false
    })

    it('Should succeed with a valid Mastodon signature', async function () {
      const body = require(buildAbsoluteFixturePath('./ap-json/mastodon/create.json'))
      const publicKey = require(buildAbsoluteFixturePath('./ap-json/mastodon/public-key.json')).publicKey
      const fromActor = { publicKey, url: 'http://localhost:9002/accounts/peertube' }

      const result = await isJsonLDSignatureVerified(fromActor as any, body)

      expect(result).to.be.true
    })

    it('Should fail with an invalid PeerTube signature', async function () {
      const keys = require(buildAbsoluteFixturePath('./ap-json/peertube/invalid-keys.json'))
      const body = require(buildAbsoluteFixturePath('./ap-json/peertube/announce-without-context.json'))

      const actorSignature = { url: 'http://localhost:9002/accounts/peertube', privateKey: keys.privateKey }
      const signedBody = await buildSignedActivity(actorSignature as any, body)

      const fromActor = { publicKey: keys.publicKey, url: 'http://localhost:9002/accounts/peertube' }
      const result = await isJsonLDSignatureVerified(fromActor as any, signedBody)

      expect(result).to.be.false
    })

    it('Should succeed with a valid PeerTube signature', async function () {
      const keys = require(buildAbsoluteFixturePath('./ap-json/peertube/keys.json'))
      const body = require(buildAbsoluteFixturePath('./ap-json/peertube/announce-without-context.json'))

      const actorSignature = { url: 'http://localhost:9002/accounts/peertube', privateKey: keys.privateKey }
      const signedBody = await buildSignedActivity(actorSignature as any, body)

      const fromActor = { publicKey: keys.publicKey, url: 'http://localhost:9002/accounts/peertube' }
      const result = await isJsonLDSignatureVerified(fromActor as any, signedBody)

      expect(result).to.be.true
    })
  })

  describe('When checking HTTP signature', function () {
    it('Should fail with an invalid http signature', async function () {
      const req = buildRequestStub()
      req.method = 'POST'
      req.url = '/accounts/ronan/inbox'

      const mastodonObject = cloneDeep(require(buildAbsoluteFixturePath('./ap-json/mastodon/bad-http-signature.json')))
      req.body = mastodonObject.body
      req.headers = mastodonObject.headers

      const parsed = parseHTTPSignature(req, 3600 * 1000 * 365 * 10)
      const publicKey = require(buildAbsoluteFixturePath('./ap-json/mastodon/public-key.json')).publicKey

      const actor = { publicKey }
      const verified = isHTTPSignatureVerified(parsed, actor as any)

      expect(verified).to.be.false
    })

    it('Should fail with an invalid public key', async function () {
      const req = buildRequestStub()
      req.method = 'POST'
      req.url = '/accounts/ronan/inbox'

      const mastodonObject = cloneDeep(require(buildAbsoluteFixturePath('./ap-json/mastodon/http-signature.json')))
      req.body = mastodonObject.body
      req.headers = mastodonObject.headers

      const parsed = parseHTTPSignature(req, 3600 * 1000 * 365 * 10)
      const publicKey = require(buildAbsoluteFixturePath('./ap-json/mastodon/bad-public-key.json')).publicKey

      const actor = { publicKey }
      const verified = isHTTPSignatureVerified(parsed, actor as any)

      expect(verified).to.be.false
    })

    it('Should fail because of clock skew', async function () {
      const req = buildRequestStub()
      req.method = 'POST'
      req.url = '/accounts/ronan/inbox'

      const mastodonObject = cloneDeep(require(buildAbsoluteFixturePath('./ap-json/mastodon/http-signature.json')))
      req.body = mastodonObject.body
      req.headers = mastodonObject.headers

      let errored = false
      try {
        parseHTTPSignature(req)
      } catch {
        errored = true
      }

      expect(errored).to.be.true
    })

    it('Should with a scheme', async function () {
      const req = buildRequestStub()
      req.method = 'POST'
      req.url = '/accounts/ronan/inbox'

      const mastodonObject = cloneDeep(require(buildAbsoluteFixturePath('./ap-json/mastodon/http-signature.json')))
      req.body = mastodonObject.body
      req.headers = mastodonObject.headers
      req.headers = 'Signature ' + mastodonObject.headers

      let errored = false
      try {
        parseHTTPSignature(req, 3600 * 1000 * 365 * 10)
      } catch {
        errored = true
      }

      expect(errored).to.be.true
    })

    it('Should succeed with a valid signature', async function () {
      const req = buildRequestStub()
      req.method = 'POST'
      req.url = '/accounts/ronan/inbox'

      const mastodonObject = cloneDeep(require(buildAbsoluteFixturePath('./ap-json/mastodon/http-signature.json')))
      req.body = mastodonObject.body
      req.headers = mastodonObject.headers

      const parsed = parseHTTPSignature(req, 3600 * 1000 * 365 * 10)
      const publicKey = require(buildAbsoluteFixturePath('./ap-json/mastodon/public-key.json')).publicKey

      const actor = { publicKey }
      const verified = isHTTPSignatureVerified(parsed, actor as any)

      expect(verified).to.be.true
    })

  })

})
Commit	Line	Data
a1587156	1	/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
df66d815 C	2
	3	import 'mocha'
	4	import { expect } from 'chai'
94565d52	5	import { buildRequestStub } from '../../../../shared/extra-utils/miscs/stubs'
df66d815 C	6	import { isHTTPSignatureVerified, isJsonLDSignatureVerified, parseHTTPSignature } from '../../../helpers/peertube-crypto'
	7	import { cloneDeep } from 'lodash'
	8	import { buildSignedActivity } from '../../../helpers/activitypub'
3d470a53	9	import { buildAbsoluteFixturePath } from '@shared/extra-utils'
df66d815 C	10
	11	describe('Test activity pub helpers', function () {
	12	describe('When checking the Linked Signature', function () {
	13
	14	it('Should fail with an invalid Mastodon signature', async function () {
3d470a53 C	15	const body = require(buildAbsoluteFixturePath('./ap-json/mastodon/create-bad-signature.json'))
3d470a53 C	16	const publicKey = require(buildAbsoluteFixturePath('./ap-json/mastodon/public-key.json')).publicKey
df66d815 C	17	const fromActor = { publicKey, url: 'http://localhost:9002/accounts/peertube' }
	18
	19	const result = await isJsonLDSignatureVerified(fromActor as any, body)
	20
	21	expect(result).to.be.false
	22	})
	23
	24	it('Should fail with an invalid public key', async function () {
3d470a53 C	25	const body = require(buildAbsoluteFixturePath('./ap-json/mastodon/create.json'))
3d470a53 C	26	const publicKey = require(buildAbsoluteFixturePath('./ap-json/mastodon/bad-public-key.json')).publicKey
df66d815 C	27	const fromActor = { publicKey, url: 'http://localhost:9002/accounts/peertube' }
	28
	29	const result = await isJsonLDSignatureVerified(fromActor as any, body)
	30
	31	expect(result).to.be.false
	32	})
	33
	34	it('Should succeed with a valid Mastodon signature', async function () {
3d470a53 C	35	const body = require(buildAbsoluteFixturePath('./ap-json/mastodon/create.json'))
3d470a53 C	36	const publicKey = require(buildAbsoluteFixturePath('./ap-json/mastodon/public-key.json')).publicKey
df66d815 C	37	const fromActor = { publicKey, url: 'http://localhost:9002/accounts/peertube' }
	38
	39	const result = await isJsonLDSignatureVerified(fromActor as any, body)
	40
	41	expect(result).to.be.true
	42	})
	43
	44	it('Should fail with an invalid PeerTube signature', async function () {
3d470a53 C	45	const keys = require(buildAbsoluteFixturePath('./ap-json/peertube/invalid-keys.json'))
3d470a53 C	46	const body = require(buildAbsoluteFixturePath('./ap-json/peertube/announce-without-context.json'))
df66d815 C	47
	48	const actorSignature = { url: 'http://localhost:9002/accounts/peertube', privateKey: keys.privateKey }
	49	const signedBody = await buildSignedActivity(actorSignature as any, body)
	50
	51	const fromActor = { publicKey: keys.publicKey, url: 'http://localhost:9002/accounts/peertube' }
	52	const result = await isJsonLDSignatureVerified(fromActor as any, signedBody)
	53
	54	expect(result).to.be.false
	55	})
	56
df66d815	57	it('Should succeed with a valid PeerTube signature', async function () {
3d470a53 C	58	const keys = require(buildAbsoluteFixturePath('./ap-json/peertube/keys.json'))
3d470a53 C	59	const body = require(buildAbsoluteFixturePath('./ap-json/peertube/announce-without-context.json'))
df66d815 C	60
	61	const actorSignature = { url: 'http://localhost:9002/accounts/peertube', privateKey: keys.privateKey }
	62	const signedBody = await buildSignedActivity(actorSignature as any, body)
	63
	64	const fromActor = { publicKey: keys.publicKey, url: 'http://localhost:9002/accounts/peertube' }
	65	const result = await isJsonLDSignatureVerified(fromActor as any, signedBody)
	66
	67	expect(result).to.be.true
	68	})
	69	})
	70
	71	describe('When checking HTTP signature', function () {
	72	it('Should fail with an invalid http signature', async function () {
	73	const req = buildRequestStub()
	74	req.method = 'POST'
	75	req.url = '/accounts/ronan/inbox'
	76
3d470a53	77	const mastodonObject = cloneDeep(require(buildAbsoluteFixturePath('./ap-json/mastodon/bad-http-signature.json')))
df66d815 C	78	req.body = mastodonObject.body
df66d815 C	79	req.headers = mastodonObject.headers
df66d815	80
f3e4d594	81	const parsed = parseHTTPSignature(req, 3600 * 1000 * 365 * 10)
3d470a53	82	const publicKey = require(buildAbsoluteFixturePath('./ap-json/mastodon/public-key.json')).publicKey
df66d815 C	83
	84	const actor = { publicKey }
	85	const verified = isHTTPSignatureVerified(parsed, actor as any)
	86
	87	expect(verified).to.be.false
	88	})
	89
	90	it('Should fail with an invalid public key', async function () {
	91	const req = buildRequestStub()
	92	req.method = 'POST'
	93	req.url = '/accounts/ronan/inbox'
	94
3d470a53	95	const mastodonObject = cloneDeep(require(buildAbsoluteFixturePath('./ap-json/mastodon/http-signature.json')))
df66d815 C	96	req.body = mastodonObject.body
df66d815 C	97	req.headers = mastodonObject.headers
df66d815	98
f3e4d594	99	const parsed = parseHTTPSignature(req, 3600 * 1000 * 365 * 10)
3d470a53	100	const publicKey = require(buildAbsoluteFixturePath('./ap-json/mastodon/bad-public-key.json')).publicKey
df66d815 C	101
	102	const actor = { publicKey }
	103	const verified = isHTTPSignatureVerified(parsed, actor as any)
	104
	105	expect(verified).to.be.false
	106	})
	107
	108	it('Should fail because of clock skew', async function () {
	109	const req = buildRequestStub()
	110	req.method = 'POST'
	111	req.url = '/accounts/ronan/inbox'
	112
3d470a53	113	const mastodonObject = cloneDeep(require(buildAbsoluteFixturePath('./ap-json/mastodon/http-signature.json')))
df66d815 C	114	req.body = mastodonObject.body
df66d815 C	115	req.headers = mastodonObject.headers
df66d815 C	116
	117	let errored = false
	118	try {
	119	parseHTTPSignature(req)
	120	} catch {
	121	errored = true
	122	}
	123
	124	expect(errored).to.be.true
	125	})
	126
e6122097	127	it('Should with a scheme', async function () {
df66d815 C	128	const req = buildRequestStub()
	129	req.method = 'POST'
	130	req.url = '/accounts/ronan/inbox'
	131
3d470a53	132	const mastodonObject = cloneDeep(require(buildAbsoluteFixturePath('./ap-json/mastodon/http-signature.json')))
df66d815 C	133	req.body = mastodonObject.body
df66d815 C	134	req.headers = mastodonObject.headers
e6122097	135	req.headers = 'Signature ' + mastodonObject.headers
df66d815 C	136
	137	let errored = false
	138	try {
f3e4d594	139	parseHTTPSignature(req, 3600 * 1000 * 365 * 10)
df66d815 C	140	} catch {
	141	errored = true
	142	}
	143
	144	expect(errored).to.be.true
	145	})
	146
	147	it('Should succeed with a valid signature', async function () {
	148	const req = buildRequestStub()
	149	req.method = 'POST'
	150	req.url = '/accounts/ronan/inbox'
	151
3d470a53	152	const mastodonObject = cloneDeep(require(buildAbsoluteFixturePath('./ap-json/mastodon/http-signature.json')))
df66d815 C	153	req.body = mastodonObject.body
df66d815 C	154	req.headers = mastodonObject.headers
df66d815	155
f3e4d594	156	const parsed = parseHTTPSignature(req, 3600 * 1000 * 365 * 10)
3d470a53	157	const publicKey = require(buildAbsoluteFixturePath('./ap-json/mastodon/public-key.json')).publicKey
df66d815 C	158
	159	const actor = { publicKey }
	160	const verified = isHTTPSignatureVerified(parsed, actor as any)
	161
	162	expect(verified).to.be.true
	163	})
	164
	165	})
	166
	167	})