[github/Chocobozzz/PeerTube.git] / server / tests / api / activitypub / security.ts

/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */

import 'mocha'

import { cleanupTests, closeAllSequelize, flushAndRunMultipleServers, ServerInfo, setActorField } from '../../../../shared/extra-utils'
import { HTTP_SIGNATURE } from '../../../initializers/constants'
import { buildGlobalHeaders } from '../../../lib/job-queue/handlers/utils/activitypub-http-utils'
import * as chai from 'chai'
import { activityPubContextify, buildSignedActivity } from '../../../helpers/activitypub'
import { makeFollowRequest, makePOSTAPRequest } from '../../../../shared/extra-utils/requests/activitypub'
import { buildDigest } from '@server/helpers/peertube-crypto'
import { HttpStatusCode } from '../../../../shared/core-utils/miscs/http-error-codes'

const expect = chai.expect

function setKeysOfServer (onServer: ServerInfo, ofServer: ServerInfo, publicKey: string, privateKey: string) {
  return Promise.all([
    setActorField(onServer.internalServerNumber, 'http://localhost:' + ofServer.port + '/accounts/peertube', 'publicKey', publicKey),
    setActorField(onServer.internalServerNumber, 'http://localhost:' + ofServer.port + '/accounts/peertube', 'privateKey', privateKey)
  ])
}

function getAnnounceWithoutContext (server2: ServerInfo) {
  const json = require('./json/peertube/announce-without-context.json')
  const result: typeof json = {}

  for (const key of Object.keys(json)) {
    if (Array.isArray(json[key])) {
      result[key] = json[key].map(v => v.replace(':9002', `:${server2.port}`))
    } else {
      result[key] = json[key].replace(':9002', `:${server2.port}`)
    }
  }

  return result
}

describe('Test ActivityPub security', function () {
  let servers: ServerInfo[]
  let url: string

  const keys = require('./json/peertube/keys.json')
  const invalidKeys = require('./json/peertube/invalid-keys.json')
  const baseHttpSignature = () => ({
    algorithm: HTTP_SIGNATURE.ALGORITHM,
    authorizationHeaderName: HTTP_SIGNATURE.HEADER_NAME,
    keyId: 'acct:peertube@localhost:' + servers[1].port,
    key: keys.privateKey,
    headers: HTTP_SIGNATURE.HEADERS_TO_SIGN
  })

  // ---------------------------------------------------------------

  before(async function () {
    this.timeout(60000)

    servers = await flushAndRunMultipleServers(3)

    url = servers[0].url + '/inbox'

    await setKeysOfServer(servers[0], servers[1], keys.publicKey, keys.privateKey)

    const to = { url: 'http://localhost:' + servers[0].port + '/accounts/peertube' }
    const by = { url: 'http://localhost:' + servers[1].port + '/accounts/peertube', privateKey: keys.privateKey }
    await makeFollowRequest(to, by)
  })

  describe('When checking HTTP signature', function () {

    it('Should fail with an invalid digest', async function () {
      const body = activityPubContextify(getAnnounceWithoutContext(servers[1]))
      const headers = {
        Digest: buildDigest({ hello: 'coucou' })
      }

      const { response } = await makePOSTAPRequest(url, body, baseHttpSignature(), headers)

      expect(response.statusCode).to.equal(HttpStatusCode.FORBIDDEN_403)
    })

    it('Should fail with an invalid date', async function () {
      const body = activityPubContextify(getAnnounceWithoutContext(servers[1]))
      const headers = buildGlobalHeaders(body)
      headers['date'] = 'Wed, 21 Oct 2015 07:28:00 GMT'

      const { response } = await makePOSTAPRequest(url, body, baseHttpSignature(), headers)

      expect(response.statusCode).to.equal(HttpStatusCode.FORBIDDEN_403)
    })

    it('Should fail with bad keys', async function () {
      await setKeysOfServer(servers[0], servers[1], invalidKeys.publicKey, invalidKeys.privateKey)
      await setKeysOfServer(servers[1], servers[1], invalidKeys.publicKey, invalidKeys.privateKey)

      const body = activityPubContextify(getAnnounceWithoutContext(servers[1]))
      const headers = buildGlobalHeaders(body)

      const { response } = await makePOSTAPRequest(url, body, baseHttpSignature(), headers)

      expect(response.statusCode).to.equal(HttpStatusCode.FORBIDDEN_403)
    })

    it('Should reject requests without appropriate signed headers', async function () {
      await setKeysOfServer(servers[0], servers[1], keys.publicKey, keys.privateKey)
      await setKeysOfServer(servers[1], servers[1], keys.publicKey, keys.privateKey)

      const body = activityPubContextify(getAnnounceWithoutContext(servers[1]))
      const headers = buildGlobalHeaders(body)

      const signatureOptions = baseHttpSignature()
      const badHeadersMatrix = [
        [ '(request-target)', 'date', 'digest' ],
        [ 'host', 'date', 'digest' ],
        [ '(request-target)', 'host', 'digest' ]
      ]

      for (const badHeaders of badHeadersMatrix) {
        signatureOptions.headers = badHeaders

        const { response } = await makePOSTAPRequest(url, body, signatureOptions, headers)
        expect(response.statusCode).to.equal(HttpStatusCode.FORBIDDEN_403)
      }
    })

    it('Should succeed with a valid HTTP signature', async function () {
      const body = activityPubContextify(getAnnounceWithoutContext(servers[1]))
      const headers = buildGlobalHeaders(body)

      const { response } = await makePOSTAPRequest(url, body, baseHttpSignature(), headers)

      expect(response.statusCode).to.equal(HttpStatusCode.NO_CONTENT_204)
    })
  })

  describe('When checking Linked Data Signature', function () {
    before(async () => {
      await setKeysOfServer(servers[2], servers[2], keys.publicKey, keys.privateKey)

      const to = { url: 'http://localhost:' + servers[0].port + '/accounts/peertube' }
      const by = { url: 'http://localhost:' + servers[2].port + '/accounts/peertube', privateKey: keys.privateKey }
      await makeFollowRequest(to, by)
    })

    it('Should fail with bad keys', async function () {
      this.timeout(10000)

      await setKeysOfServer(servers[0], servers[2], invalidKeys.publicKey, invalidKeys.privateKey)
      await setKeysOfServer(servers[2], servers[2], invalidKeys.publicKey, invalidKeys.privateKey)

      const body = getAnnounceWithoutContext(servers[1])
      body.actor = 'http://localhost:' + servers[2].port + '/accounts/peertube'

      const signer: any = { privateKey: invalidKeys.privateKey, url: 'http://localhost:' + servers[2].port + '/accounts/peertube' }
      const signedBody = await buildSignedActivity(signer, body)

      const headers = buildGlobalHeaders(signedBody)

      const { response } = await makePOSTAPRequest(url, signedBody, baseHttpSignature(), headers)

      expect(response.statusCode).to.equal(HttpStatusCode.FORBIDDEN_403)
    })

    it('Should fail with an altered body', async function () {
      this.timeout(10000)

      await setKeysOfServer(servers[0], servers[2], keys.publicKey, keys.privateKey)
      await setKeysOfServer(servers[0], servers[2], keys.publicKey, keys.privateKey)

      const body = getAnnounceWithoutContext(servers[1])
      body.actor = 'http://localhost:' + servers[2].port + '/accounts/peertube'

      const signer: any = { privateKey: keys.privateKey, url: 'http://localhost:' + servers[2].port + '/accounts/peertube' }
      const signedBody = await buildSignedActivity(signer, body)

      signedBody.actor = 'http://localhost:' + servers[2].port + '/account/peertube'

      const headers = buildGlobalHeaders(signedBody)

      const { response } = await makePOSTAPRequest(url, signedBody, baseHttpSignature(), headers)

      expect(response.statusCode).to.equal(HttpStatusCode.FORBIDDEN_403)
    })

    it('Should succeed with a valid signature', async function () {
      this.timeout(10000)

      const body = getAnnounceWithoutContext(servers[1])
      body.actor = 'http://localhost:' + servers[2].port + '/accounts/peertube'

      const signer: any = { privateKey: keys.privateKey, url: 'http://localhost:' + servers[2].port + '/accounts/peertube' }
      const signedBody = await buildSignedActivity(signer, body)

      const headers = buildGlobalHeaders(signedBody)

      const { response } = await makePOSTAPRequest(url, signedBody, baseHttpSignature(), headers)

      expect(response.statusCode).to.equal(HttpStatusCode.NO_CONTENT_204)
    })
  })

  after(async function () {
    this.timeout(10000)

    await cleanupTests(servers)

    await closeAllSequelize(servers)
  })
})
Commit	Line	Data
a1587156	1	/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
df66d815 C	2
	3	import 'mocha'
	4
a1587156	5	import { cleanupTests, closeAllSequelize, flushAndRunMultipleServers, ServerInfo, setActorField } from '../../../../shared/extra-utils'
74dc3bca	6	import { HTTP_SIGNATURE } from '../../../initializers/constants'
8dc8a34e	7	import { buildGlobalHeaders } from '../../../lib/job-queue/handlers/utils/activitypub-http-utils'
df66d815	8	import * as chai from 'chai'
df66d815	9	import { activityPubContextify, buildSignedActivity } from '../../../helpers/activitypub'
94565d52	10	import { makeFollowRequest, makePOSTAPRequest } from '../../../../shared/extra-utils/requests/activitypub'
8dc8a34e	11	import { buildDigest } from '@server/helpers/peertube-crypto'
2d53be02	12	import { HttpStatusCode } from '../../../../shared/core-utils/miscs/http-error-codes'
df66d815 C	13
	14	const expect = chai.expect
	15
48f07b4a	16	function setKeysOfServer (onServer: ServerInfo, ofServer: ServerInfo, publicKey: string, privateKey: string) {
df66d815	17	return Promise.all([
48f07b4a C	18	setActorField(onServer.internalServerNumber, 'http://localhost:' + ofServer.port + '/accounts/peertube', 'publicKey', publicKey),
48f07b4a C	19	setActorField(onServer.internalServerNumber, 'http://localhost:' + ofServer.port + '/accounts/peertube', 'privateKey', privateKey)
df66d815 C	20	])
	21	}
	22
48f07b4a C	23	function getAnnounceWithoutContext (server2: ServerInfo) {
	24	const json = require('./json/peertube/announce-without-context.json')
	25	const result: typeof json = {}
	26
	27	for (const key of Object.keys(json)) {
	28	if (Array.isArray(json[key])) {
	29	result[key] = json[key].map(v => v.replace(':9002', `:${server2.port}`))
	30	} else {
a1587156	31	result[key] = json[key].replace(':9002', `:${server2.port}`)
48f07b4a C	32	}
	33	}
	34
	35	return result
df66d815 C	36	}
	37
	38	describe('Test ActivityPub security', function () {
	39	let servers: ServerInfo[]
	40	let url: string
	41
	42	const keys = require('./json/peertube/keys.json')
	43	const invalidKeys = require('./json/peertube/invalid-keys.json')
48f07b4a	44	const baseHttpSignature = () => ({
df66d815 C	45	algorithm: HTTP_SIGNATURE.ALGORITHM,
df66d815 C	46	authorizationHeaderName: HTTP_SIGNATURE.HEADER_NAME,
48f07b4a	47	keyId: 'acct:peertube@localhost:' + servers[1].port,
df66d815 C	48	key: keys.privateKey,
df66d815 C	49	headers: HTTP_SIGNATURE.HEADERS_TO_SIGN
48f07b4a	50	})
df66d815 C	51
	52	// ---------------------------------------------------------------
	53
	54	before(async function () {
	55	this.timeout(60000)
	56
	57	servers = await flushAndRunMultipleServers(3)
	58
	59	url = servers[0].url + '/inbox'
	60
48f07b4a	61	await setKeysOfServer(servers[0], servers[1], keys.publicKey, keys.privateKey)
df66d815	62
48f07b4a C	63	const to = { url: 'http://localhost:' + servers[0].port + '/accounts/peertube' }
48f07b4a C	64	const by = { url: 'http://localhost:' + servers[1].port + '/accounts/peertube', privateKey: keys.privateKey }
df66d815 C	65	await makeFollowRequest(to, by)
	66	})
	67
	68	describe('When checking HTTP signature', function () {
	69
	70	it('Should fail with an invalid digest', async function () {
48f07b4a	71	const body = activityPubContextify(getAnnounceWithoutContext(servers[1]))
df66d815 C	72	const headers = {
	73	Digest: buildDigest({ hello: 'coucou' })
	74	}
	75
48f07b4a	76	const { response } = await makePOSTAPRequest(url, body, baseHttpSignature(), headers)
df66d815	77
2d53be02	78	expect(response.statusCode).to.equal(HttpStatusCode.FORBIDDEN_403)
df66d815 C	79	})
	80
	81	it('Should fail with an invalid date', async function () {
48f07b4a	82	const body = activityPubContextify(getAnnounceWithoutContext(servers[1]))
df66d815 C	83	const headers = buildGlobalHeaders(body)
	84	headers['date'] = 'Wed, 21 Oct 2015 07:28:00 GMT'
	85
48f07b4a	86	const { response } = await makePOSTAPRequest(url, body, baseHttpSignature(), headers)
df66d815	87
2d53be02	88	expect(response.statusCode).to.equal(HttpStatusCode.FORBIDDEN_403)
df66d815 C	89	})
	90
	91	it('Should fail with bad keys', async function () {
48f07b4a C	92	await setKeysOfServer(servers[0], servers[1], invalidKeys.publicKey, invalidKeys.privateKey)
48f07b4a C	93	await setKeysOfServer(servers[1], servers[1], invalidKeys.publicKey, invalidKeys.privateKey)
df66d815	94
48f07b4a	95	const body = activityPubContextify(getAnnounceWithoutContext(servers[1]))
df66d815 C	96	const headers = buildGlobalHeaders(body)
df66d815 C	97
48f07b4a	98	const { response } = await makePOSTAPRequest(url, body, baseHttpSignature(), headers)
df66d815	99
2d53be02	100	expect(response.statusCode).to.equal(HttpStatusCode.FORBIDDEN_403)
df66d815 C	101	})
df66d815 C	102
797d05bd	103	it('Should reject requests without appropriate signed headers', async function () {
48f07b4a C	104	await setKeysOfServer(servers[0], servers[1], keys.publicKey, keys.privateKey)
48f07b4a C	105	await setKeysOfServer(servers[1], servers[1], keys.publicKey, keys.privateKey)
df66d815	106
48f07b4a	107	const body = activityPubContextify(getAnnounceWithoutContext(servers[1]))
df66d815	108	const headers = buildGlobalHeaders(body)
797d05bd C	109
	110	const signatureOptions = baseHttpSignature()
	111	const badHeadersMatrix = [
	112	[ '(request-target)', 'date', 'digest' ],
	113	[ 'host', 'date', 'digest' ],
	114	[ '(request-target)', 'host', 'digest' ]
	115	]
	116
	117	for (const badHeaders of badHeadersMatrix) {
	118	signatureOptions.headers = badHeaders
	119
	120	const { response } = await makePOSTAPRequest(url, body, signatureOptions, headers)
2d53be02	121	expect(response.statusCode).to.equal(HttpStatusCode.FORBIDDEN_403)
797d05bd C	122	}
	123	})
	124
	125	it('Should succeed with a valid HTTP signature', async function () {
	126	const body = activityPubContextify(getAnnounceWithoutContext(servers[1]))
	127	const headers = buildGlobalHeaders(body)
df66d815	128
48f07b4a	129	const { response } = await makePOSTAPRequest(url, body, baseHttpSignature(), headers)
df66d815	130
2d53be02	131	expect(response.statusCode).to.equal(HttpStatusCode.NO_CONTENT_204)
df66d815 C	132	})
	133	})
	134
	135	describe('When checking Linked Data Signature', function () {
	136	before(async () => {
48f07b4a	137	await setKeysOfServer(servers[2], servers[2], keys.publicKey, keys.privateKey)
df66d815	138
48f07b4a C	139	const to = { url: 'http://localhost:' + servers[0].port + '/accounts/peertube' }
48f07b4a C	140	const by = { url: 'http://localhost:' + servers[2].port + '/accounts/peertube', privateKey: keys.privateKey }
df66d815 C	141	await makeFollowRequest(to, by)
	142	})
	143
	144	it('Should fail with bad keys', async function () {
	145	this.timeout(10000)
	146
48f07b4a C	147	await setKeysOfServer(servers[0], servers[2], invalidKeys.publicKey, invalidKeys.privateKey)
48f07b4a C	148	await setKeysOfServer(servers[2], servers[2], invalidKeys.publicKey, invalidKeys.privateKey)
df66d815	149
48f07b4a C	150	const body = getAnnounceWithoutContext(servers[1])
48f07b4a C	151	body.actor = 'http://localhost:' + servers[2].port + '/accounts/peertube'
df66d815	152
48f07b4a	153	const signer: any = { privateKey: invalidKeys.privateKey, url: 'http://localhost:' + servers[2].port + '/accounts/peertube' }
df66d815 C	154	const signedBody = await buildSignedActivity(signer, body)
	155
	156	const headers = buildGlobalHeaders(signedBody)
	157
48f07b4a	158	const { response } = await makePOSTAPRequest(url, signedBody, baseHttpSignature(), headers)
df66d815	159
2d53be02	160	expect(response.statusCode).to.equal(HttpStatusCode.FORBIDDEN_403)
df66d815 C	161	})
	162
	163	it('Should fail with an altered body', async function () {
	164	this.timeout(10000)
	165
48f07b4a C	166	await setKeysOfServer(servers[0], servers[2], keys.publicKey, keys.privateKey)
48f07b4a C	167	await setKeysOfServer(servers[0], servers[2], keys.publicKey, keys.privateKey)
df66d815	168
48f07b4a C	169	const body = getAnnounceWithoutContext(servers[1])
48f07b4a C	170	body.actor = 'http://localhost:' + servers[2].port + '/accounts/peertube'
df66d815	171
48f07b4a	172	const signer: any = { privateKey: keys.privateKey, url: 'http://localhost:' + servers[2].port + '/accounts/peertube' }
df66d815 C	173	const signedBody = await buildSignedActivity(signer, body)
df66d815 C	174
48f07b4a	175	signedBody.actor = 'http://localhost:' + servers[2].port + '/account/peertube'
df66d815 C	176
	177	const headers = buildGlobalHeaders(signedBody)
	178
48f07b4a	179	const { response } = await makePOSTAPRequest(url, signedBody, baseHttpSignature(), headers)
df66d815	180
2d53be02	181	expect(response.statusCode).to.equal(HttpStatusCode.FORBIDDEN_403)
df66d815 C	182	})
	183
	184	it('Should succeed with a valid signature', async function () {
	185	this.timeout(10000)
	186
48f07b4a C	187	const body = getAnnounceWithoutContext(servers[1])
48f07b4a C	188	body.actor = 'http://localhost:' + servers[2].port + '/accounts/peertube'
df66d815	189
48f07b4a	190	const signer: any = { privateKey: keys.privateKey, url: 'http://localhost:' + servers[2].port + '/accounts/peertube' }
df66d815 C	191	const signedBody = await buildSignedActivity(signer, body)
	192
	193	const headers = buildGlobalHeaders(signedBody)
	194
48f07b4a	195	const { response } = await makePOSTAPRequest(url, signedBody, baseHttpSignature(), headers)
df66d815	196
2d53be02	197	expect(response.statusCode).to.equal(HttpStatusCode.NO_CONTENT_204)
df66d815 C	198	})
	199	})
	200
	201	after(async function () {
48f07b4a C	202	this.timeout(10000)
	203
	204	await cleanupTests(servers)
df66d815	205
c8000975	206	await closeAllSequelize(servers)
df66d815 C	207	})
df66d815 C	208	})