diff options
Diffstat (limited to 'server/tests/api/activitypub/helpers.ts')
-rw-r--r-- | server/tests/api/activitypub/helpers.ts | 182 |
1 files changed, 182 insertions, 0 deletions
diff --git a/server/tests/api/activitypub/helpers.ts b/server/tests/api/activitypub/helpers.ts new file mode 100644 index 000000000..ac6e755c3 --- /dev/null +++ b/server/tests/api/activitypub/helpers.ts | |||
@@ -0,0 +1,182 @@ | |||
1 | /* tslint:disable:no-unused-expression */ | ||
2 | |||
3 | import 'mocha' | ||
4 | import { expect } from 'chai' | ||
5 | import { buildRequestStub } from '../../../../shared/utils/miscs/stubs' | ||
6 | import { isHTTPSignatureVerified, isJsonLDSignatureVerified, parseHTTPSignature } from '../../../helpers/peertube-crypto' | ||
7 | import { cloneDeep } from 'lodash' | ||
8 | import { buildSignedActivity } from '../../../helpers/activitypub' | ||
9 | |||
10 | describe('Test activity pub helpers', function () { | ||
11 | describe('When checking the Linked Signature', function () { | ||
12 | |||
13 | it('Should fail with an invalid Mastodon signature', async function () { | ||
14 | const body = require('./json/mastodon/create-bad-signature.json') | ||
15 | const publicKey = require('./json/mastodon/public-key.json').publicKey | ||
16 | const fromActor = { publicKey, url: 'http://localhost:9002/accounts/peertube' } | ||
17 | |||
18 | const result = await isJsonLDSignatureVerified(fromActor as any, body) | ||
19 | |||
20 | expect(result).to.be.false | ||
21 | }) | ||
22 | |||
23 | it('Should fail with an invalid public key', async function () { | ||
24 | const body = require('./json/mastodon/create.json') | ||
25 | const publicKey = require('./json/mastodon/bad-public-key.json').publicKey | ||
26 | const fromActor = { publicKey, url: 'http://localhost:9002/accounts/peertube' } | ||
27 | |||
28 | const result = await isJsonLDSignatureVerified(fromActor as any, body) | ||
29 | |||
30 | expect(result).to.be.false | ||
31 | }) | ||
32 | |||
33 | it('Should succeed with a valid Mastodon signature', async function () { | ||
34 | const body = require('./json/mastodon/create.json') | ||
35 | const publicKey = require('./json/mastodon/public-key.json').publicKey | ||
36 | const fromActor = { publicKey, url: 'http://localhost:9002/accounts/peertube' } | ||
37 | |||
38 | const result = await isJsonLDSignatureVerified(fromActor as any, body) | ||
39 | |||
40 | expect(result).to.be.true | ||
41 | }) | ||
42 | |||
43 | it('Should fail with an invalid PeerTube signature', async function () { | ||
44 | const keys = require('./json/peertube/invalid-keys.json') | ||
45 | const body = require('./json/peertube/announce-without-context.json') | ||
46 | |||
47 | const actorSignature = { url: 'http://localhost:9002/accounts/peertube', privateKey: keys.privateKey } | ||
48 | const signedBody = await buildSignedActivity(actorSignature as any, body) | ||
49 | |||
50 | const fromActor = { publicKey: keys.publicKey, url: 'http://localhost:9002/accounts/peertube' } | ||
51 | const result = await isJsonLDSignatureVerified(fromActor as any, signedBody) | ||
52 | |||
53 | expect(result).to.be.false | ||
54 | }) | ||
55 | |||
56 | it('Should fail with an invalid PeerTube URL', async function () { | ||
57 | const keys = require('./json/peertube/keys.json') | ||
58 | const body = require('./json/peertube/announce-without-context.json') | ||
59 | |||
60 | const actorSignature = { url: 'http://localhost:9002/accounts/peertube', privateKey: keys.privateKey } | ||
61 | const signedBody = await buildSignedActivity(actorSignature as any, body) | ||
62 | |||
63 | const fromActor = { publicKey: keys.publicKey, url: 'http://localhost:9003/accounts/peertube' } | ||
64 | const result = await isJsonLDSignatureVerified(fromActor as any, signedBody) | ||
65 | |||
66 | expect(result).to.be.false | ||
67 | }) | ||
68 | |||
69 | it('Should succeed with a valid PeerTube signature', async function () { | ||
70 | const keys = require('./json/peertube/keys.json') | ||
71 | const body = require('./json/peertube/announce-without-context.json') | ||
72 | |||
73 | const actorSignature = { url: 'http://localhost:9002/accounts/peertube', privateKey: keys.privateKey } | ||
74 | const signedBody = await buildSignedActivity(actorSignature as any, body) | ||
75 | |||
76 | const fromActor = { publicKey: keys.publicKey, url: 'http://localhost:9002/accounts/peertube' } | ||
77 | const result = await isJsonLDSignatureVerified(fromActor as any, signedBody) | ||
78 | |||
79 | expect(result).to.be.true | ||
80 | }) | ||
81 | }) | ||
82 | |||
83 | describe('When checking HTTP signature', function () { | ||
84 | it('Should fail with an invalid http signature', async function () { | ||
85 | const req = buildRequestStub() | ||
86 | req.method = 'POST' | ||
87 | req.url = '/accounts/ronan/inbox' | ||
88 | |||
89 | const mastodonObject = cloneDeep(require('./json/mastodon/bad-http-signature.json')) | ||
90 | req.body = mastodonObject.body | ||
91 | req.headers = mastodonObject.headers | ||
92 | req.headers.signature = 'Signature ' + req.headers.signature | ||
93 | |||
94 | const parsed = parseHTTPSignature(req, 3600 * 1000 * 365 * 10) | ||
95 | const publicKey = require('./json/mastodon/public-key.json').publicKey | ||
96 | |||
97 | const actor = { publicKey } | ||
98 | const verified = isHTTPSignatureVerified(parsed, actor as any) | ||
99 | |||
100 | expect(verified).to.be.false | ||
101 | }) | ||
102 | |||
103 | it('Should fail with an invalid public key', async function () { | ||
104 | const req = buildRequestStub() | ||
105 | req.method = 'POST' | ||
106 | req.url = '/accounts/ronan/inbox' | ||
107 | |||
108 | const mastodonObject = cloneDeep(require('./json/mastodon/http-signature.json')) | ||
109 | req.body = mastodonObject.body | ||
110 | req.headers = mastodonObject.headers | ||
111 | req.headers.signature = 'Signature ' + req.headers.signature | ||
112 | |||
113 | const parsed = parseHTTPSignature(req, 3600 * 1000 * 365 * 10) | ||
114 | const publicKey = require('./json/mastodon/bad-public-key.json').publicKey | ||
115 | |||
116 | const actor = { publicKey } | ||
117 | const verified = isHTTPSignatureVerified(parsed, actor as any) | ||
118 | |||
119 | expect(verified).to.be.false | ||
120 | }) | ||
121 | |||
122 | it('Should fail because of clock skew', async function () { | ||
123 | const req = buildRequestStub() | ||
124 | req.method = 'POST' | ||
125 | req.url = '/accounts/ronan/inbox' | ||
126 | |||
127 | const mastodonObject = cloneDeep(require('./json/mastodon/http-signature.json')) | ||
128 | req.body = mastodonObject.body | ||
129 | req.headers = mastodonObject.headers | ||
130 | req.headers.signature = 'Signature ' + req.headers.signature | ||
131 | |||
132 | let errored = false | ||
133 | try { | ||
134 | parseHTTPSignature(req) | ||
135 | } catch { | ||
136 | errored = true | ||
137 | } | ||
138 | |||
139 | expect(errored).to.be.true | ||
140 | }) | ||
141 | |||
142 | it('Should fail without scheme', async function () { | ||
143 | const req = buildRequestStub() | ||
144 | req.method = 'POST' | ||
145 | req.url = '/accounts/ronan/inbox' | ||
146 | |||
147 | const mastodonObject = cloneDeep(require('./json/mastodon/http-signature.json')) | ||
148 | req.body = mastodonObject.body | ||
149 | req.headers = mastodonObject.headers | ||
150 | |||
151 | let errored = false | ||
152 | try { | ||
153 | parseHTTPSignature(req, 3600 * 1000 * 365 * 10) | ||
154 | } catch { | ||
155 | errored = true | ||
156 | } | ||
157 | |||
158 | expect(errored).to.be.true | ||
159 | }) | ||
160 | |||
161 | it('Should succeed with a valid signature', async function () { | ||
162 | const req = buildRequestStub() | ||
163 | req.method = 'POST' | ||
164 | req.url = '/accounts/ronan/inbox' | ||
165 | |||
166 | const mastodonObject = cloneDeep(require('./json/mastodon/http-signature.json')) | ||
167 | req.body = mastodonObject.body | ||
168 | req.headers = mastodonObject.headers | ||
169 | req.headers.signature = 'Signature ' + req.headers.signature | ||
170 | |||
171 | const parsed = parseHTTPSignature(req, 3600 * 1000 * 365 * 10) | ||
172 | const publicKey = require('./json/mastodon/public-key.json').publicKey | ||
173 | |||
174 | const actor = { publicKey } | ||
175 | const verified = isHTTPSignatureVerified(parsed, actor as any) | ||
176 | |||
177 | expect(verified).to.be.true | ||
178 | }) | ||
179 | |||
180 | }) | ||
181 | |||
182 | }) | ||