diff options
Diffstat (limited to 'server/tests/api/activitypub/security.ts')
-rw-r--r-- | server/tests/api/activitypub/security.ts | 17 |
1 files changed, 9 insertions, 8 deletions
diff --git a/server/tests/api/activitypub/security.ts b/server/tests/api/activitypub/security.ts index e6002b661..55dcced15 100644 --- a/server/tests/api/activitypub/security.ts +++ b/server/tests/api/activitypub/security.ts | |||
@@ -9,6 +9,7 @@ import * as chai from 'chai' | |||
9 | import { activityPubContextify, buildSignedActivity } from '../../../helpers/activitypub' | 9 | import { activityPubContextify, buildSignedActivity } from '../../../helpers/activitypub' |
10 | import { makeFollowRequest, makePOSTAPRequest } from '../../../../shared/extra-utils/requests/activitypub' | 10 | import { makeFollowRequest, makePOSTAPRequest } from '../../../../shared/extra-utils/requests/activitypub' |
11 | import { buildDigest } from '@server/helpers/peertube-crypto' | 11 | import { buildDigest } from '@server/helpers/peertube-crypto' |
12 | import { HttpStatusCode } from '../../../../shared/core-utils/miscs/http-error-codes' | ||
12 | 13 | ||
13 | const expect = chai.expect | 14 | const expect = chai.expect |
14 | 15 | ||
@@ -74,7 +75,7 @@ describe('Test ActivityPub security', function () { | |||
74 | 75 | ||
75 | const { response } = await makePOSTAPRequest(url, body, baseHttpSignature(), headers) | 76 | const { response } = await makePOSTAPRequest(url, body, baseHttpSignature(), headers) |
76 | 77 | ||
77 | expect(response.statusCode).to.equal(403) | 78 | expect(response.statusCode).to.equal(HttpStatusCode.FORBIDDEN_403) |
78 | }) | 79 | }) |
79 | 80 | ||
80 | it('Should fail with an invalid date', async function () { | 81 | it('Should fail with an invalid date', async function () { |
@@ -84,7 +85,7 @@ describe('Test ActivityPub security', function () { | |||
84 | 85 | ||
85 | const { response } = await makePOSTAPRequest(url, body, baseHttpSignature(), headers) | 86 | const { response } = await makePOSTAPRequest(url, body, baseHttpSignature(), headers) |
86 | 87 | ||
87 | expect(response.statusCode).to.equal(403) | 88 | expect(response.statusCode).to.equal(HttpStatusCode.FORBIDDEN_403) |
88 | }) | 89 | }) |
89 | 90 | ||
90 | it('Should fail with bad keys', async function () { | 91 | it('Should fail with bad keys', async function () { |
@@ -96,7 +97,7 @@ describe('Test ActivityPub security', function () { | |||
96 | 97 | ||
97 | const { response } = await makePOSTAPRequest(url, body, baseHttpSignature(), headers) | 98 | const { response } = await makePOSTAPRequest(url, body, baseHttpSignature(), headers) |
98 | 99 | ||
99 | expect(response.statusCode).to.equal(403) | 100 | expect(response.statusCode).to.equal(HttpStatusCode.FORBIDDEN_403) |
100 | }) | 101 | }) |
101 | 102 | ||
102 | it('Should reject requests without appropriate signed headers', async function () { | 103 | it('Should reject requests without appropriate signed headers', async function () { |
@@ -117,7 +118,7 @@ describe('Test ActivityPub security', function () { | |||
117 | signatureOptions.headers = badHeaders | 118 | signatureOptions.headers = badHeaders |
118 | 119 | ||
119 | const { response } = await makePOSTAPRequest(url, body, signatureOptions, headers) | 120 | const { response } = await makePOSTAPRequest(url, body, signatureOptions, headers) |
120 | expect(response.statusCode).to.equal(403) | 121 | expect(response.statusCode).to.equal(HttpStatusCode.FORBIDDEN_403) |
121 | } | 122 | } |
122 | }) | 123 | }) |
123 | 124 | ||
@@ -127,7 +128,7 @@ describe('Test ActivityPub security', function () { | |||
127 | 128 | ||
128 | const { response } = await makePOSTAPRequest(url, body, baseHttpSignature(), headers) | 129 | const { response } = await makePOSTAPRequest(url, body, baseHttpSignature(), headers) |
129 | 130 | ||
130 | expect(response.statusCode).to.equal(204) | 131 | expect(response.statusCode).to.equal(HttpStatusCode.NO_CONTENT_204) |
131 | }) | 132 | }) |
132 | }) | 133 | }) |
133 | 134 | ||
@@ -156,7 +157,7 @@ describe('Test ActivityPub security', function () { | |||
156 | 157 | ||
157 | const { response } = await makePOSTAPRequest(url, signedBody, baseHttpSignature(), headers) | 158 | const { response } = await makePOSTAPRequest(url, signedBody, baseHttpSignature(), headers) |
158 | 159 | ||
159 | expect(response.statusCode).to.equal(403) | 160 | expect(response.statusCode).to.equal(HttpStatusCode.FORBIDDEN_403) |
160 | }) | 161 | }) |
161 | 162 | ||
162 | it('Should fail with an altered body', async function () { | 163 | it('Should fail with an altered body', async function () { |
@@ -177,7 +178,7 @@ describe('Test ActivityPub security', function () { | |||
177 | 178 | ||
178 | const { response } = await makePOSTAPRequest(url, signedBody, baseHttpSignature(), headers) | 179 | const { response } = await makePOSTAPRequest(url, signedBody, baseHttpSignature(), headers) |
179 | 180 | ||
180 | expect(response.statusCode).to.equal(403) | 181 | expect(response.statusCode).to.equal(HttpStatusCode.FORBIDDEN_403) |
181 | }) | 182 | }) |
182 | 183 | ||
183 | it('Should succeed with a valid signature', async function () { | 184 | it('Should succeed with a valid signature', async function () { |
@@ -193,7 +194,7 @@ describe('Test ActivityPub security', function () { | |||
193 | 194 | ||
194 | const { response } = await makePOSTAPRequest(url, signedBody, baseHttpSignature(), headers) | 195 | const { response } = await makePOSTAPRequest(url, signedBody, baseHttpSignature(), headers) |
195 | 196 | ||
196 | expect(response.statusCode).to.equal(204) | 197 | expect(response.statusCode).to.equal(HttpStatusCode.NO_CONTENT_204) |
197 | }) | 198 | }) |
198 | }) | 199 | }) |
199 | 200 | ||