35 files changed, 1425 insertions, 337 deletions

diff --git a/server/tests/api/check-params/index.ts b/server/tests/api/check-params/index.ts
index cd7a38459..33dc8fb76 100644
--- a/server/tests/api/check-params/index.ts
+++ b/server/tests/api/check-params/index.ts
@@ -2,6 +2,7 @@ import './abuses'
 import './accounts'
 import './blocklist'
 import './bulk'
+import './channel-import-videos'
 import './config'
 import './contact-form'
 import './custom-pages'
@@ -17,6 +18,7 @@ import './redundancy'
 import './search'
 import './services'
 import './transcoding'
+import './two-factor'
 import './upload-quota'
 import './user-notifications'
 import './user-subscriptions'
@@ -24,12 +26,11 @@ import './users-admin'
 import './users'
 import './video-blacklist'
 import './video-captions'
+import './video-channel-syncs'
 import './video-channels'
 import './video-comments'
 import './video-files'
 import './video-imports'
-import './video-channel-syncs'
-import './channel-import-videos'
 import './video-playlists'
 import './video-source'
 import './video-studio'
diff --git a/server/tests/api/check-params/two-factor.ts b/server/tests/api/check-params/two-factor.ts
new file mode 100644
index 000000000..f8365f1b5
--- /dev/null
+++ b/server/tests/api/check-params/two-factor.ts
@@ -0,0 +1,288 @@
+/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
+
+import { HttpStatusCode } from '@shared/models'
+import { cleanupTests, createSingleServer, PeerTubeServer, setAccessTokensToServers, TwoFactorCommand } from '@shared/server-commands'
+
+describe('Test two factor API validators', function () {
+  let server: PeerTubeServer
+
+  let rootId: number
+  let rootPassword: string
+  let rootRequestToken: string
+  let rootOTPToken: string
+
+  let userId: number
+  let userToken = ''
+  let userPassword: string
+  let userRequestToken: string
+  let userOTPToken: string
+
+  // ---------------------------------------------------------------
+
+  before(async function () {
+    this.timeout(30000)
+
+    {
+      server = await createSingleServer(1)
+      await setAccessTokensToServers([ server ])
+    }
+
+    {
+      const result = await server.users.generate('user1')
+      userToken = result.token
+      userId = result.userId
+      userPassword = result.password
+    }
+
+    {
+      const { id } = await server.users.getMyInfo()
+      rootId = id
+      rootPassword = server.store.user.password
+    }
+  })
+
+  describe('When requesting two factor', function () {
+
+    it('Should fail with an unknown user id', async function () {
+      await server.twoFactor.request({ userId: 42, currentPassword: rootPassword, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
+    })
+
+    it('Should fail with an invalid user id', async function () {
+      await server.twoFactor.request({
+        userId: 'invalid' as any,
+        currentPassword: rootPassword,
+        expectedStatus: HttpStatusCode.BAD_REQUEST_400
+      })
+    })
+
+    it('Should fail to request another user two factor without the appropriate rights', async function () {
+      await server.twoFactor.request({
+        userId: rootId,
+        token: userToken,
+        currentPassword: userPassword,
+        expectedStatus: HttpStatusCode.FORBIDDEN_403
+      })
+    })
+
+    it('Should succeed to request another user two factor with the appropriate rights', async function () {
+      await server.twoFactor.request({ userId, currentPassword: rootPassword })
+    })
+
+    it('Should fail to request two factor without a password', async function () {
+      await server.twoFactor.request({
+        userId,
+        token: userToken,
+        currentPassword: undefined,
+        expectedStatus: HttpStatusCode.BAD_REQUEST_400
+      })
+    })
+
+    it('Should fail to request two factor with an incorrect password', async function () {
+      await server.twoFactor.request({
+        userId,
+        token: userToken,
+        currentPassword: rootPassword,
+        expectedStatus: HttpStatusCode.FORBIDDEN_403
+      })
+    })
+
+    it('Should succeed to request two factor without a password when targeting a remote user with an admin account', async function () {
+      await server.twoFactor.request({ userId })
+    })
+
+    it('Should fail to request two factor without a password when targeting myself with an admin account', async function () {
+      await server.twoFactor.request({ userId: rootId, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
+      await server.twoFactor.request({ userId: rootId, currentPassword: 'bad', expectedStatus: HttpStatusCode.FORBIDDEN_403 })
+    })
+
+    it('Should succeed to request my two factor auth', async function () {
+      {
+        const { otpRequest } = await server.twoFactor.request({ userId, token: userToken, currentPassword: userPassword })
+        userRequestToken = otpRequest.requestToken
+        userOTPToken = TwoFactorCommand.buildOTP({ secret: otpRequest.secret }).generate()
+      }
+
+      {
+        const { otpRequest } = await server.twoFactor.request({ userId: rootId, currentPassword: rootPassword })
+        rootRequestToken = otpRequest.requestToken
+        rootOTPToken = TwoFactorCommand.buildOTP({ secret: otpRequest.secret }).generate()
+      }
+    })
+  })
+
+  describe('When confirming two factor request', function () {
+
+    it('Should fail with an unknown user id', async function () {
+      await server.twoFactor.confirmRequest({
+        userId: 42,
+        requestToken: rootRequestToken,
+        otpToken: rootOTPToken,
+        expectedStatus: HttpStatusCode.NOT_FOUND_404
+      })
+    })
+
+    it('Should fail with an invalid user id', async function () {
+      await server.twoFactor.confirmRequest({
+        userId: 'invalid' as any,
+        requestToken: rootRequestToken,
+        otpToken: rootOTPToken,
+        expectedStatus: HttpStatusCode.BAD_REQUEST_400
+      })
+    })
+
+    it('Should fail to confirm another user two factor request without the appropriate rights', async function () {
+      await server.twoFactor.confirmRequest({
+        userId: rootId,
+        token: userToken,
+        requestToken: rootRequestToken,
+        otpToken: rootOTPToken,
+        expectedStatus: HttpStatusCode.FORBIDDEN_403
+      })
+    })
+
+    it('Should fail without request token', async function () {
+      await server.twoFactor.confirmRequest({
+        userId,
+        requestToken: undefined,
+        otpToken: userOTPToken,
+        expectedStatus: HttpStatusCode.BAD_REQUEST_400
+      })
+    })
+
+    it('Should fail with an invalid request token', async function () {
+      await server.twoFactor.confirmRequest({
+        userId,
+        requestToken: 'toto',
+        otpToken: userOTPToken,
+        expectedStatus: HttpStatusCode.FORBIDDEN_403
+      })
+    })
+
+    it('Should fail with request token of another user', async function () {
+      await server.twoFactor.confirmRequest({
+        userId,
+        requestToken: rootRequestToken,
+        otpToken: userOTPToken,
+        expectedStatus: HttpStatusCode.FORBIDDEN_403
+      })
+    })
+
+    it('Should fail without an otp token', async function () {
+      await server.twoFactor.confirmRequest({
+        userId,
+        requestToken: userRequestToken,
+        otpToken: undefined,
+        expectedStatus: HttpStatusCode.BAD_REQUEST_400
+      })
+    })
+
+    it('Should fail with a bad otp token', async function () {
+      await server.twoFactor.confirmRequest({
+        userId,
+        requestToken: userRequestToken,
+        otpToken: '123456',
+        expectedStatus: HttpStatusCode.FORBIDDEN_403
+      })
+    })
+
+    it('Should succeed to confirm another user two factor request with the appropriate rights', async function () {
+      await server.twoFactor.confirmRequest({
+        userId,
+        requestToken: userRequestToken,
+        otpToken: userOTPToken
+      })
+
+      // Reinit
+      await server.twoFactor.disable({ userId, currentPassword: rootPassword })
+    })
+
+    it('Should succeed to confirm my two factor request', async function () {
+      await server.twoFactor.confirmRequest({
+        userId,
+        token: userToken,
+        requestToken: userRequestToken,
+        otpToken: userOTPToken
+      })
+    })
+
+    it('Should fail to confirm again two factor request', async function () {
+      await server.twoFactor.confirmRequest({
+        userId,
+        token: userToken,
+        requestToken: userRequestToken,
+        otpToken: userOTPToken,
+        expectedStatus: HttpStatusCode.BAD_REQUEST_400
+      })
+    })
+  })
+
+  describe('When disabling two factor', function () {
+
+    it('Should fail with an unknown user id', async function () {
+      await server.twoFactor.disable({
+        userId: 42,
+        currentPassword: rootPassword,
+        expectedStatus: HttpStatusCode.NOT_FOUND_404
+      })
+    })
+
+    it('Should fail with an invalid user id', async function () {
+      await server.twoFactor.disable({
+        userId: 'invalid' as any,
+        currentPassword: rootPassword,
+        expectedStatus: HttpStatusCode.BAD_REQUEST_400
+      })
+    })
+
+    it('Should fail to disable another user two factor without the appropriate rights', async function () {
+      await server.twoFactor.disable({
+        userId: rootId,
+        token: userToken,
+        currentPassword: userPassword,
+        expectedStatus: HttpStatusCode.FORBIDDEN_403
+      })
+    })
+
+    it('Should fail to disable two factor with an incorrect password', async function () {
+      await server.twoFactor.disable({
+        userId,
+        token: userToken,
+        currentPassword: rootPassword,
+        expectedStatus: HttpStatusCode.FORBIDDEN_403
+      })
+    })
+
+    it('Should succeed to disable two factor without a password when targeting a remote user with an admin account', async function () {
+      await server.twoFactor.disable({ userId })
+      await server.twoFactor.requestAndConfirm({ userId })
+    })
+
+    it('Should fail to disable two factor without a password when targeting myself with an admin account', async function () {
+      await server.twoFactor.disable({ userId: rootId, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
+      await server.twoFactor.disable({ userId: rootId, currentPassword: 'bad', expectedStatus: HttpStatusCode.FORBIDDEN_403 })
+    })
+
+    it('Should succeed to disable another user two factor with the appropriate rights', async function () {
+      await server.twoFactor.disable({ userId, currentPassword: rootPassword })
+
+      await server.twoFactor.requestAndConfirm({ userId })
+    })
+
+    it('Should succeed to update my two factor auth', async function () {
+      await server.twoFactor.disable({ userId, token: userToken, currentPassword: userPassword })
+    })
+
+    it('Should fail to disable again two factor', async function () {
+      await server.twoFactor.disable({
+        userId,
+        token: userToken,
+        currentPassword: userPassword,
+        expectedStatus: HttpStatusCode.BAD_REQUEST_400
+      })
+    })
+  })
+
+  after(async function () {
+    await cleanupTests([ server ])
+  })
+})
diff --git a/server/tests/api/live/live-fast-restream.ts b/server/tests/api/live/live-fast-restream.ts
index 502959258..3ea6be9ff 100644
--- a/server/tests/api/live/live-fast-restream.ts
+++ b/server/tests/api/live/live-fast-restream.ts
@@ -59,7 +59,7 @@ describe('Fast restream in live', function () {
       const video = await server.videos.get({ id: liveId })
       expect(video.streamingPlaylists).to.have.lengthOf(1)
 
-      await server.live.getSegment({ videoUUID: liveId, segment: 0, playlistNumber: 0 })
+      await server.live.getSegmentFile({ videoUUID: liveId, segment: 0, playlistNumber: 0 })
       await makeRawRequest(video.streamingPlaylists[0].playlistUrl, HttpStatusCode.OK_200)
       await makeRawRequest(video.streamingPlaylists[0].segmentsSha256Url, HttpStatusCode.OK_200)
 
diff --git a/server/tests/api/live/live.ts b/server/tests/api/live/live.ts
index c436f0f01..5dd2bd9ab 100644
--- a/server/tests/api/live/live.ts
+++ b/server/tests/api/live/live.ts
@@ -3,7 +3,7 @@
 import { expect } from 'chai'
 import { basename, join } from 'path'
 import { ffprobePromise, getVideoStream } from '@server/helpers/ffmpeg'
-import { checkLiveSegmentHash, checkResolutionsInMasterPlaylist, testImage } from '@server/tests/shared'
+import { testImage, testVideoResolutions } from '@server/tests/shared'
 import { getAllFiles, wait } from '@shared/core-utils'
 import {
   HttpStatusCode,
@@ -372,46 +372,6 @@ describe('Test live', function () {
       return uuid
     }
 
-    async function testVideoResolutions (liveVideoId: string, resolutions: number[]) {
-      for (const server of servers) {
-        const { data } = await server.videos.list()
-        expect(data.find(v => v.uuid === liveVideoId)).to.exist
-
-        const video = await server.videos.get({ id: liveVideoId })
-
-        expect(video.streamingPlaylists).to.have.lengthOf(1)
-
-        const hlsPlaylist = video.streamingPlaylists.find(s => s.type === VideoStreamingPlaylistType.HLS)
-        expect(hlsPlaylist).to.exist
-
-        // Only finite files are displayed
-        expect(hlsPlaylist.files).to.have.lengthOf(0)
-
-        await checkResolutionsInMasterPlaylist({ server, playlistUrl: hlsPlaylist.playlistUrl, resolutions })
-
-        for (let i = 0; i < resolutions.length; i++) {
-          const segmentNum = 3
-          const segmentName = `${i}-00000${segmentNum}.ts`
-          await commands[0].waitUntilSegmentGeneration({ videoUUID: video.uuid, playlistNumber: i, segment: segmentNum })
-
-          const subPlaylist = await servers[0].streamingPlaylists.get({
-            url: `${servers[0].url}/static/streaming-playlists/hls/${video.uuid}/${i}.m3u8`
-          })
-
-          expect(subPlaylist).to.contain(segmentName)
-
-          const baseUrlAndPath = servers[0].url + '/static/streaming-playlists/hls'
-          await checkLiveSegmentHash({
-            server,
-            baseUrlSegment: baseUrlAndPath,
-            videoUUID: video.uuid,
-            segmentName,
-            hlsPlaylist
-          })
-        }
-      }
-    }
-
     function updateConf (resolutions: number[]) {
       return servers[0].config.updateCustomSubConfig({
         newConfig: {
@@ -449,7 +409,14 @@ describe('Test live', function () {
       await waitUntilLivePublishedOnAllServers(servers, liveVideoId)
       await waitJobs(servers)
 
-      await testVideoResolutions(liveVideoId, [ 720 ])
+      await testVideoResolutions({
+        originServer: servers[0],
+        servers,
+        liveVideoId,
+        resolutions: [ 720 ],
+        objectStorage: false,
+        transcoded: true
+      })
 
       await stopFfmpeg(ffmpegCommand)
     })
@@ -477,7 +444,14 @@ describe('Test live', function () {
       await waitUntilLivePublishedOnAllServers(servers, liveVideoId)
       await waitJobs(servers)
 
-      await testVideoResolutions(liveVideoId, resolutions.concat([ 720 ]))
+      await testVideoResolutions({
+        originServer: servers[0],
+        servers,
+        liveVideoId,
+        resolutions: resolutions.concat([ 720 ]),
+        objectStorage: false,
+        transcoded: true
+      })
 
       await stopFfmpeg(ffmpegCommand)
     })
@@ -522,7 +496,14 @@ describe('Test live', function () {
       await waitUntilLivePublishedOnAllServers(servers, liveVideoId)
       await waitJobs(servers)
 
-      await testVideoResolutions(liveVideoId, resolutions)
+      await testVideoResolutions({
+        originServer: servers[0],
+        servers,
+        liveVideoId,
+        resolutions,
+        objectStorage: false,
+        transcoded: true
+      })
 
       await stopFfmpeg(ffmpegCommand)
       await commands[0].waitUntilEnded({ videoId: liveVideoId })
@@ -538,7 +519,7 @@ describe('Test live', function () {
       }
 
       const minBitrateLimits = {
-        720: 5500 * 1000,
+        720: 5000 * 1000,
         360: 1000 * 1000,
         240: 550 * 1000
       }
@@ -569,7 +550,7 @@ describe('Test live', function () {
           if (resolution >= 720) {
             expect(file.fps).to.be.approximately(60, 10)
           } else {
-            expect(file.fps).to.be.approximately(30, 2)
+            expect(file.fps).to.be.approximately(30, 3)
           }
 
           const filename = basename(file.fileUrl)
@@ -611,7 +592,14 @@ describe('Test live', function () {
       await waitUntilLivePublishedOnAllServers(servers, liveVideoId)
       await waitJobs(servers)
 
-      await testVideoResolutions(liveVideoId, resolutions)
+      await testVideoResolutions({
+        originServer: servers[0],
+        servers,
+        liveVideoId,
+        resolutions,
+        objectStorage: false,
+        transcoded: true
+      })
 
       await stopFfmpeg(ffmpegCommand)
       await commands[0].waitUntilEnded({ videoId: liveVideoId })
@@ -640,7 +628,14 @@ describe('Test live', function () {
       await waitUntilLivePublishedOnAllServers(servers, liveVideoId)
       await waitJobs(servers)
 
-      await testVideoResolutions(liveVideoId, [ 720 ])
+      await testVideoResolutions({
+        originServer: servers[0],
+        servers,
+        liveVideoId,
+        resolutions: [ 720 ],
+        objectStorage: false,
+        transcoded: true
+      })
 
       await stopFfmpeg(ffmpegCommand)
       await commands[0].waitUntilEnded({ videoId: liveVideoId })
diff --git a/server/tests/api/notifications/admin-notifications.ts b/server/tests/api/notifications/admin-notifications.ts
index b3bb4888e..07c981a37 100644
--- a/server/tests/api/notifications/admin-notifications.ts
+++ b/server/tests/api/notifications/admin-notifications.ts
@@ -37,7 +37,7 @@ describe('Test admin notifications', function () {
       plugins: {
         index: {
           enabled: true,
-          check_latest_versions_interval: '5 seconds'
+          check_latest_versions_interval: '3 seconds'
         }
       }
     }
@@ -62,7 +62,7 @@ describe('Test admin notifications', function () {
 
   describe('Latest PeerTube version notification', function () {
 
-    it('Should not send a notification to admins if there is not a new version', async function () {
+    it('Should not send a notification to admins if there is no new version', async function () {
       this.timeout(30000)
 
       joinPeerTubeServer.setLatestVersion('1.4.2')
@@ -71,7 +71,7 @@ describe('Test admin notifications', function () {
       await checkNewPeerTubeVersion({ ...baseParams, latestVersion: '1.4.2', checkType: 'absence' })
     })
 
-    it('Should send a notification to admins on new plugin version', async function () {
+    it('Should send a notification to admins on new version', async function () {
       this.timeout(30000)
 
       joinPeerTubeServer.setLatestVersion('15.4.2')
diff --git a/server/tests/api/notifications/moderation-notifications.ts b/server/tests/api/notifications/moderation-notifications.ts
index d8a7d576e..fc953f144 100644
--- a/server/tests/api/notifications/moderation-notifications.ts
+++ b/server/tests/api/notifications/moderation-notifications.ts
@@ -382,7 +382,7 @@ describe('Test moderation notifications', function () {
     })
 
     it('Should send a notification only to admin when there is a new instance follower', async function () {
-      this.timeout(20000)
+      this.timeout(60000)
 
       await servers[2].follows.follow({ hosts: [ servers[0].url ] })
 
diff --git a/server/tests/api/object-storage/live.ts b/server/tests/api/object-storage/live.ts
index 0958ffe0f..7e16b4c89 100644
--- a/server/tests/api/object-storage/live.ts
+++ b/server/tests/api/object-storage/live.ts
@@ -1,9 +1,9 @@
 /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
 
 import { expect } from 'chai'
-import { expectStartWith } from '@server/tests/shared'
+import { expectStartWith, testVideoResolutions } from '@server/tests/shared'
 import { areObjectStorageTestsDisabled } from '@shared/core-utils'
-import { HttpStatusCode, LiveVideoCreate, VideoFile, VideoPrivacy } from '@shared/models'
+import { HttpStatusCode, LiveVideoCreate, VideoPrivacy } from '@shared/models'
 import {
   createMultipleServers,
   doubleFollow,
@@ -35,41 +35,43 @@ async function createLive (server: PeerTubeServer, permanent: boolean) {
   return uuid
 }
 
-async function checkFiles (files: VideoFile[]) {
-  for (const file of files) {
-    expectStartWith(file.fileUrl, ObjectStorageCommand.getPlaylistBaseUrl())
+async function checkFilesExist (servers: PeerTubeServer[], videoUUID: string, numberOfFiles: number) {
+  for (const server of servers) {
+    const video = await server.videos.get({ id: videoUUID })
 
-    await makeRawRequest(file.fileUrl, HttpStatusCode.OK_200)
-  }
-}
+    expect(video.files).to.have.lengthOf(0)
+    expect(video.streamingPlaylists).to.have.lengthOf(1)
 
-async function getFiles (server: PeerTubeServer, videoUUID: string) {
-  const video = await server.videos.get({ id: videoUUID })
+    const files = video.streamingPlaylists[0].files
+    expect(files).to.have.lengthOf(numberOfFiles)
 
-  expect(video.files).to.have.lengthOf(0)
-  expect(video.streamingPlaylists).to.have.lengthOf(1)
+    for (const file of files) {
+      expectStartWith(file.fileUrl, ObjectStorageCommand.getPlaylistBaseUrl())
 
-  return video.streamingPlaylists[0].files
+      await makeRawRequest(file.fileUrl, HttpStatusCode.OK_200)
+    }
+  }
 }
 
-async function streamAndEnd (servers: PeerTubeServer[], liveUUID: string) {
-  const ffmpegCommand = await servers[0].live.sendRTMPStreamInVideo({ videoId: liveUUID })
-  await waitUntilLivePublishedOnAllServers(servers, liveUUID)
-
-  const videoLiveDetails = await servers[0].videos.get({ id: liveUUID })
-  const liveDetails = await servers[0].live.get({ videoId: liveUUID })
+async function checkFilesCleanup (server: PeerTubeServer, videoUUID: string, resolutions: number[]) {
+  const resolutionFiles = resolutions.map((_value, i) => `${i}.m3u8`)
 
-  await stopFfmpeg(ffmpegCommand)
-
-  if (liveDetails.permanentLive) {
-    await waitUntilLiveWaitingOnAllServers(servers, liveUUID)
-  } else {
-    await waitUntilLiveReplacedByReplayOnAllServers(servers, liveUUID)
+  for (const playlistName of [ 'master.m3u8' ].concat(resolutionFiles)) {
+    await server.live.getPlaylistFile({
+      videoUUID,
+      playlistName,
+      expectedStatus: HttpStatusCode.NOT_FOUND_404,
+      objectStorage: true
+    })
   }
 
-  await waitJobs(servers)
-
-  return { videoLiveDetails, liveDetails }
+  await server.live.getSegmentFile({
+    videoUUID,
+    playlistNumber: 0,
+    segment: 0,
+    objectStorage: true,
+    expectedStatus: HttpStatusCode.NOT_FOUND_404
+  })
 }
 
 describe('Object storage for lives', function () {
@@ -100,57 +102,124 @@ describe('Object storage for lives', function () {
       videoUUID = await createLive(servers[0], false)
     })
 
-    it('Should create a live and save the replay on object storage', async function () {
+    it('Should create a live and publish it on object storage', async function () {
+      this.timeout(220000)
+
+      const ffmpegCommand = await servers[0].live.sendRTMPStreamInVideo({ videoId: videoUUID })
+      await waitUntilLivePublishedOnAllServers(servers, videoUUID)
+
+      await testVideoResolutions({
+        originServer: servers[0],
+        servers,
+        liveVideoId: videoUUID,
+        resolutions: [ 720 ],
+        transcoded: false,
+        objectStorage: true
+      })
+
+      await stopFfmpeg(ffmpegCommand)
+    })
+
+    it('Should have saved the replay on object storage', async function () {
       this.timeout(220000)
 
-      await streamAndEnd(servers, videoUUID)
+      await waitUntilLiveReplacedByReplayOnAllServers(servers, videoUUID)
+      await waitJobs(servers)
 
-      for (const server of servers) {
-        const files = await getFiles(server, videoUUID)
-        expect(files).to.have.lengthOf(1)
+      await checkFilesExist(servers, videoUUID, 1)
+    })
 
-        await checkFiles(files)
-      }
+    it('Should have cleaned up live files from object storage', async function () {
+      await checkFilesCleanup(servers[0], videoUUID, [ 720 ])
     })
   })
 
   describe('With live transcoding', async function () {
-    let videoUUIDPermanent: string
-    let videoUUIDNonPermanent: string
+    const resolutions = [ 720, 480, 360, 240, 144 ]
 
     before(async function () {
       await servers[0].config.enableLive({ transcoding: true })
-
-      videoUUIDPermanent = await createLive(servers[0], true)
-      videoUUIDNonPermanent = await createLive(servers[0], false)
     })
 
-    it('Should create a live and save the replay on object storage', async function () {
-      this.timeout(240000)
+    describe('Normal replay', function () {
+      let videoUUIDNonPermanent: string
+
+      before(async function () {
+        videoUUIDNonPermanent = await createLive(servers[0], false)
+      })
+
+      it('Should create a live and publish it on object storage', async function () {
+        this.timeout(240000)
+
+        const ffmpegCommand = await servers[0].live.sendRTMPStreamInVideo({ videoId: videoUUIDNonPermanent })
+        await waitUntilLivePublishedOnAllServers(servers, videoUUIDNonPermanent)
+
+        await testVideoResolutions({
+          originServer: servers[0],
+          servers,
+          liveVideoId: videoUUIDNonPermanent,
+          resolutions,
+          transcoded: true,
+          objectStorage: true
+        })
+
+        await stopFfmpeg(ffmpegCommand)
+      })
 
-      await streamAndEnd(servers, videoUUIDNonPermanent)
+      it('Should have saved the replay on object storage', async function () {
+        this.timeout(220000)
 
-      for (const server of servers) {
-        const files = await getFiles(server, videoUUIDNonPermanent)
-        expect(files).to.have.lengthOf(5)
+        await waitUntilLiveReplacedByReplayOnAllServers(servers, videoUUIDNonPermanent)
+        await waitJobs(servers)
 
-        await checkFiles(files)
-      }
+        await checkFilesExist(servers, videoUUIDNonPermanent, 5)
+      })
+
+      it('Should have cleaned up live files from object storage', async function () {
+        await checkFilesCleanup(servers[0], videoUUIDNonPermanent, resolutions)
+      })
     })
 
-    it('Should create a live and save the replay of permanent live on object storage', async function () {
-      this.timeout(240000)
+    describe('Permanent replay', function () {
+      let videoUUIDPermanent: string
+
+      before(async function () {
+        videoUUIDPermanent = await createLive(servers[0], true)
+      })
+
+      it('Should create a live and publish it on object storage', async function () {
+        this.timeout(240000)
+
+        const ffmpegCommand = await servers[0].live.sendRTMPStreamInVideo({ videoId: videoUUIDPermanent })
+        await waitUntilLivePublishedOnAllServers(servers, videoUUIDPermanent)
+
+        await testVideoResolutions({
+          originServer: servers[0],
+          servers,
+          liveVideoId: videoUUIDPermanent,
+          resolutions,
+          transcoded: true,
+          objectStorage: true
+        })
+
+        await stopFfmpeg(ffmpegCommand)
+      })
+
+      it('Should have saved the replay on object storage', async function () {
+        this.timeout(220000)
 
-      const { videoLiveDetails } = await streamAndEnd(servers, videoUUIDPermanent)
+        await waitUntilLiveWaitingOnAllServers(servers, videoUUIDPermanent)
+        await waitJobs(servers)
 
-      const replay = await findExternalSavedVideo(servers[0], videoLiveDetails)
+        const videoLiveDetails = await servers[0].videos.get({ id: videoUUIDPermanent })
+        const replay = await findExternalSavedVideo(servers[0], videoLiveDetails)
 
-      for (const server of servers) {
-        const files = await getFiles(server, replay.uuid)
-        expect(files).to.have.lengthOf(5)
+        await checkFilesExist(servers, replay.uuid, 5)
+      })
 
-        await checkFiles(files)
-      }
+      it('Should have cleaned up live files from object storage', async function () {
+        await checkFilesCleanup(servers[0], videoUUIDPermanent, resolutions)
+      })
     })
   })
 
diff --git a/server/tests/api/redundancy/redundancy.ts b/server/tests/api/redundancy/redundancy.ts
index 5abed358f..f349a7a76 100644
--- a/server/tests/api/redundancy/redundancy.ts
+++ b/server/tests/api/redundancy/redundancy.ts
@@ -5,7 +5,7 @@ import { readdir } from 'fs-extra'
 import magnetUtil from 'magnet-uri'
 import { basename, join } from 'path'
 import { checkSegmentHash, checkVideoFilesWereRemoved, saveVideoInServers } from '@server/tests/shared'
-import { root, wait } from '@shared/core-utils'
+import { wait } from '@shared/core-utils'
 import {
   HttpStatusCode,
   VideoDetails,
@@ -159,12 +159,12 @@ async function check2Webseeds (videoUUID?: string) {
   const { webtorrentFilenames } = await ensureSameFilenames(videoUUID)
 
   const directories = [
-    'test' + servers[0].internalServerNumber + '/redundancy',
-    'test' + servers[1].internalServerNumber + '/videos'
+    servers[0].getDirectoryPath('redundancy'),
+    servers[1].getDirectoryPath('videos')
   ]
 
   for (const directory of directories) {
-    const files = await readdir(join(root(), directory))
+    const files = await readdir(directory)
     expect(files).to.have.length.at.least(4)
 
     // Ensure we files exist on disk
@@ -214,12 +214,12 @@ async function check1PlaylistRedundancies (videoUUID?: string) {
   const { hlsFilenames } = await ensureSameFilenames(videoUUID)
 
   const directories = [
-    'test' + servers[0].internalServerNumber + '/redundancy/hls',
-    'test' + servers[1].internalServerNumber + '/streaming-playlists/hls'
+    servers[0].getDirectoryPath('redundancy/hls'),
+    servers[1].getDirectoryPath('streaming-playlists/hls')
   ]
 
   for (const directory of directories) {
-    const files = await readdir(join(root(), directory, videoUUID))
+    const files = await readdir(join(directory, videoUUID))
     expect(files).to.have.length.at.least(4)
 
     // Ensure we files exist on disk
diff --git a/server/tests/api/users/index.ts b/server/tests/api/users/index.ts
index c65152c6f..643f1a531 100644
--- a/server/tests/api/users/index.ts
+++ b/server/tests/api/users/index.ts
@@ -1,3 +1,4 @@
+import './two-factor'
 import './user-subscriptions'
 import './user-videos'
 import './users'
diff --git a/server/tests/api/users/two-factor.ts b/server/tests/api/users/two-factor.ts
new file mode 100644
index 000000000..0dcab9e17
--- /dev/null
+++ b/server/tests/api/users/two-factor.ts
@@ -0,0 +1,200 @@
+/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
+
+import { expect } from 'chai'
+import { expectStartWith } from '@server/tests/shared'
+import { HttpStatusCode } from '@shared/models'
+import { cleanupTests, createSingleServer, PeerTubeServer, setAccessTokensToServers, TwoFactorCommand } from '@shared/server-commands'
+
+async function login (options: {
+  server: PeerTubeServer
+  username: string
+  password: string
+  otpToken?: string
+  expectedStatus?: HttpStatusCode
+}) {
+  const { server, username, password, otpToken, expectedStatus } = options
+
+  const user = { username, password }
+  const { res, body: { access_token: token } } = await server.login.loginAndGetResponse({ user, otpToken, expectedStatus })
+
+  return { res, token }
+}
+
+describe('Test users', function () {
+  let server: PeerTubeServer
+  let otpSecret: string
+  let requestToken: string
+
+  const userUsername = 'user1'
+  let userId: number
+  let userPassword: string
+  let userToken: string
+
+  before(async function () {
+    this.timeout(30000)
+
+    server = await createSingleServer(1)
+
+    await setAccessTokensToServers([ server ])
+    const res = await server.users.generate(userUsername)
+    userId = res.userId
+    userPassword = res.password
+    userToken = res.token
+  })
+
+  it('Should not add the header on login if two factor is not enabled', async function () {
+    const { res, token } = await login({ server, username: userUsername, password: userPassword })
+
+    expect(res.header['x-peertube-otp']).to.not.exist
+
+    await server.users.getMyInfo({ token })
+  })
+
+  it('Should request two factor and get the secret and uri', async function () {
+    const { otpRequest } = await server.twoFactor.request({ userId, token: userToken, currentPassword: userPassword })
+
+    expect(otpRequest.requestToken).to.exist
+
+    expect(otpRequest.secret).to.exist
+    expect(otpRequest.secret).to.have.lengthOf(32)
+
+    expect(otpRequest.uri).to.exist
+    expectStartWith(otpRequest.uri, 'otpauth://')
+    expect(otpRequest.uri).to.include(otpRequest.secret)
+
+    requestToken = otpRequest.requestToken
+    otpSecret = otpRequest.secret
+  })
+
+  it('Should not have two factor confirmed yet', async function () {
+    const { twoFactorEnabled } = await server.users.getMyInfo({ token: userToken })
+    expect(twoFactorEnabled).to.be.false
+  })
+
+  it('Should confirm two factor', async function () {
+    await server.twoFactor.confirmRequest({
+      userId,
+      token: userToken,
+      otpToken: TwoFactorCommand.buildOTP({ secret: otpSecret }).generate(),
+      requestToken
+    })
+  })
+
+  it('Should not add the header on login if two factor is enabled and password is incorrect', async function () {
+    const { res, token } = await login({ server, username: userUsername, password: 'fake', expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
+
+    expect(res.header['x-peertube-otp']).to.not.exist
+    expect(token).to.not.exist
+  })
+
+  it('Should add the header on login if two factor is enabled and password is correct', async function () {
+    const { res, token } = await login({
+      server,
+      username: userUsername,
+      password: userPassword,
+      expectedStatus: HttpStatusCode.UNAUTHORIZED_401
+    })
+
+    expect(res.header['x-peertube-otp']).to.exist
+    expect(token).to.not.exist
+
+    await server.users.getMyInfo({ token })
+  })
+
+  it('Should not login with correct password and incorrect otp secret', async function () {
+    const otp = TwoFactorCommand.buildOTP({ secret: 'a'.repeat(32) })
+
+    const { res, token } = await login({
+      server,
+      username: userUsername,
+      password: userPassword,
+      otpToken: otp.generate(),
+      expectedStatus: HttpStatusCode.BAD_REQUEST_400
+    })
+
+    expect(res.header['x-peertube-otp']).to.not.exist
+    expect(token).to.not.exist
+  })
+
+  it('Should not login with correct password and incorrect otp code', async function () {
+    const { res, token } = await login({
+      server,
+      username: userUsername,
+      password: userPassword,
+      otpToken: '123456',
+      expectedStatus: HttpStatusCode.BAD_REQUEST_400
+    })
+
+    expect(res.header['x-peertube-otp']).to.not.exist
+    expect(token).to.not.exist
+  })
+
+  it('Should not login with incorrect password and correct otp code', async function () {
+    const otpToken = TwoFactorCommand.buildOTP({ secret: otpSecret }).generate()
+
+    const { res, token } = await login({
+      server,
+      username: userUsername,
+      password: 'fake',
+      otpToken,
+      expectedStatus: HttpStatusCode.BAD_REQUEST_400
+    })
+
+    expect(res.header['x-peertube-otp']).to.not.exist
+    expect(token).to.not.exist
+  })
+
+  it('Should correctly login with correct password and otp code', async function () {
+    const otpToken = TwoFactorCommand.buildOTP({ secret: otpSecret }).generate()
+
+    const { res, token } = await login({ server, username: userUsername, password: userPassword, otpToken })
+
+    expect(res.header['x-peertube-otp']).to.not.exist
+    expect(token).to.exist
+
+    await server.users.getMyInfo({ token })
+  })
+
+  it('Should have two factor enabled when getting my info', async function () {
+    const { twoFactorEnabled } = await server.users.getMyInfo({ token: userToken })
+    expect(twoFactorEnabled).to.be.true
+  })
+
+  it('Should disable two factor and be able to login without otp token', async function () {
+    await server.twoFactor.disable({ userId, token: userToken, currentPassword: userPassword })
+
+    const { res, token } = await login({ server, username: userUsername, password: userPassword })
+    expect(res.header['x-peertube-otp']).to.not.exist
+
+    await server.users.getMyInfo({ token })
+  })
+
+  it('Should have two factor disabled when getting my info', async function () {
+    const { twoFactorEnabled } = await server.users.getMyInfo({ token: userToken })
+    expect(twoFactorEnabled).to.be.false
+  })
+
+  it('Should enable two factor auth without password from an admin', async function () {
+    const { otpRequest } = await server.twoFactor.request({ userId })
+
+    await server.twoFactor.confirmRequest({
+      userId,
+      otpToken: TwoFactorCommand.buildOTP({ secret: otpRequest.secret }).generate(),
+      requestToken: otpRequest.requestToken
+    })
+
+    const { twoFactorEnabled } = await server.users.getMyInfo({ token: userToken })
+    expect(twoFactorEnabled).to.be.true
+  })
+
+  it('Should disable two factor auth without password from an admin', async function () {
+    await server.twoFactor.disable({ userId })
+
+    const { twoFactorEnabled } = await server.users.getMyInfo({ token: userToken })
+    expect(twoFactorEnabled).to.be.false
+  })
+
+  after(async function () {
+    await cleanupTests([ server ])
+  })
+})
diff --git a/server/tests/api/users/users-multiple-servers.ts b/server/tests/api/users/users-multiple-servers.ts
index 62d668d1e..188e6f137 100644
--- a/server/tests/api/users/users-multiple-servers.ts
+++ b/server/tests/api/users/users-multiple-servers.ts
@@ -197,7 +197,7 @@ describe('Test users with multiple servers', function () {
   it('Should not have actor files', async () => {
     for (const server of servers) {
       for (const userAvatarFilename of userAvatarFilenames) {
-        await checkActorFilesWereRemoved(userAvatarFilename, server.internalServerNumber)
+        await checkActorFilesWereRemoved(userAvatarFilename, server)
       }
     }
   })
diff --git a/server/tests/api/videos/multiple-servers.ts b/server/tests/api/videos/multiple-servers.ts
index d47807a79..2ad749fd4 100644
--- a/server/tests/api/videos/multiple-servers.ts
+++ b/server/tests/api/videos/multiple-servers.ts
@@ -156,7 +156,7 @@ describe('Test multiple servers', function () {
     })
 
     it('Should upload the video on server 2 and propagate on each server', async function () {
-      this.timeout(100000)
+      this.timeout(240000)
 
       const user = {
         username: 'user1',
diff --git a/server/tests/api/videos/video-files.ts b/server/tests/api/videos/video-files.ts
index 10277b9cf..c0b886aad 100644
--- a/server/tests/api/videos/video-files.ts
+++ b/server/tests/api/videos/video-files.ts
@@ -33,7 +33,7 @@ describe('Test videos files', function () {
     let validId2: string
 
     before(async function () {
-      this.timeout(120_000)
+      this.timeout(360_000)
 
       {
         const { uuid } = await servers[0].videos.quickUpload({ name: 'video 1' })
diff --git a/server/tests/api/videos/video-playlists.ts b/server/tests/api/videos/video-playlists.ts
index 47b8c7b1e..9d223de48 100644
--- a/server/tests/api/videos/video-playlists.ts
+++ b/server/tests/api/videos/video-playlists.ts
@@ -70,7 +70,7 @@ describe('Test video playlists', function () {
   let commands: PlaylistsCommand[]
 
   before(async function () {
-    this.timeout(120000)
+    this.timeout(240000)
 
     servers = await createMultipleServers(3)
 
@@ -1049,7 +1049,7 @@ describe('Test video playlists', function () {
       this.timeout(30000)
 
       for (const server of servers) {
-        await checkPlaylistFilesWereRemoved(playlistServer1UUID, server.internalServerNumber)
+        await checkPlaylistFilesWereRemoved(playlistServer1UUID, server)
       }
     })
 
diff --git a/server/tests/api/videos/video-privacy.ts b/server/tests/api/videos/video-privacy.ts
index b18c71c94..92f5dab3c 100644
--- a/server/tests/api/videos/video-privacy.ts
+++ b/server/tests/api/videos/video-privacy.ts
@@ -45,7 +45,7 @@ describe('Test video privacy', function () {
   describe('Private and internal videos', function () {
 
     it('Should upload a private and internal videos on server 1', async function () {
-      this.timeout(10000)
+      this.timeout(50000)
 
       for (const privacy of [ VideoPrivacy.PRIVATE, VideoPrivacy.INTERNAL ]) {
         const attributes = { privacy }
diff --git a/server/tests/api/videos/videos-common-filters.ts b/server/tests/api/videos/videos-common-filters.ts
index e7fc15e42..b176d90ab 100644
--- a/server/tests/api/videos/videos-common-filters.ts
+++ b/server/tests/api/videos/videos-common-filters.ts
@@ -232,7 +232,7 @@ describe('Test videos filter', function () {
     })
 
     it('Should display only remote videos', async function () {
-      this.timeout(40000)
+      this.timeout(120000)
 
       await servers[1].videos.upload({ attributes: { name: 'remote video' } })
 
diff --git a/server/tests/external-plugins/akismet.ts b/server/tests/external-plugins/akismet.ts
new file mode 100644
index 000000000..974bf0011
--- /dev/null
+++ b/server/tests/external-plugins/akismet.ts
@@ -0,0 +1,160 @@
+/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
+
+import { expect } from 'chai'
+import { HttpStatusCode } from '@shared/models'
+import {
+  cleanupTests,
+  createMultipleServers,
+  doubleFollow,
+  PeerTubeServer,
+  setAccessTokensToServers,
+  waitJobs
+} from '@shared/server-commands'
+
+describe('Official plugin Akismet', function () {
+  let servers: PeerTubeServer[]
+  let videoUUID: string
+
+  before(async function () {
+    this.timeout(30000)
+
+    servers = await createMultipleServers(2)
+    await setAccessTokensToServers(servers)
+
+    await servers[0].plugins.install({
+      npmName: 'peertube-plugin-akismet'
+    })
+
+    if (!process.env.AKISMET_KEY) throw new Error('Missing AKISMET_KEY from env')
+
+    await servers[0].plugins.updateSettings({
+      npmName: 'peertube-plugin-akismet',
+      settings: {
+        'akismet-api-key': process.env.AKISMET_KEY
+      }
+    })
+
+    await doubleFollow(servers[0], servers[1])
+  })
+
+  describe('Local threads/replies', function () {
+
+    before(async function () {
+      const { uuid } = await servers[0].videos.quickUpload({ name: 'video 1' })
+      videoUUID = uuid
+    })
+
+    it('Should not detect a thread as spam', async function () {
+      await servers[0].comments.createThread({ videoId: videoUUID, text: 'comment' })
+    })
+
+    it('Should not detect a reply as spam', async function () {
+      await servers[0].comments.addReplyToLastThread({ text: 'reply' })
+    })
+
+    it('Should detect a thread as spam', async function () {
+      await servers[0].comments.createThread({
+        videoId: videoUUID,
+        text: 'akismet-guaranteed-spam',
+        expectedStatus: HttpStatusCode.FORBIDDEN_403
+      })
+    })
+
+    it('Should detect a thread as spam', async function () {
+      await servers[0].comments.createThread({ videoId: videoUUID, text: 'comment' })
+      await servers[0].comments.addReplyToLastThread({ text: 'akismet-guaranteed-spam', expectedStatus: HttpStatusCode.FORBIDDEN_403 })
+    })
+  })
+
+  describe('Remote threads/replies', function () {
+
+    before(async function () {
+      this.timeout(60000)
+
+      const { uuid } = await servers[0].videos.quickUpload({ name: 'video 1' })
+      videoUUID = uuid
+
+      await waitJobs(servers)
+    })
+
+    it('Should not detect a thread as spam', async function () {
+      this.timeout(30000)
+
+      await servers[1].comments.createThread({ videoId: videoUUID, text: 'remote comment 1' })
+      await waitJobs(servers)
+
+      const { data } = await servers[0].comments.listThreads({ videoId: videoUUID })
+      expect(data).to.have.lengthOf(1)
+    })
+
+    it('Should not detect a reply as spam', async function () {
+      this.timeout(30000)
+
+      await servers[1].comments.addReplyToLastThread({ text: 'I agree with you' })
+      await waitJobs(servers)
+
+      const { data } = await servers[0].comments.listThreads({ videoId: videoUUID })
+      expect(data).to.have.lengthOf(1)
+
+      const tree = await servers[0].comments.getThread({ videoId: videoUUID, threadId: data[0].id })
+      expect(tree.children).to.have.lengthOf(1)
+    })
+
+    it('Should detect a thread as spam', async function () {
+      this.timeout(30000)
+
+      await servers[1].comments.createThread({ videoId: videoUUID, text: 'akismet-guaranteed-spam' })
+      await waitJobs(servers)
+
+      const { data } = await servers[0].comments.listThreads({ videoId: videoUUID })
+      expect(data).to.have.lengthOf(1)
+    })
+
+    it('Should detect a thread as spam', async function () {
+      this.timeout(30000)
+
+      await servers[1].comments.addReplyToLastThread({ text: 'akismet-guaranteed-spam' })
+      await waitJobs(servers)
+
+      const { data } = await servers[0].comments.listThreads({ videoId: videoUUID })
+      expect(data).to.have.lengthOf(1)
+
+      const thread = data[0]
+      const tree = await servers[0].comments.getThread({ videoId: videoUUID, threadId: thread.id })
+      expect(tree.children).to.have.lengthOf(1)
+    })
+  })
+
+  describe('Signup', function () {
+
+    before(async function () {
+      await servers[0].config.updateExistingSubConfig({
+        newConfig: {
+          signup: {
+            enabled: true
+          }
+        }
+      })
+    })
+
+    it('Should allow signup', async function () {
+      await servers[0].users.register({
+        username: 'user1',
+        displayName: 'user 1'
+      })
+    })
+
+    it('Should detect a signup as SPAM', async function () {
+      await servers[0].users.register({
+        username: 'user2',
+        displayName: 'user 2',
+        email: 'akismet-guaranteed-spam@example.com',
+        expectedStatus: HttpStatusCode.FORBIDDEN_403
+      })
+    })
+  })
+
+  after(async function () {
+    await cleanupTests(servers)
+  })
+})
diff --git a/server/tests/external-plugins/auth-ldap.ts b/server/tests/external-plugins/auth-ldap.ts
index d7f155d2a..6f6a574a0 100644
--- a/server/tests/external-plugins/auth-ldap.ts
+++ b/server/tests/external-plugins/auth-ldap.ts
@@ -94,6 +94,14 @@ describe('Official plugin auth-ldap', function () {
     await server.login.login({ user: { username: 'fry@planetexpress.com', password: 'fry' } })
   })
 
+  it('Should not be able to ask password reset', async function () {
+    await server.users.askResetPassword({ email: 'fry@planetexpress.com', expectedStatus: HttpStatusCode.CONFLICT_409 })
+  })
+
+  it('Should not be able to ask email verification', async function () {
+    await server.users.askSendVerifyEmail({ email: 'fry@planetexpress.com', expectedStatus: HttpStatusCode.CONFLICT_409 })
+  })
+
   it('Should not login if the plugin is uninstalled', async function () {
     await server.plugins.uninstall({ npmName: 'peertube-plugin-auth-ldap' })
 
diff --git a/server/tests/external-plugins/index.ts b/server/tests/external-plugins/index.ts
index 31d818b51..815bbf1da 100644
--- a/server/tests/external-plugins/index.ts
+++ b/server/tests/external-plugins/index.ts
@@ -1,3 +1,4 @@
+import './akismet'
 import './auth-ldap'
 import './auto-block-videos'
 import './auto-mute'
diff --git a/server/tests/fixtures/peertube-plugin-test-four/main.js b/server/tests/fixtures/peertube-plugin-test-four/main.js
index 5194e3e02..3e848c49e 100644
--- a/server/tests/fixtures/peertube-plugin-test-four/main.js
+++ b/server/tests/fixtures/peertube-plugin-test-four/main.js
@@ -128,6 +128,22 @@ async function register ({
 
       return res.json(result)
     })
+
+    router.post('/send-notification', async (req, res) => {
+      peertubeHelpers.socket.sendNotification(req.body.userId, {
+        type: 1,
+        userId: req.body.userId
+      })
+
+      return res.sendStatus(201)
+    })
+
+    router.post('/send-video-live-new-state/:uuid', async (req, res) => {
+      const video = await peertubeHelpers.videos.loadByIdOrUUID(req.params.uuid)
+      peertubeHelpers.socket.sendVideoLiveNewState(video)
+
+      return res.sendStatus(201)
+    })
   }
 
 }
diff --git a/server/tests/fixtures/peertube-plugin-test-websocket/main.js b/server/tests/fixtures/peertube-plugin-test-websocket/main.js
new file mode 100644
index 000000000..3fde76cfe
--- /dev/null
+++ b/server/tests/fixtures/peertube-plugin-test-websocket/main.js
@@ -0,0 +1,36 @@
+const WebSocketServer = require('ws').WebSocketServer
+
+async function register ({
+  registerWebSocketRoute
+}) {
+  const wss = new WebSocketServer({ noServer: true })
+
+  wss.on('connection', function connection(ws) {
+    ws.on('message', function message(data) {
+      if (data.toString() === 'ping') {
+        ws.send('pong')
+      }
+    })
+  })
+
+  registerWebSocketRoute({
+    route: '/toto',
+
+    handler: (request, socket, head) => {
+      wss.handleUpgrade(request, socket, head, ws => {
+        wss.emit('connection', ws, request)
+      })
+    }
+  })
+}
+
+async function unregister () {
+  return
+}
+
+module.exports = {
+  register,
+  unregister
+}
+
+// ###########################################################################
diff --git a/server/tests/fixtures/peertube-plugin-test-websocket/package.json b/server/tests/fixtures/peertube-plugin-test-websocket/package.json
new file mode 100644
index 000000000..89c8baa04
--- /dev/null
+++ b/server/tests/fixtures/peertube-plugin-test-websocket/package.json
@@ -0,0 +1,20 @@
+{
+  "name": "peertube-plugin-test-websocket",
+  "version": "0.0.1",
+  "description": "Plugin test websocket",
+  "engine": {
+    "peertube": ">=1.3.0"
+  },
+  "keywords": [
+    "peertube",
+    "plugin"
+  ],
+  "homepage": "https://github.com/Chocobozzz/PeerTube",
+  "author": "Chocobozzz",
+  "bugs": "https://github.com/Chocobozzz/PeerTube/issues",
+  "library": "./main.js",
+  "staticDirs": {},
+  "css": [],
+  "clientScripts": [],
+  "translations": {}
+}
diff --git a/server/tests/fixtures/peertube-plugin-test/main.js b/server/tests/fixtures/peertube-plugin-test/main.js
index 813482a27..19dccf26e 100644
--- a/server/tests/fixtures/peertube-plugin-test/main.js
+++ b/server/tests/fixtures/peertube-plugin-test/main.js
@@ -178,6 +178,8 @@ async function register ({ registerHook, registerSetting, settingsManager, stora
     }
   })
 
+  // ---------------------------------------------------------------------------
+
   registerHook({
     target: 'filter:api.video-thread.create.accept.result',
     handler: ({ accepted }, { commentBody }) => checkCommentBadWord(accepted, commentBody)
@@ -189,6 +191,13 @@ async function register ({ registerHook, registerSetting, settingsManager, stora
   })
 
   registerHook({
+    target: 'filter:activity-pub.remote-video-comment.create.accept.result',
+    handler: ({ accepted }, { comment }) => checkCommentBadWord(accepted, comment)
+  })
+
+  // ---------------------------------------------------------------------------
+
+  registerHook({
     target: 'filter:api.video-threads.list.params',
     handler: obj => addToCount(obj)
   })
diff --git a/server/tests/helpers/crypto.ts b/server/tests/helpers/crypto.ts
new file mode 100644
index 000000000..b508c715b
--- /dev/null
+++ b/server/tests/helpers/crypto.ts
@@ -0,0 +1,33 @@
+/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
+
+import { expect } from 'chai'
+import { decrypt, encrypt } from '@server/helpers/peertube-crypto'
+
+describe('Encrypt/Descrypt', function () {
+
+  it('Should encrypt and decrypt the string', async function () {
+    const secret = 'my_secret'
+    const str = 'my super string'
+
+    const encrypted = await encrypt(str, secret)
+    const decrypted = await decrypt(encrypted, secret)
+
+    expect(str).to.equal(decrypted)
+  })
+
+  it('Should not decrypt without the same secret', async function () {
+    const str = 'my super string'
+
+    const encrypted = await encrypt(str, 'my_secret')
+
+    let error = false
+
+    try {
+      await decrypt(encrypted, 'my_sicret')
+    } catch (err) {
+      error = true
+    }
+
+    expect(error).to.be.true
+  })
+})
diff --git a/server/tests/helpers/index.ts b/server/tests/helpers/index.ts
index 951208842..1f0e3098a 100644
--- a/server/tests/helpers/index.ts
+++ b/server/tests/helpers/index.ts
@@ -1,6 +1,7 @@
-import './image'
+import './comment-model'
 import './core-utils'
+import './crypto'
 import './dns'
-import './comment-model'
+import './image'
 import './markdown'
 import './request'
diff --git a/server/tests/misc-endpoints.ts b/server/tests/misc-endpoints.ts
index 663ac044a..d2072342e 100644
--- a/server/tests/misc-endpoints.ts
+++ b/server/tests/misc-endpoints.ts
@@ -1,18 +1,24 @@
 /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
 
 import { expect } from 'chai'
-import { cleanupTests, createSingleServer, makeGetRequest, PeerTubeServer, setAccessTokensToServers } from '@shared/server-commands'
+import { writeJson } from 'fs-extra'
+import { join } from 'path'
 import { HttpStatusCode, VideoPrivacy } from '@shared/models'
+import { cleanupTests, createSingleServer, makeGetRequest, PeerTubeServer, setAccessTokensToServers } from '@shared/server-commands'
 import { expectLogDoesNotContain } from './shared'
 
 describe('Test misc endpoints', function () {
   let server: PeerTubeServer
+  let wellKnownPath: string
 
   before(async function () {
     this.timeout(120000)
 
     server = await createSingleServer(1)
+
     await setAccessTokensToServers([ server ])
+
+    wellKnownPath = server.getDirectoryPath('well-known')
   })
 
   describe('Test a well known endpoints', function () {
@@ -93,6 +99,28 @@ describe('Test misc endpoints', function () {
       expect(remoteInteract).to.exist
       expect(remoteInteract.template).to.equal(server.url + '/remote-interaction?uri={uri}')
     })
+
+    it('Should return 404 for non-existing files in /.well-known', async function () {
+      await makeGetRequest({
+        url: server.url,
+        path: '/.well-known/non-existing-file',
+        expectedStatus: HttpStatusCode.NOT_FOUND_404
+      })
+    })
+
+    it('Should return custom file from /.well-known', async function () {
+      const filename = 'existing-file.json'
+
+      await writeJson(join(wellKnownPath, filename), { iThink: 'therefore I am' })
+
+      const { body } = await makeGetRequest({
+        url: server.url,
+        path: '/.well-known/' + filename,
+        expectedStatus: HttpStatusCode.OK_200
+      })
+
+      expect(body.iThink).to.equal('therefore I am')
+    })
   })
 
   describe('Test classic static endpoints', function () {
diff --git a/server/tests/plugins/filter-hooks.ts b/server/tests/plugins/filter-hooks.ts
index 026c7e856..ae4b3cf5f 100644
--- a/server/tests/plugins/filter-hooks.ts
+++ b/server/tests/plugins/filter-hooks.ts
@@ -64,232 +64,289 @@ describe('Test plugin filter hooks', function () {
     })
   })
 
-  it('Should run filter:api.videos.list.params', async function () {
-    const { data } = await servers[0].videos.list({ start: 0, count: 2 })
+  describe('Videos', function () {
 
-    // 2 plugins do +1 to the count parameter
-    expect(data).to.have.lengthOf(4)
-  })
+    it('Should run filter:api.videos.list.params', async function () {
+      const { data } = await servers[0].videos.list({ start: 0, count: 2 })
 
-  it('Should run filter:api.videos.list.result', async function () {
-    const { total } = await servers[0].videos.list({ start: 0, count: 0 })
+      // 2 plugins do +1 to the count parameter
+      expect(data).to.have.lengthOf(4)
+    })
 
-    // Plugin do +1 to the total result
-    expect(total).to.equal(11)
-  })
+    it('Should run filter:api.videos.list.result', async function () {
+      const { total } = await servers[0].videos.list({ start: 0, count: 0 })
 
-  it('Should run filter:api.video-playlist.videos.list.params', async function () {
-    const { data } = await servers[0].playlists.listVideos({
-      count: 2,
-      playlistId: videoPlaylistUUID
+      // Plugin do +1 to the total result
+      expect(total).to.equal(11)
     })
 
-    // 1 plugin do +1 to the count parameter
-    expect(data).to.have.lengthOf(3)
-  })
+    it('Should run filter:api.video-playlist.videos.list.params', async function () {
+      const { data } = await servers[0].playlists.listVideos({
+        count: 2,
+        playlistId: videoPlaylistUUID
+      })
 
-  it('Should run filter:api.video-playlist.videos.list.result', async function () {
-    const { total } = await servers[0].playlists.listVideos({
-      count: 0,
-      playlistId: videoPlaylistUUID
+      // 1 plugin do +1 to the count parameter
+      expect(data).to.have.lengthOf(3)
     })
 
-    // Plugin do +1 to the total result
-    expect(total).to.equal(11)
-  })
+    it('Should run filter:api.video-playlist.videos.list.result', async function () {
+      const { total } = await servers[0].playlists.listVideos({
+        count: 0,
+        playlistId: videoPlaylistUUID
+      })
 
-  it('Should run filter:api.accounts.videos.list.params', async function () {
-    const { data } = await servers[0].videos.listByAccount({ handle: 'root', start: 0, count: 2 })
+      // Plugin do +1 to the total result
+      expect(total).to.equal(11)
+    })
 
-    // 1 plugin do +1 to the count parameter
-    expect(data).to.have.lengthOf(3)
-  })
+    it('Should run filter:api.accounts.videos.list.params', async function () {
+      const { data } = await servers[0].videos.listByAccount({ handle: 'root', start: 0, count: 2 })
 
-  it('Should run filter:api.accounts.videos.list.result', async function () {
-    const { total } = await servers[0].videos.listByAccount({ handle: 'root', start: 0, count: 2 })
+      // 1 plugin do +1 to the count parameter
+      expect(data).to.have.lengthOf(3)
+    })
 
-    // Plugin do +2 to the total result
-    expect(total).to.equal(12)
-  })
+    it('Should run filter:api.accounts.videos.list.result', async function () {
+      const { total } = await servers[0].videos.listByAccount({ handle: 'root', start: 0, count: 2 })
 
-  it('Should run filter:api.video-channels.videos.list.params', async function () {
-    const { data } = await servers[0].videos.listByChannel({ handle: 'root_channel', start: 0, count: 2 })
+      // Plugin do +2 to the total result
+      expect(total).to.equal(12)
+    })
 
-    // 1 plugin do +3 to the count parameter
-    expect(data).to.have.lengthOf(5)
-  })
+    it('Should run filter:api.video-channels.videos.list.params', async function () {
+      const { data } = await servers[0].videos.listByChannel({ handle: 'root_channel', start: 0, count: 2 })
 
-  it('Should run filter:api.video-channels.videos.list.result', async function () {
-    const { total } = await servers[0].videos.listByChannel({ handle: 'root_channel', start: 0, count: 2 })
+      // 1 plugin do +3 to the count parameter
+      expect(data).to.have.lengthOf(5)
+    })
 
-    // Plugin do +3 to the total result
-    expect(total).to.equal(13)
-  })
+    it('Should run filter:api.video-channels.videos.list.result', async function () {
+      const { total } = await servers[0].videos.listByChannel({ handle: 'root_channel', start: 0, count: 2 })
 
-  it('Should run filter:api.user.me.videos.list.params', async function () {
-    const { data } = await servers[0].videos.listMyVideos({ start: 0, count: 2 })
+      // Plugin do +3 to the total result
+      expect(total).to.equal(13)
+    })
 
-    // 1 plugin do +4 to the count parameter
-    expect(data).to.have.lengthOf(6)
-  })
+    it('Should run filter:api.user.me.videos.list.params', async function () {
+      const { data } = await servers[0].videos.listMyVideos({ start: 0, count: 2 })
 
-  it('Should run filter:api.user.me.videos.list.result', async function () {
-    const { total } = await servers[0].videos.listMyVideos({ start: 0, count: 2 })
+      // 1 plugin do +4 to the count parameter
+      expect(data).to.have.lengthOf(6)
+    })
 
-    // Plugin do +4 to the total result
-    expect(total).to.equal(14)
-  })
+    it('Should run filter:api.user.me.videos.list.result', async function () {
+      const { total } = await servers[0].videos.listMyVideos({ start: 0, count: 2 })
 
-  it('Should run filter:api.video.get.result', async function () {
-    const video = await servers[0].videos.get({ id: videoUUID })
-    expect(video.name).to.contain('<3')
-  })
+      // Plugin do +4 to the total result
+      expect(total).to.equal(14)
+    })
 
-  it('Should run filter:api.video.upload.accept.result', async function () {
-    await servers[0].videos.upload({ attributes: { name: 'video with bad word' }, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
+    it('Should run filter:api.video.get.result', async function () {
+      const video = await servers[0].videos.get({ id: videoUUID })
+      expect(video.name).to.contain('<3')
+    })
   })
 
-  it('Should run filter:api.live-video.create.accept.result', async function () {
-    const attributes = {
-      name: 'video with bad word',
-      privacy: VideoPrivacy.PUBLIC,
-      channelId: servers[0].store.channel.id
-    }
+  describe('Video/live/import accept', function () {
 
-    await servers[0].live.create({ fields: attributes, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
-  })
-
-  it('Should run filter:api.video.pre-import-url.accept.result', async function () {
-    const attributes = {
-      name: 'normal title',
-      privacy: VideoPrivacy.PUBLIC,
-      channelId: servers[0].store.channel.id,
-      targetUrl: FIXTURE_URLS.goodVideo + 'bad'
-    }
-    await servers[0].imports.importVideo({ attributes, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
-  })
+    it('Should run filter:api.video.upload.accept.result', async function () {
+      await servers[0].videos.upload({ attributes: { name: 'video with bad word' }, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
+    })
 
-  it('Should run filter:api.video.pre-import-torrent.accept.result', async function () {
-    const attributes = {
-      name: 'bad torrent',
-      privacy: VideoPrivacy.PUBLIC,
-      channelId: servers[0].store.channel.id,
-      torrentfile: 'video-720p.torrent' as any
-    }
-    await servers[0].imports.importVideo({ attributes, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
-  })
+    it('Should run filter:api.live-video.create.accept.result', async function () {
+      const attributes = {
+        name: 'video with bad word',
+        privacy: VideoPrivacy.PUBLIC,
+        channelId: servers[0].store.channel.id
+      }
 
-  it('Should run filter:api.video.post-import-url.accept.result', async function () {
-    this.timeout(60000)
+      await servers[0].live.create({ fields: attributes, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
+    })
 
-    let videoImportId: number
+    it('Should run filter:api.video.pre-import-url.accept.result', async function () {
+      const attributes = {
+        name: 'normal title',
+        privacy: VideoPrivacy.PUBLIC,
+        channelId: servers[0].store.channel.id,
+        targetUrl: FIXTURE_URLS.goodVideo + 'bad'
+      }
+      await servers[0].imports.importVideo({ attributes, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
+    })
 
-    {
+    it('Should run filter:api.video.pre-import-torrent.accept.result', async function () {
       const attributes = {
-        name: 'title with bad word',
+        name: 'bad torrent',
         privacy: VideoPrivacy.PUBLIC,
         channelId: servers[0].store.channel.id,
-        targetUrl: FIXTURE_URLS.goodVideo
+        torrentfile: 'video-720p.torrent' as any
       }
-      const body = await servers[0].imports.importVideo({ attributes })
-      videoImportId = body.id
-    }
+      await servers[0].imports.importVideo({ attributes, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
+    })
 
-    await waitJobs(servers)
+    it('Should run filter:api.video.post-import-url.accept.result', async function () {
+      this.timeout(60000)
 
-    {
-      const body = await servers[0].imports.getMyVideoImports()
-      const videoImports = body.data
+      let videoImportId: number
 
-      const videoImport = videoImports.find(i => i.id === videoImportId)
+      {
+        const attributes = {
+          name: 'title with bad word',
+          privacy: VideoPrivacy.PUBLIC,
+          channelId: servers[0].store.channel.id,
+          targetUrl: FIXTURE_URLS.goodVideo
+        }
+        const body = await servers[0].imports.importVideo({ attributes })
+        videoImportId = body.id
+      }
 
-      expect(videoImport.state.id).to.equal(VideoImportState.REJECTED)
-      expect(videoImport.state.label).to.equal('Rejected')
-    }
-  })
+      await waitJobs(servers)
 
-  it('Should run filter:api.video.post-import-torrent.accept.result', async function () {
-    this.timeout(60000)
+      {
+        const body = await servers[0].imports.getMyVideoImports()
+        const videoImports = body.data
 
-    let videoImportId: number
+        const videoImport = videoImports.find(i => i.id === videoImportId)
 
-    {
-      const attributes = {
-        name: 'title with bad word',
-        privacy: VideoPrivacy.PUBLIC,
-        channelId: servers[0].store.channel.id,
-        torrentfile: 'video-720p.torrent' as any
+        expect(videoImport.state.id).to.equal(VideoImportState.REJECTED)
+        expect(videoImport.state.label).to.equal('Rejected')
       }
-      const body = await servers[0].imports.importVideo({ attributes })
-      videoImportId = body.id
-    }
+    })
 
-    await waitJobs(servers)
+    it('Should run filter:api.video.post-import-torrent.accept.result', async function () {
+      this.timeout(60000)
 
-    {
-      const { data: videoImports } = await servers[0].imports.getMyVideoImports()
+      let videoImportId: number
 
-      const videoImport = videoImports.find(i => i.id === videoImportId)
+      {
+        const attributes = {
+          name: 'title with bad word',
+          privacy: VideoPrivacy.PUBLIC,
+          channelId: servers[0].store.channel.id,
+          torrentfile: 'video-720p.torrent' as any
+        }
+        const body = await servers[0].imports.importVideo({ attributes })
+        videoImportId = body.id
+      }
 
-      expect(videoImport.state.id).to.equal(VideoImportState.REJECTED)
-      expect(videoImport.state.label).to.equal('Rejected')
-    }
-  })
+      await waitJobs(servers)
+
+      {
+        const { data: videoImports } = await servers[0].imports.getMyVideoImports()
+
+        const videoImport = videoImports.find(i => i.id === videoImportId)
 
-  it('Should run filter:api.video-thread.create.accept.result', async function () {
-    await servers[0].comments.createThread({
-      videoId: videoUUID,
-      text: 'comment with bad word',
-      expectedStatus: HttpStatusCode.FORBIDDEN_403
+        expect(videoImport.state.id).to.equal(VideoImportState.REJECTED)
+        expect(videoImport.state.label).to.equal('Rejected')
+      }
     })
   })
 
-  it('Should run filter:api.video-comment-reply.create.accept.result', async function () {
-    const created = await servers[0].comments.createThread({ videoId: videoUUID, text: 'thread' })
-    threadId = created.id
+  describe('Video comments accept', function () {
 
-    await servers[0].comments.addReply({
-      videoId: videoUUID,
-      toCommentId: threadId,
-      text: 'comment with bad word',
-      expectedStatus: HttpStatusCode.FORBIDDEN_403
+    it('Should run filter:api.video-thread.create.accept.result', async function () {
+      await servers[0].comments.createThread({
+        videoId: videoUUID,
+        text: 'comment with bad word',
+        expectedStatus: HttpStatusCode.FORBIDDEN_403
+      })
     })
-    await servers[0].comments.addReply({
-      videoId: videoUUID,
-      toCommentId: threadId,
-      text: 'comment with good word',
-      expectedStatus: HttpStatusCode.OK_200
+
+    it('Should run filter:api.video-comment-reply.create.accept.result', async function () {
+      const created = await servers[0].comments.createThread({ videoId: videoUUID, text: 'thread' })
+      threadId = created.id
+
+      await servers[0].comments.addReply({
+        videoId: videoUUID,
+        toCommentId: threadId,
+        text: 'comment with bad word',
+        expectedStatus: HttpStatusCode.FORBIDDEN_403
+      })
+      await servers[0].comments.addReply({
+        videoId: videoUUID,
+        toCommentId: threadId,
+        text: 'comment with good word',
+        expectedStatus: HttpStatusCode.OK_200
+      })
     })
-  })
 
-  it('Should run filter:api.video-threads.list.params', async function () {
-    const { data } = await servers[0].comments.listThreads({ videoId: videoUUID, start: 0, count: 0 })
+    it('Should run filter:activity-pub.remote-video-comment.create.accept.result on a thread creation', async function () {
+      this.timeout(30000)
 
-    // our plugin do +1 to the count parameter
-    expect(data).to.have.lengthOf(1)
-  })
+      await servers[1].comments.createThread({ videoId: videoUUID, text: 'comment with bad word' })
 
-  it('Should run filter:api.video-threads.list.result', async function () {
-    const { total } = await servers[0].comments.listThreads({ videoId: videoUUID, start: 0, count: 0 })
+      await waitJobs(servers)
 
-    // Plugin do +1 to the total result
-    expect(total).to.equal(2)
-  })
+      {
+        const thread = await servers[0].comments.listThreads({ videoId: videoUUID })
+        expect(thread.data).to.have.lengthOf(1)
+        expect(thread.data[0].text).to.not.include(' bad ')
+      }
+
+      {
+        const thread = await servers[1].comments.listThreads({ videoId: videoUUID })
+        expect(thread.data).to.have.lengthOf(2)
+      }
+    })
 
-  it('Should run filter:api.video-thread-comments.list.params')
+    it('Should run filter:activity-pub.remote-video-comment.create.accept.result on a reply creation', async function () {
+      this.timeout(30000)
 
-  it('Should run filter:api.video-thread-comments.list.result', async function () {
-    const thread = await servers[0].comments.getThread({ videoId: videoUUID, threadId })
+      const { data } = await servers[1].comments.listThreads({ videoId: videoUUID })
+      const threadIdServer2 = data.find(t => t.text === 'thread').id
 
-    expect(thread.comment.text.endsWith(' <3')).to.be.true
+      await servers[1].comments.addReply({
+        videoId: videoUUID,
+        toCommentId: threadIdServer2,
+        text: 'comment with bad word'
+      })
+
+      await waitJobs(servers)
+
+      {
+        const tree = await servers[0].comments.getThread({ videoId: videoUUID, threadId })
+        expect(tree.children).to.have.lengthOf(1)
+        expect(tree.children[0].comment.text).to.not.include(' bad ')
+      }
+
+      {
+        const tree = await servers[1].comments.getThread({ videoId: videoUUID, threadId: threadIdServer2 })
+        expect(tree.children).to.have.lengthOf(2)
+      }
+    })
   })
 
-  it('Should run filter:api.overviews.videos.list.{params,result}', async function () {
-    await servers[0].overviews.getVideos({ page: 1 })
+  describe('Video comments', function () {
+
+    it('Should run filter:api.video-threads.list.params', async function () {
+      const { data } = await servers[0].comments.listThreads({ videoId: videoUUID, start: 0, count: 0 })
+
+      // our plugin do +1 to the count parameter
+      expect(data).to.have.lengthOf(1)
+    })
 
-    // 3 because we get 3 samples per page
-    await servers[0].servers.waitUntilLog('Run hook filter:api.overviews.videos.list.params', 3)
-    await servers[0].servers.waitUntilLog('Run hook filter:api.overviews.videos.list.result', 3)
+    it('Should run filter:api.video-threads.list.result', async function () {
+      const { total } = await servers[0].comments.listThreads({ videoId: videoUUID, start: 0, count: 0 })
+
+      // Plugin do +1 to the total result
+      expect(total).to.equal(2)
+    })
+
+    it('Should run filter:api.video-thread-comments.list.params')
+
+    it('Should run filter:api.video-thread-comments.list.result', async function () {
+      const thread = await servers[0].comments.getThread({ videoId: videoUUID, threadId })
+
+      expect(thread.comment.text.endsWith(' <3')).to.be.true
+    })
+
+    it('Should run filter:api.overviews.videos.list.{params,result}', async function () {
+      await servers[0].overviews.getVideos({ page: 1 })
+
+      // 3 because we get 3 samples per page
+      await servers[0].servers.waitUntilLog('Run hook filter:api.overviews.videos.list.params', 3)
+      await servers[0].servers.waitUntilLog('Run hook filter:api.overviews.videos.list.result', 3)
+    })
   })
 
   describe('filter:video.auto-blacklist.result', function () {
diff --git a/server/tests/plugins/index.ts b/server/tests/plugins/index.ts
index 4534120fd..210af7236 100644
--- a/server/tests/plugins/index.ts
+++ b/server/tests/plugins/index.ts
@@ -8,5 +8,6 @@ import './plugin-router'
 import './plugin-storage'
 import './plugin-transcoding'
 import './plugin-unloading'
+import './plugin-websocket'
 import './translations'
 import './video-constants'
diff --git a/server/tests/plugins/plugin-helpers.ts b/server/tests/plugins/plugin-helpers.ts
index 955d7ddfd..31c18350a 100644
--- a/server/tests/plugins/plugin-helpers.ts
+++ b/server/tests/plugins/plugin-helpers.ts
@@ -83,6 +83,33 @@ describe('Test plugin helpers', function () {
     })
   })
 
+  describe('Socket', function () {
+
+    it('Should sendNotification without any exceptions', async () => {
+      const user = await servers[0].users.create({ username: 'notis_redding', password: 'secret1234?' })
+      await makePostBodyRequest({
+        url: servers[0].url,
+        path: '/plugins/test-four/router/send-notification',
+        fields: {
+          userId: user.id
+        },
+        expectedStatus: HttpStatusCode.CREATED_201
+      })
+    })
+
+    it('Should sendVideoLiveNewState without any exceptions', async () => {
+      const res = await servers[0].videos.quickUpload({ name: 'video server 1' })
+
+      await makePostBodyRequest({
+        url: servers[0].url,
+        path: '/plugins/test-four/router/send-video-live-new-state/' + res.uuid,
+        expectedStatus: HttpStatusCode.CREATED_201
+      })
+
+      await servers[0].videos.remove({ id: res.uuid })
+    })
+  })
+
   describe('Plugin', function () {
 
     it('Should get the base static route', async function () {
diff --git a/server/tests/plugins/plugin-websocket.ts b/server/tests/plugins/plugin-websocket.ts
new file mode 100644
index 000000000..adaa28b1d
--- /dev/null
+++ b/server/tests/plugins/plugin-websocket.ts
@@ -0,0 +1,70 @@
+/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
+
+import WebSocket from 'ws'
+import { cleanupTests, createSingleServer, PeerTubeServer, PluginsCommand, setAccessTokensToServers } from '@shared/server-commands'
+
+function buildWebSocket (server: PeerTubeServer, path: string) {
+  return new WebSocket('ws://' + server.host + path)
+}
+
+function expectErrorOrTimeout (server: PeerTubeServer, path: string, expectedTimeout: number) {
+  return new Promise<void>((res, rej) => {
+    const ws = buildWebSocket(server, path)
+    ws.on('error', () => res())
+
+    const timeout = setTimeout(() => res(), expectedTimeout)
+
+    ws.on('open', () => {
+      clearTimeout(timeout)
+
+      return rej(new Error('Connect did not timeout'))
+    })
+  })
+}
+
+describe('Test plugin websocket', function () {
+  let server: PeerTubeServer
+  const basePaths = [
+    '/plugins/test-websocket/ws/',
+    '/plugins/test-websocket/0.0.1/ws/'
+  ]
+
+  before(async function () {
+    this.timeout(30000)
+
+    server = await createSingleServer(1)
+    await setAccessTokensToServers([ server ])
+
+    await server.plugins.install({ path: PluginsCommand.getPluginTestPath('-websocket') })
+  })
+
+  it('Should not connect to the websocket without the appropriate path', async function () {
+    const paths = [
+      '/plugins/unknown/ws/',
+      '/plugins/unknown/0.0.1/ws/'
+    ]
+
+    for (const path of paths) {
+      await expectErrorOrTimeout(server, path, 1000)
+    }
+  })
+
+  it('Should not connect to the websocket without the appropriate sub path', async function () {
+    for (const path of basePaths) {
+      await expectErrorOrTimeout(server, path + '/unknown', 1000)
+    }
+  })
+
+  it('Should connect to the websocket and receive pong', function (done) {
+    const ws = buildWebSocket(server, basePaths[0])
+
+    ws.on('open', () => ws.send('ping'))
+    ws.on('message', data => {
+      if (data.toString() === 'pong') return done()
+    })
+  })
+
+  after(async function () {
+    await cleanupTests([ server ])
+  })
+})
diff --git a/server/tests/shared/actors.ts b/server/tests/shared/actors.ts
index f8f4a5137..41fd72e89 100644
--- a/server/tests/shared/actors.ts
+++ b/server/tests/shared/actors.ts
@@ -2,8 +2,6 @@
 
 import { expect } from 'chai'
 import { pathExists, readdir } from 'fs-extra'
-import { join } from 'path'
-import { root } from '@shared/core-utils'
 import { Account, VideoChannel } from '@shared/models'
 import { PeerTubeServer } from '@shared/server-commands'
 
@@ -31,11 +29,9 @@ async function expectAccountFollows (options: {
   return expectActorFollow({ ...options, data })
 }
 
-async function checkActorFilesWereRemoved (filename: string, serverNumber: number) {
-  const testDirectory = 'test' + serverNumber
-
+async function checkActorFilesWereRemoved (filename: string, server: PeerTubeServer) {
   for (const directory of [ 'avatars' ]) {
-    const directoryPath = join(root(), testDirectory, directory)
+    const directoryPath = server.getDirectoryPath(directory)
 
     const directoryExists = await pathExists(directoryPath)
     expect(directoryExists).to.be.true
diff --git a/server/tests/shared/directories.ts b/server/tests/shared/directories.ts
index c7065a767..90d534a06 100644
--- a/server/tests/shared/directories.ts
+++ b/server/tests/shared/directories.ts
@@ -2,22 +2,18 @@
 
 import { expect } from 'chai'
 import { pathExists, readdir } from 'fs-extra'
-import { join } from 'path'
-import { root } from '@shared/core-utils'
 import { PeerTubeServer } from '@shared/server-commands'
 
 async function checkTmpIsEmpty (server: PeerTubeServer) {
   await checkDirectoryIsEmpty(server, 'tmp', [ 'plugins-global.css', 'hls', 'resumable-uploads' ])
 
-  if (await pathExists(join('test' + server.internalServerNumber, 'tmp', 'hls'))) {
+  if (await pathExists(server.getDirectoryPath('tmp/hls'))) {
     await checkDirectoryIsEmpty(server, 'tmp/hls')
   }
 }
 
 async function checkDirectoryIsEmpty (server: PeerTubeServer, directory: string, exceptions: string[] = []) {
-  const testDirectory = 'test' + server.internalServerNumber
-
-  const directoryPath = join(root(), testDirectory, directory)
+  const directoryPath = server.getDirectoryPath(directory)
 
   const directoryExists = await pathExists(directoryPath)
   expect(directoryExists).to.be.true
diff --git a/server/tests/shared/live.ts b/server/tests/shared/live.ts
index 4bd4786fc..f165832fe 100644
--- a/server/tests/shared/live.ts
+++ b/server/tests/shared/live.ts
@@ -3,39 +3,95 @@
 import { expect } from 'chai'
 import { pathExists, readdir } from 'fs-extra'
 import { join } from 'path'
-import { LiveVideo } from '@shared/models'
-import { PeerTubeServer } from '@shared/server-commands'
+import { wait } from '@shared/core-utils'
+import { LiveVideo, VideoStreamingPlaylistType } from '@shared/models'
+import { ObjectStorageCommand, PeerTubeServer } from '@shared/server-commands'
+import { checkLiveSegmentHash, checkResolutionsInMasterPlaylist } from './streaming-playlists'
 
 async function checkLiveCleanup (server: PeerTubeServer, videoUUID: string, savedResolutions: number[] = []) {
-  let live: LiveVideo
-
-  try {
-    live = await server.live.get({ videoId: videoUUID })
-  } catch {}
-
   const basePath = server.servers.buildDirectory('streaming-playlists')
   const hlsPath = join(basePath, 'hls', videoUUID)
 
   if (savedResolutions.length === 0) {
+    return checkUnsavedLiveCleanup(server, videoUUID, hlsPath)
+  }
+
+  return checkSavedLiveCleanup(hlsPath, savedResolutions)
+}
+
+// ---------------------------------------------------------------------------
 
-    if (live?.permanentLive) {
-      expect(await pathExists(hlsPath)).to.be.true
+async function testVideoResolutions (options: {
+  originServer: PeerTubeServer
+  servers: PeerTubeServer[]
+  liveVideoId: string
+  resolutions: number[]
+  transcoded: boolean
+  objectStorage: boolean
+}) {
+  const { originServer, servers, liveVideoId, resolutions, transcoded, objectStorage } = options
 
-      const hlsFiles = await readdir(hlsPath)
-      expect(hlsFiles).to.have.lengthOf(1) // Only replays directory
+  for (const server of servers) {
+    const { data } = await server.videos.list()
+    expect(data.find(v => v.uuid === liveVideoId)).to.exist
 
-      const replayDir = join(hlsPath, 'replay')
-      expect(await pathExists(replayDir)).to.be.true
+    const video = await server.videos.get({ id: liveVideoId })
+    expect(video.streamingPlaylists).to.have.lengthOf(1)
 
-      const replayFiles = await readdir(join(hlsPath, 'replay'))
-      expect(replayFiles).to.have.lengthOf(0)
-    } else {
-      expect(await pathExists(hlsPath)).to.be.false
+    const hlsPlaylist = video.streamingPlaylists.find(s => s.type === VideoStreamingPlaylistType.HLS)
+    expect(hlsPlaylist).to.exist
+    expect(hlsPlaylist.files).to.have.lengthOf(0) // Only fragmented mp4 files are displayed
+
+    await checkResolutionsInMasterPlaylist({ server, playlistUrl: hlsPlaylist.playlistUrl, resolutions, transcoded })
+
+    if (objectStorage) {
+      expect(hlsPlaylist.playlistUrl).to.contain(ObjectStorageCommand.getPlaylistBaseUrl())
     }
 
-    return
+    for (let i = 0; i < resolutions.length; i++) {
+      const segmentNum = 3
+      const segmentName = `${i}-00000${segmentNum}.ts`
+      await originServer.live.waitUntilSegmentGeneration({ videoUUID: video.uuid, playlistNumber: i, segment: segmentNum })
+
+      const baseUrl = objectStorage
+        ? ObjectStorageCommand.getPlaylistBaseUrl() + 'hls'
+        : originServer.url + '/static/streaming-playlists/hls'
+
+      if (objectStorage) {
+        await originServer.live.waitUntilSegmentUpload({ playlistNumber: i, segment: segmentNum })
+        await wait(1000)
+
+        expect(hlsPlaylist.segmentsSha256Url).to.contain(ObjectStorageCommand.getPlaylistBaseUrl())
+      }
+
+      const subPlaylist = await originServer.streamingPlaylists.get({
+        url: `${baseUrl}/${video.uuid}/${i}.m3u8`,
+        withRetry: objectStorage // With object storage, the request may fail because of inconsistent data in S3
+      })
+
+      expect(subPlaylist).to.contain(segmentName)
+
+      await checkLiveSegmentHash({
+        server,
+        baseUrlSegment: baseUrl,
+        videoUUID: video.uuid,
+        segmentName,
+        hlsPlaylist
+      })
+    }
   }
+}
+
+// ---------------------------------------------------------------------------
+
+export {
+  checkLiveCleanup,
+  testVideoResolutions
+}
 
+// ---------------------------------------------------------------------------
+
+async function checkSavedLiveCleanup (hlsPath: string, savedResolutions: number[] = []) {
   const files = await readdir(hlsPath)
 
   // fragmented file and playlist per resolution + master playlist + segments sha256 json file
@@ -56,6 +112,27 @@ async function checkLiveCleanup (server: PeerTubeServer, videoUUID: string, save
   expect(shaFile).to.exist
 }
 
-export {
-  checkLiveCleanup
+async function checkUnsavedLiveCleanup (server: PeerTubeServer, videoUUID: string, hlsPath: string) {
+  let live: LiveVideo
+
+  try {
+    live = await server.live.get({ videoId: videoUUID })
+  } catch {}
+
+  if (live?.permanentLive) {
+    expect(await pathExists(hlsPath)).to.be.true
+
+    const hlsFiles = await readdir(hlsPath)
+    expect(hlsFiles).to.have.lengthOf(1) // Only replays directory
+
+    const replayDir = join(hlsPath, 'replay')
+    expect(await pathExists(replayDir)).to.be.true
+
+    const replayFiles = await readdir(join(hlsPath, 'replay'))
+    expect(replayFiles).to.have.lengthOf(0)
+
+    return
+  }
+
+  expect(await pathExists(hlsPath)).to.be.false
 }
diff --git a/server/tests/shared/playlists.ts b/server/tests/shared/playlists.ts
index fdd541d20..8db303fd8 100644
--- a/server/tests/shared/playlists.ts
+++ b/server/tests/shared/playlists.ts
@@ -1,17 +1,14 @@
 import { expect } from 'chai'
 import { readdir } from 'fs-extra'
-import { join } from 'path'
-import { root } from '@shared/core-utils'
+import { PeerTubeServer } from '@shared/server-commands'
 
 async function checkPlaylistFilesWereRemoved (
   playlistUUID: string,
-  internalServerNumber: number,
+  server: PeerTubeServer,
   directories = [ 'thumbnails' ]
 ) {
-  const testDirectory = 'test' + internalServerNumber
-
   for (const directory of directories) {
-    const directoryPath = join(root(), testDirectory, directory)
+    const directoryPath = server.getDirectoryPath(directory)
 
     const files = await readdir(directoryPath)
     for (const file of files) {
diff --git a/server/tests/shared/streaming-playlists.ts b/server/tests/shared/streaming-playlists.ts
index 4d82b3654..eff34944b 100644
--- a/server/tests/shared/streaming-playlists.ts
+++ b/server/tests/shared/streaming-playlists.ts
@@ -26,7 +26,7 @@ async function checkSegmentHash (options: {
   const offset = parseInt(matches[2], 10)
   const range = `${offset}-${offset + length - 1}`
 
-  const segmentBody = await command.getSegment({
+  const segmentBody = await command.getFragmentedSegment({
     url: `${baseUrlSegment}/${videoName}`,
     expectedStatus: HttpStatusCode.PARTIAL_CONTENT_206,
     range: `bytes=${range}`
@@ -46,7 +46,7 @@ async function checkLiveSegmentHash (options: {
   const { server, baseUrlSegment, videoUUID, segmentName, hlsPlaylist } = options
   const command = server.streamingPlaylists
 
-  const segmentBody = await command.getSegment({ url: `${baseUrlSegment}/${videoUUID}/${segmentName}` })
+  const segmentBody = await command.getFragmentedSegment({ url: `${baseUrlSegment}/${videoUUID}/${segmentName}` })
   const shaBody = await command.getSegmentSha256({ url: hlsPlaylist.segmentsSha256Url })
 
   expect(sha256(segmentBody)).to.equal(shaBody[segmentName])
@@ -56,15 +56,16 @@ async function checkResolutionsInMasterPlaylist (options: {
   server: PeerTubeServer
   playlistUrl: string
   resolutions: number[]
+  transcoded?: boolean // default true
 }) {
-  const { server, playlistUrl, resolutions } = options
+  const { server, playlistUrl, resolutions, transcoded = true } = options
 
   const masterPlaylist = await server.streamingPlaylists.get({ url: playlistUrl })
 
   for (const resolution of resolutions) {
-    const reg = new RegExp(
-      '#EXT-X-STREAM-INF:BANDWIDTH=\\d+,RESOLUTION=\\d+x' + resolution + ',(FRAME-RATE=\\d+,)?CODECS="avc1.64001f,mp4a.40.2"'
-    )
+    const reg = transcoded
+      ? new RegExp('#EXT-X-STREAM-INF:BANDWIDTH=\\d+,RESOLUTION=\\d+x' + resolution + ',(FRAME-RATE=\\d+,)?CODECS="avc1.64001f,mp4a.40.2"')
+      : new RegExp('#EXT-X-STREAM-INF:BANDWIDTH=\\d+,RESOLUTION=\\d+x' + resolution + '')
 
     expect(masterPlaylist).to.match(reg)
   }