From 48f07b4a4091cb10dc4d179118e155f3a118dca8 Mon Sep 17 00:00:00 2001 From: Chocobozzz Date: Fri, 26 Apr 2019 08:50:52 +0200 Subject: All API tests in parallel --- server/tests/api/activitypub/security.ts | 106 +++++++++++++++++-------------- 1 file changed, 58 insertions(+), 48 deletions(-) (limited to 'server/tests/api/activitypub/security.ts') diff --git a/server/tests/api/activitypub/security.ts b/server/tests/api/activitypub/security.ts index 11e6859bf..dc960c5c3 100644 --- a/server/tests/api/activitypub/security.ts +++ b/server/tests/api/activitypub/security.ts @@ -3,9 +3,9 @@ import 'mocha' import { + cleanupTests, closeAllSequelize, flushAndRunMultipleServers, - flushTests, killallServers, ServerInfo, setActorField @@ -18,18 +18,26 @@ import { makeFollowRequest, makePOSTAPRequest } from '../../../../shared/extra-u const expect = chai.expect -function setKeysOfServer2 (serverNumber: number, publicKey: string, privateKey: string) { +function setKeysOfServer (onServer: ServerInfo, ofServer: ServerInfo, publicKey: string, privateKey: string) { return Promise.all([ - setActorField(serverNumber, 'http://localhost:9002/accounts/peertube', 'publicKey', publicKey), - setActorField(serverNumber, 'http://localhost:9002/accounts/peertube', 'privateKey', privateKey) + setActorField(onServer.internalServerNumber, 'http://localhost:' + ofServer.port + '/accounts/peertube', 'publicKey', publicKey), + setActorField(onServer.internalServerNumber, 'http://localhost:' + ofServer.port + '/accounts/peertube', 'privateKey', privateKey) ]) } -function setKeysOfServer3 (serverNumber: number, publicKey: string, privateKey: string) { - return Promise.all([ - setActorField(serverNumber, 'http://localhost:9003/accounts/peertube', 'publicKey', publicKey), - setActorField(serverNumber, 'http://localhost:9003/accounts/peertube', 'privateKey', privateKey) - ]) +function getAnnounceWithoutContext (server2: ServerInfo) { + const json = require('./json/peertube/announce-without-context.json') + const result: typeof json = {} + + for (const key of Object.keys(json)) { + if (Array.isArray(json[key])) { + result[key] = json[key].map(v => v.replace(':9002', `:${server2.port}`)) + } else { + result[ key ] = json[ key ].replace(':9002', `:${server2.port}`) + } + } + + return result } describe('Test ActivityPub security', function () { @@ -38,13 +46,13 @@ describe('Test ActivityPub security', function () { const keys = require('./json/peertube/keys.json') const invalidKeys = require('./json/peertube/invalid-keys.json') - const baseHttpSignature = { + const baseHttpSignature = () => ({ algorithm: HTTP_SIGNATURE.ALGORITHM, authorizationHeaderName: HTTP_SIGNATURE.HEADER_NAME, - keyId: 'acct:peertube@localhost:9002', + keyId: 'acct:peertube@localhost:' + servers[1].port, key: keys.privateKey, headers: HTTP_SIGNATURE.HEADERS_TO_SIGN - } + }) // --------------------------------------------------------------- @@ -55,56 +63,56 @@ describe('Test ActivityPub security', function () { url = servers[0].url + '/inbox' - await setKeysOfServer2(1, keys.publicKey, keys.privateKey) + await setKeysOfServer(servers[0], servers[1], keys.publicKey, keys.privateKey) - const to = { url: 'http://localhost:9001/accounts/peertube' } - const by = { url: 'http://localhost:9002/accounts/peertube', privateKey: keys.privateKey } + const to = { url: 'http://localhost:' + servers[0].port + '/accounts/peertube' } + const by = { url: 'http://localhost:' + servers[1].port + '/accounts/peertube', privateKey: keys.privateKey } await makeFollowRequest(to, by) }) describe('When checking HTTP signature', function () { it('Should fail with an invalid digest', async function () { - const body = activityPubContextify(require('./json/peertube/announce-without-context.json')) + const body = activityPubContextify(getAnnounceWithoutContext(servers[1])) const headers = { Digest: buildDigest({ hello: 'coucou' }) } - const { response } = await makePOSTAPRequest(url, body, baseHttpSignature, headers) + const { response } = await makePOSTAPRequest(url, body, baseHttpSignature(), headers) expect(response.statusCode).to.equal(403) }) it('Should fail with an invalid date', async function () { - const body = activityPubContextify(require('./json/peertube/announce-without-context.json')) + const body = activityPubContextify(getAnnounceWithoutContext(servers[1])) const headers = buildGlobalHeaders(body) headers['date'] = 'Wed, 21 Oct 2015 07:28:00 GMT' - const { response } = await makePOSTAPRequest(url, body, baseHttpSignature, headers) + const { response } = await makePOSTAPRequest(url, body, baseHttpSignature(), headers) expect(response.statusCode).to.equal(403) }) it('Should fail with bad keys', async function () { - await setKeysOfServer2(1, invalidKeys.publicKey, invalidKeys.privateKey) - await setKeysOfServer2(2, invalidKeys.publicKey, invalidKeys.privateKey) + await setKeysOfServer(servers[0], servers[1], invalidKeys.publicKey, invalidKeys.privateKey) + await setKeysOfServer(servers[1], servers[1], invalidKeys.publicKey, invalidKeys.privateKey) - const body = activityPubContextify(require('./json/peertube/announce-without-context.json')) + const body = activityPubContextify(getAnnounceWithoutContext(servers[1])) const headers = buildGlobalHeaders(body) - const { response } = await makePOSTAPRequest(url, body, baseHttpSignature, headers) + const { response } = await makePOSTAPRequest(url, body, baseHttpSignature(), headers) expect(response.statusCode).to.equal(403) }) it('Should succeed with a valid HTTP signature', async function () { - await setKeysOfServer2(1, keys.publicKey, keys.privateKey) - await setKeysOfServer2(2, keys.publicKey, keys.privateKey) + await setKeysOfServer(servers[0], servers[1], keys.publicKey, keys.privateKey) + await setKeysOfServer(servers[1], servers[1], keys.publicKey, keys.privateKey) - const body = activityPubContextify(require('./json/peertube/announce-without-context.json')) + const body = activityPubContextify(getAnnounceWithoutContext(servers[1])) const headers = buildGlobalHeaders(body) - const { response } = await makePOSTAPRequest(url, body, baseHttpSignature, headers) + const { response } = await makePOSTAPRequest(url, body, baseHttpSignature(), headers) expect(response.statusCode).to.equal(204) }) @@ -112,28 +120,28 @@ describe('Test ActivityPub security', function () { describe('When checking Linked Data Signature', function () { before(async () => { - await setKeysOfServer3(3, keys.publicKey, keys.privateKey) + await setKeysOfServer(servers[2], servers[2], keys.publicKey, keys.privateKey) - const to = { url: 'http://localhost:9001/accounts/peertube' } - const by = { url: 'http://localhost:9003/accounts/peertube', privateKey: keys.privateKey } + const to = { url: 'http://localhost:' + servers[0].port + '/accounts/peertube' } + const by = { url: 'http://localhost:' + servers[2].port + '/accounts/peertube', privateKey: keys.privateKey } await makeFollowRequest(to, by) }) it('Should fail with bad keys', async function () { this.timeout(10000) - await setKeysOfServer3(1, invalidKeys.publicKey, invalidKeys.privateKey) - await setKeysOfServer3(3, invalidKeys.publicKey, invalidKeys.privateKey) + await setKeysOfServer(servers[0], servers[2], invalidKeys.publicKey, invalidKeys.privateKey) + await setKeysOfServer(servers[2], servers[2], invalidKeys.publicKey, invalidKeys.privateKey) - const body = require('./json/peertube/announce-without-context.json') - body.actor = 'http://localhost:9003/accounts/peertube' + const body = getAnnounceWithoutContext(servers[1]) + body.actor = 'http://localhost:' + servers[2].port + '/accounts/peertube' - const signer: any = { privateKey: invalidKeys.privateKey, url: 'http://localhost:9003/accounts/peertube' } + const signer: any = { privateKey: invalidKeys.privateKey, url: 'http://localhost:' + servers[2].port + '/accounts/peertube' } const signedBody = await buildSignedActivity(signer, body) const headers = buildGlobalHeaders(signedBody) - const { response } = await makePOSTAPRequest(url, signedBody, baseHttpSignature, headers) + const { response } = await makePOSTAPRequest(url, signedBody, baseHttpSignature(), headers) expect(response.statusCode).to.equal(403) }) @@ -141,20 +149,20 @@ describe('Test ActivityPub security', function () { it('Should fail with an altered body', async function () { this.timeout(10000) - await setKeysOfServer3(1, keys.publicKey, keys.privateKey) - await setKeysOfServer3(3, keys.publicKey, keys.privateKey) + await setKeysOfServer(servers[0], servers[2], keys.publicKey, keys.privateKey) + await setKeysOfServer(servers[0], servers[2], keys.publicKey, keys.privateKey) - const body = require('./json/peertube/announce-without-context.json') - body.actor = 'http://localhost:9003/accounts/peertube' + const body = getAnnounceWithoutContext(servers[1]) + body.actor = 'http://localhost:' + servers[2].port + '/accounts/peertube' - const signer: any = { privateKey: keys.privateKey, url: 'http://localhost:9003/accounts/peertube' } + const signer: any = { privateKey: keys.privateKey, url: 'http://localhost:' + servers[2].port + '/accounts/peertube' } const signedBody = await buildSignedActivity(signer, body) - signedBody.actor = 'http://localhost:9003/account/peertube' + signedBody.actor = 'http://localhost:' + servers[2].port + '/account/peertube' const headers = buildGlobalHeaders(signedBody) - const { response } = await makePOSTAPRequest(url, signedBody, baseHttpSignature, headers) + const { response } = await makePOSTAPRequest(url, signedBody, baseHttpSignature(), headers) expect(response.statusCode).to.equal(403) }) @@ -162,22 +170,24 @@ describe('Test ActivityPub security', function () { it('Should succeed with a valid signature', async function () { this.timeout(10000) - const body = require('./json/peertube/announce-without-context.json') - body.actor = 'http://localhost:9003/accounts/peertube' + const body = getAnnounceWithoutContext(servers[1]) + body.actor = 'http://localhost:' + servers[2].port + '/accounts/peertube' - const signer: any = { privateKey: keys.privateKey, url: 'http://localhost:9003/accounts/peertube' } + const signer: any = { privateKey: keys.privateKey, url: 'http://localhost:' + servers[2].port + '/accounts/peertube' } const signedBody = await buildSignedActivity(signer, body) const headers = buildGlobalHeaders(signedBody) - const { response } = await makePOSTAPRequest(url, signedBody, baseHttpSignature, headers) + const { response } = await makePOSTAPRequest(url, signedBody, baseHttpSignature(), headers) expect(response.statusCode).to.equal(204) }) }) after(async function () { - killallServers(servers) + this.timeout(10000) + + await cleanupTests(servers) await closeAllSequelize(servers) }) -- cgit v1.2.3