Nemcio/NodeBB
1
0
Fork 0
mirror of https://github.com/NodeBB/NodeBB.git synced 2026-02-26 08:31:22 +01:00
Code Issues Packages Projects Releases Wiki Activity

fix: broken call to request lib, tests

Browse Source
This commit is contained in:
Julian Lam
2023-12-21 14:38:16 -05:00
parent 00bda0688d
commit 8d79617044
4 changed files with 36 additions and 118 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/activitypub/helpers.js
View File

@@ -71,14 +71,6 @@ Helpers.resolveLocalUid = async (input) => {
if (process.env.CI === 'true') { if (process.env.CI === 'true') {
protocols.push('http'); protocols.push('http');
} }
console.log(input, nconf.get('url'), nconf.get('url_parsed'), protocols, validator.isURL(input, {
require_protocol: true,
require_host: true,
require_tld: false,
protocols,
require_valid_protocol: true,
}), nconf.get('ci'));
if (validator.isURL(input, { if (validator.isURL(input, {
require_protocol: true, require_protocol: true,
require_host: true, require_host: true,

4
src/activitypub/index.js
View File

@@ -82,12 +82,10 @@ ActivityPub.getPrivateKey = async (uid) => {
ActivityPub.fetchPublicKey = async (uri) => { ActivityPub.fetchPublicKey = async (uri) => {
// Used for retrieving the public key from the passed-in keyId uri // Used for retrieving the public key from the passed-in keyId uri
const { body } = await request.get({ const { body } = await request.get(uri, {
uri,
headers: { headers: {
Accept: 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"', Accept: 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"',
}, },
json: true,
}); });
return body.publicKey; return body.publicKey;

103
test/activitypub.js
View File

@@ -3,11 +3,11 @@
const assert = require('assert'); const assert = require('assert');
const { createHash } = require('crypto'); const { createHash } = require('crypto');
const nconf = require('nconf'); const nconf = require('nconf');
const request = require('request-promise-native');
const db = require('./mocks/databasemock'); const db = require('./mocks/databasemock');
const slugify = require('../src/slugify'); const slugify = require('../src/slugify');
const utils = require('../src/utils'); const utils = require('../src/utils');
const request = require('../src/request');
const meta = require('../src/meta'); const meta = require('../src/meta');
const user = require('../src/user'); const user = require('../src/user');
@@ -34,26 +34,14 @@ describe('ActivityPub integration', () => {
}); });
it('should return a 404 Not Found if no user exists by that username', async () => { it('should return a 404 Not Found if no user exists by that username', async () => {
const response = await request(`${nconf.get('url')}/.well-known/webfinger?resource=acct:foobar@${host}`, { const { response } = await request.get(`${nconf.get('url')}/.well-known/webfinger?resource=acct:foobar@${host}`);
method: 'get',
json: true,
followRedirect: true,
simple: false,
resolveWithFullResponse: true,
});
assert(response); assert(response);
assert.strictEqual(response.statusCode, 404); assert.strictEqual(response.statusCode, 404);
}); });
it('should return a 400 Bad Request if the request is malformed', async () => { it('should return a 400 Bad Request if the request is malformed', async () => {
const response = await request(`${nconf.get('url')}/.well-known/webfinger?resource=acct:foobar`, { const { response } = await request.get(`${nconf.get('url')}/.well-known/webfinger?resource=acct:foobar`);
method: 'get',
json: true,
followRedirect: true,
simple: false,
resolveWithFullResponse: true,
});
assert(response); assert(response);
assert.strictEqual(response.statusCode, 400); assert.strictEqual(response.statusCode, 400);
@@ -61,13 +49,7 @@ describe('ActivityPub integration', () => {
it('should return 403 Forbidden if the calling user is not allowed to view the user list/profiles', async () => { it('should return 403 Forbidden if the calling user is not allowed to view the user list/profiles', async () => {
await privileges.global.rescind(['groups:view:users'], 'guests'); await privileges.global.rescind(['groups:view:users'], 'guests');
const response = await request(`${nconf.get('url')}/.well-known/webfinger?resource=acct:${slug}@${host}`, { const { response } = await request.get(`${nconf.get('url')}/.well-known/webfinger?resource=acct:${slug}@${host}`);
method: 'get',
json: true,
followRedirect: true,
simple: false,
resolveWithFullResponse: true,
});
assert(response); assert(response);
assert.strictEqual(response.statusCode, 403); assert.strictEqual(response.statusCode, 403);
@@ -75,28 +57,22 @@ describe('ActivityPub integration', () => {
}); });
it('should return a valid WebFinger response otherwise', async () => { it('should return a valid WebFinger response otherwise', async () => {
const response = await request(`${nconf.get('url')}/.well-known/webfinger?resource=acct:${slug}@${host}`, { const { response, body } = await request.get(`${nconf.get('url')}/.well-known/webfinger?resource=acct:${slug}@${host}`);
method: 'get',
json: true,
followRedirect: true,
simple: false,
resolveWithFullResponse: true,
});
assert(response); assert(response);
assert.strictEqual(response.statusCode, 200); assert.strictEqual(response.statusCode, 200);
['subject', 'aliases', 'links'].forEach((prop) => { ['subject', 'aliases', 'links'].forEach((prop) => {
assert(response.body.hasOwnProperty(prop)); assert(body.hasOwnProperty(prop));
assert(response.body[prop]); assert(body[prop]);
}); });
assert.strictEqual(response.body.subject, `acct:${slug}@${host}`); assert.strictEqual(body.subject, `acct:${slug}@${host}`);
assert(Array.isArray(response.body.aliases)); assert(Array.isArray(body.aliases));
assert([`${nconf.get('url')}/uid/${uid}`, `${nconf.get('url')}/user/${slug}`].every(url => response.body.aliases.includes(url))); assert([`${nconf.get('url')}/uid/${uid}`, `${nconf.get('url')}/user/${slug}`].every(url => body.aliases.includes(url)));
assert(Array.isArray(response.body.links)); assert(Array.isArray(body.links));
}); });
}); });
@@ -159,11 +135,7 @@ describe('ActivityPub integration', () => {
it('should return regular user profile html if federation is disabled', async () => { it('should return regular user profile html if federation is disabled', async () => {
delete meta.config.activitypubEnabled; delete meta.config.activitypubEnabled;
const response = await request(`${nconf.get('url')}/user/${slug}`, { const { response, body } = await request.get(`${nconf.get('url')}/user/${slug}`, {
method: 'get',
followRedirect: true,
simple: false,
resolveWithFullResponse: true,
headers: { headers: {
Accept: 'text/html', Accept: 'text/html',
}, },
@@ -171,17 +143,13 @@ describe('ActivityPub integration', () => {
assert(response); assert(response);
assert.strictEqual(response.statusCode, 200); assert.strictEqual(response.statusCode, 200);
assert(response.body.startsWith('<!DOCTYPE html>')); assert(body.startsWith('<!DOCTYPE html>'));
meta.config.activitypubEnabled = 1; meta.config.activitypubEnabled = 1;
}); });
it('should return regular user profile html if Accept header is not ActivityPub-related', async () => { it('should return regular user profile html if Accept header is not ActivityPub-related', async () => {
const response = await request(`${nconf.get('url')}/user/${slug}`, { const { response, body } = await request.get(`${nconf.get('url')}/user/${slug}`, {
method: 'get',
followRedirect: true,
simple: false,
resolveWithFullResponse: true,
headers: { headers: {
Accept: 'text/html', Accept: 'text/html',
}, },
@@ -189,16 +157,11 @@ describe('ActivityPub integration', () => {
assert(response); assert(response);
assert.strictEqual(response.statusCode, 200); assert.strictEqual(response.statusCode, 200);
assert(response.body.startsWith('<!DOCTYPE html>')); assert(body.startsWith('<!DOCTYPE html>'));
}); });
it('should return the ActivityPub Actor JSON-LD payload if the correct Accept header is provided', async () => { it('should return the ActivityPub Actor JSON-LD payload if the correct Accept header is provided', async () => {
const response = await request(`${nconf.get('url')}/user/${slug}`, { const { response, body } = await request.get(`${nconf.get('url')}/user/${slug}`, {
method: 'get',
json: true,
followRedirect: true,
simple: false,
resolveWithFullResponse: true,
headers: { headers: {
Accept: 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"', Accept: 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"',
}, },
@@ -206,8 +169,8 @@ describe('ActivityPub integration', () => {
assert(response); assert(response);
assert.strictEqual(response.statusCode, 200); assert.strictEqual(response.statusCode, 200);
assert(response.body.hasOwnProperty('@context')); assert(body.hasOwnProperty('@context'));
assert(response.body['@context'].includes('https://www.w3.org/ns/activitystreams')); assert(body['@context'].includes('https://www.w3.org/ns/activitystreams'));
}); });
}); });
@@ -221,12 +184,7 @@ describe('ActivityPub integration', () => {
}); });
it('should return a valid ActivityPub Actor JSON-LD payload', async () => { it('should return a valid ActivityPub Actor JSON-LD payload', async () => {
const response = await request(`${nconf.get('url')}/user/${slug}`, { const { response, body } = await request.get(`${nconf.get('url')}/user/${slug}`, {
method: 'get',
json: true,
followRedirect: true,
simple: false,
resolveWithFullResponse: true,
headers: { headers: {
Accept: 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"', Accept: 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"',
}, },
@@ -234,32 +192,27 @@ describe('ActivityPub integration', () => {
assert(response); assert(response);
assert.strictEqual(response.statusCode, 200); assert.strictEqual(response.statusCode, 200);
assert(response.body.hasOwnProperty('@context')); assert(body.hasOwnProperty('@context'));
assert(response.body['@context'].includes('https://www.w3.org/ns/activitystreams')); assert(body['@context'].includes('https://www.w3.org/ns/activitystreams'));
['id', 'url', 'followers', 'following', 'inbox', 'outbox'].forEach((prop) => { ['id', 'url', 'followers', 'following', 'inbox', 'outbox'].forEach((prop) => {
assert(response.body.hasOwnProperty(prop)); assert(body.hasOwnProperty(prop));
assert(response.body[prop]); assert(body[prop]);
}); });
assert.strictEqual(response.body.id, response.body.url); assert.strictEqual(body.id, body.url);
assert.strictEqual(response.body.type, 'Person'); assert.strictEqual(body.type, 'Person');
}); });
it('should contain a `publicKey` property with a public key', async () => { it('should contain a `publicKey` property with a public key', async () => {
const response = await request(`${nconf.get('url')}/user/${slug}`, { const { response, body } = await request.get(`${nconf.get('url')}/user/${slug}`, {
method: 'get',
json: true,
followRedirect: true,
simple: false,
resolveWithFullResponse: true,
headers: { headers: {
Accept: 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"', Accept: 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"',
}, },
}); });
assert(response.body.hasOwnProperty('publicKey')); assert(body.hasOwnProperty('publicKey'));
assert(['id', 'owner', 'publicKeyPem'].every(prop => response.body.publicKey.hasOwnProperty(prop))); assert(['id', 'owner', 'publicKeyPem'].every(prop => body.publicKey.hasOwnProperty(prop)));
}); });
}); });

39
test/controllers.js
View File

@@ -1876,59 +1876,34 @@ describe('Controllers', () => {
}); });
it('should error if resource parameter is missing', async () => { it('should error if resource parameter is missing', async () => {
const response = await requestAsync(`${nconf.get('url')}/.well-known/webfinger`, { const { response } = await request.get(`${nconf.get('url')}/.well-known/webfinger`);
json: true,
simple: false,
resolveWithFullResponse: true,
});
assert.strictEqual(response.statusCode, 400); assert.strictEqual(response.statusCode, 400);
}); });
it('should error if resource parameter is malformed', async () => { it('should error if resource parameter is malformed', async () => {
const response = await requestAsync(`${nconf.get('url')}/.well-known/webfinger?resource=foobar`, { const { response } = await request.get(`${nconf.get('url')}/.well-known/webfinger?resource=foobar`);
json: true,
simple: false,
resolveWithFullResponse: true,
});
assert.strictEqual(response.statusCode, 400); assert.strictEqual(response.statusCode, 400);
}); });
it('should deny access if view:users privilege is not enabled for guests', async () => { it('should deny access if view:users privilege is not enabled for guests', async () => {
await privileges.global.rescind(['groups:view:users'], 'guests'); await privileges.global.rescind(['groups:view:users'], 'guests');
const response = await requestAsync(`${nconf.get('url')}/.well-known/webfinger?resource=acct:${username}@${nconf.get('url_parsed').host}`, { const { response } = await request.get(`${nconf.get('url')}/.well-known/webfinger?resource=acct:${username}@${nconf.get('url_parsed').host}`);
json: true,
simple: false,
resolveWithFullResponse: true,
});
assert.strictEqual(response.statusCode, 403); assert.strictEqual(response.statusCode, 403);
await privileges.global.give(['groups:view:users'], 'guests'); await privileges.global.give(['groups:view:users'], 'guests');
}); });
it('should respond appropriately if the user requested does not exist locally', async () => { it('should respond appropriately if the user requested does not exist locally', async () => {
const response = await requestAsync(`${nconf.get('url')}/.well-known/webfinger?resource=acct:foobar@${nconf.get('url_parsed').host}`, { const { response } = await request.get(`${nconf.get('url')}/.well-known/webfinger?resource=acct:foobar@${nconf.get('url_parsed').host}`);
json: true,
simple: false,
resolveWithFullResponse: true,
});
assert.strictEqual(response.statusCode, 404); assert.strictEqual(response.statusCode, 404);
}); });
it('should return a valid webfinger response if the user exists', async () => { it('should return a valid webfinger response if the user exists', async () => {
const response = await requestAsync(`${nconf.get('url')}/.well-known/webfinger?resource=acct:${username}@${nconf.get('url_parsed').host}`, { const { response, body } = await request.get(`${nconf.get('url')}/.well-known/webfinger?resource=acct:${username}@${nconf.get('url_parsed').host}`);
json: true,
simple: false,
resolveWithFullResponse: true,
});
assert.strictEqual(response.statusCode, 200); assert.strictEqual(response.statusCode, 200);
assert(['subject', 'aliases', 'links'].every(prop => response.body.hasOwnProperty(prop))); assert(['subject', 'aliases', 'links'].every(prop => body.hasOwnProperty(prop)));
assert(response.body.subject, `acct:${username}@${nconf.get('url_parsed').host}`); assert(body.subject, `acct:${username}@${nconf.get('url_parsed').host}`);
}); });
}); });
}); });