akkoma/test/pleroma/web/plugs/http_signature_plug_test.exs

# Pleroma: A lightweight social networking server
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only

defmodule Pleroma.Web.Plugs.HTTPSignaturePlugTest do
  use Pleroma.Web.ConnCase, async: false
  import Pleroma.Factory
  alias Pleroma.Web.Plugs.HTTPSignaturePlug
  alias Pleroma.Instances.Instance
  alias Pleroma.Repo

  import Plug.Conn
  import Phoenix.Controller, only: [put_format: 2]
  import Mock

  setup_with_mocks([
    {HTTPSignatures, [],
     [
       signature_for_conn: fn _ ->
         %{"keyId" => "http://mastodon.example.org/users/admin#main-key"}
       end,
       validate_conn: fn conn ->
         Map.get(conn.assigns, :valid_signature, true)
       end
     ]}
  ]) do
    :ok
  end

  defp submit_to_plug(host), do: submit_to_plug(host, :get, "/doesntmattter")

  defp submit_to_plug(host, method, path) do
    params = %{"actor" => "http://#{host}/users/admin"}

    build_conn(method, path, params)
    |> put_req_header(
      "signature",
      "keyId=\"http://#{host}/users/admin#main-key"
    )
    |> put_format("activity+json")
    |> HTTPSignaturePlug.call(%{})
  end

  test "it call HTTPSignatures to check validity if the actor signed it" do
    params = %{"actor" => "http://mastodon.example.org/users/admin"}
    conn = build_conn(:get, "/doesntmattter", params)

    conn =
      conn
      |> put_req_header(
        "signature",
        "keyId=\"http://mastodon.example.org/users/admin#main-key"
      )
      |> put_format("activity+json")
      |> HTTPSignaturePlug.call(%{})

    assert conn.assigns.valid_signature == true
    assert conn.assigns.signature_actor_id == params["actor"]
    assert conn.halted == false
    assert called(HTTPSignatures.validate_conn(:_))
  end

  test "it sets request signatures property on the instance" do
    host = "mastodon.example.org"
    conn = submit_to_plug(host)
    assert conn.assigns.valid_signature == true
    instance = Repo.get_by(Instance, %{host: host})
    assert instance.has_request_signatures
  end

  test "it does not set request signatures property on the instance when using inbox" do
    host = "mastodon.example.org"
    conn = submit_to_plug(host, :post, "/inbox")
    assert conn.assigns.valid_signature == true

    # we don't even create the instance entry if its just POST /inbox
    refute Repo.get_by(Instance, %{host: host})
  end

  test "it does not set request signatures property on the instance when its cached" do
    host = "mastodon.example.org"
    Cachex.put(:request_signatures_cache, host, true)
    conn = submit_to_plug(host)
    assert conn.assigns.valid_signature == true

    # we don't even create the instance entry if it was already done
    refute Repo.get_by(Instance, %{host: host})
  end

  describe "requires a signature when `authorized_fetch_mode` is enabled" do
    setup do
      clear_config([:activitypub, :authorized_fetch_mode], true)

      params = %{"actor" => "http://mastodon.example.org/users/admin"}
      conn = build_conn(:get, "/doesntmattter", params) |> put_format("activity+json")

      [conn: conn]
    end

    test "and signature is present and incorrect", %{conn: conn} do
      conn =
        conn
        |> assign(:valid_signature, false)
        |> put_req_header(
          "signature",
          "keyId=\"http://mastodon.example.org/users/admin#main-key"
        )
        |> HTTPSignaturePlug.call(%{})

      assert conn.assigns.valid_signature == false
      assert called(HTTPSignatures.validate_conn(:_))
    end

    test "and signature is correct", %{conn: conn} do
      conn =
        conn
        |> put_req_header(
          "signature",
          "keyId=\"http://mastodon.example.org/users/admin#main-key"
        )
        |> HTTPSignaturePlug.call(%{})

      assert conn.assigns.valid_signature == true
      assert called(HTTPSignatures.validate_conn(:_))
    end

    test "and halts the connection when `signature` header is not present", %{conn: conn} do
      conn = HTTPSignaturePlug.call(conn, %{})
      assert conn.assigns[:valid_signature] == nil
    end
  end

  test "aliases redirected /object endpoints", _ do
    obj = insert(:note)
    act = insert(:note_activity, note: obj)
    params = %{"actor" => "someparam"}
    path = URI.parse(obj.data["id"]).path
    conn = build_conn(:get, path, params)

    assert ["/notice/#{act.id}", "/notice/#{act.id}?actor=someparam"] ==
             HTTPSignaturePlug.route_aliases(conn)
  end
end
tests: add legal boilerplate 2018-12-23 20:11:29 +00:00			`# Pleroma: A lightweight social networking server`
Add Signed Fetch Statistics (#312) Close #304. Notes: - This patch was made on top of Pleroma develop, so I created a separate cachex worker for request signature actions, instead of Akkoma's instance cache. If that is a merge blocker, I can attempt to move logic around for that. - Regarding the `has_request_signatures: true -> false` state transition: I think that is a higher level thing (resetting instance state on new instance actor key) which is separate from the changes relevant to this one. Co-authored-by: Luna <git@l4.pm> Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/312 Co-authored-by: @luna@f.l4.pm <akkoma@l4.pm> Co-committed-by: @luna@f.l4.pm <akkoma@l4.pm> 2022-11-26 19:22:56 +00:00			`# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>`
tests: add legal boilerplate 2018-12-23 20:11:29 +00:00			`# SPDX-License-Identifier: AGPL-3.0-only`

Fail faster. 2018-04-02 11:13:14 +00:00			`defmodule Pleroma.Web.Plugs.HTTPSignaturePlugTest do`
Add Signed Fetch Statistics (#312) Close #304. Notes: - This patch was made on top of Pleroma develop, so I created a separate cachex worker for request signature actions, instead of Akkoma's instance cache. If that is a merge blocker, I can attempt to move logic around for that. - Regarding the `has_request_signatures: true -> false` state transition: I think that is a higher level thing (resetting instance state on new instance actor key) which is separate from the changes relevant to this one. Co-authored-by: Luna <git@l4.pm> Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/312 Co-authored-by: @luna@f.l4.pm <akkoma@l4.pm> Co-committed-by: @luna@f.l4.pm <akkoma@l4.pm> 2022-11-26 19:22:56 +00:00			`use Pleroma.Web.ConnCase, async: false`
/notice signing checks on redirect (#150) Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/150 2022-08-05 19:31:32 +00:00			`import Pleroma.Factory`
Fail faster. 2018-04-02 11:13:14 +00:00			`alias Pleroma.Web.Plugs.HTTPSignaturePlug`
Add Signed Fetch Statistics (#312) Close #304. Notes: - This patch was made on top of Pleroma develop, so I created a separate cachex worker for request signature actions, instead of Akkoma's instance cache. If that is a merge blocker, I can attempt to move logic around for that. - Regarding the `has_request_signatures: true -> false` state transition: I think that is a higher level thing (resetting instance state on new instance actor key) which is separate from the changes relevant to this one. Co-authored-by: Luna <git@l4.pm> Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/312 Co-authored-by: @luna@f.l4.pm <akkoma@l4.pm> Co-committed-by: @luna@f.l4.pm <akkoma@l4.pm> 2022-11-26 19:22:56 +00:00			`alias Pleroma.Instances.Instance`
			`alias Pleroma.Repo`
Fail faster. 2018-04-02 11:13:14 +00:00
			`import Plug.Conn`
Verify HTTP signatures only when request accepts "activity+json" type 2019-12-19 13:17:18 +00:00			`import Phoenix.Controller, only: [put_format: 2]`
Fail faster. 2018-04-02 11:13:14 +00:00			`import Mock`

Add Signed Fetch Statistics (#312) Close #304. Notes: - This patch was made on top of Pleroma develop, so I created a separate cachex worker for request signature actions, instead of Akkoma's instance cache. If that is a merge blocker, I can attempt to move logic around for that. - Regarding the `has_request_signatures: true -> false` state transition: I think that is a higher level thing (resetting instance state on new instance actor key) which is separate from the changes relevant to this one. Co-authored-by: Luna <git@l4.pm> Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/312 Co-authored-by: @luna@f.l4.pm <akkoma@l4.pm> Co-committed-by: @luna@f.l4.pm <akkoma@l4.pm> 2022-11-26 19:22:56 +00:00			`setup_with_mocks([`
			`{HTTPSignatures, [],`
			`[`
			`signature_for_conn: fn _ ->`
			`%{"keyId" => "http://mastodon.example.org/users/admin#main-key"}`
			`end,`
			`validate_conn: fn conn ->`
			`Map.get(conn.assigns, :valid_signature, true)`
			`end`
			`]}`
			`]) do`
			`:ok`
			`end`

			`defp submit_to_plug(host), do: submit_to_plug(host, :get, "/doesntmattter")`

			`defp submit_to_plug(host, method, path) do`
			`params = %{"actor" => "http://#{host}/users/admin"}`

			`build_conn(method, path, params)`
			`\|> put_req_header(`
			`"signature",`
			`"keyId=\"http://#{host}/users/admin#main-key"`
			`)`
			`\|> put_format("activity+json")`
			`\|> HTTPSignaturePlug.call(%{})`
			`end`

			`test "it call HTTPSignatures to check validity if the actor signed it" do`
Fail faster. 2018-04-02 11:13:14 +00:00			`params = %{"actor" => "http://mastodon.example.org/users/admin"}`
			`conn = build_conn(:get, "/doesntmattter", params)`

Add Signed Fetch Statistics (#312) Close #304. Notes: - This patch was made on top of Pleroma develop, so I created a separate cachex worker for request signature actions, instead of Akkoma's instance cache. If that is a merge blocker, I can attempt to move logic around for that. - Regarding the `has_request_signatures: true -> false` state transition: I think that is a higher level thing (resetting instance state on new instance actor key) which is separate from the changes relevant to this one. Co-authored-by: Luna <git@l4.pm> Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/312 Co-authored-by: @luna@f.l4.pm <akkoma@l4.pm> Co-committed-by: @luna@f.l4.pm <akkoma@l4.pm> 2022-11-26 19:22:56 +00:00			`conn =`
			`conn`
			`\|> put_req_header(`
			`"signature",`
			`"keyId=\"http://mastodon.example.org/users/admin#main-key"`
			`)`
			`\|> put_format("activity+json")`
			`\|> HTTPSignaturePlug.call(%{})`
Fail faster. 2018-04-02 11:13:14 +00:00
Add Signed Fetch Statistics (#312) Close #304. Notes: - This patch was made on top of Pleroma develop, so I created a separate cachex worker for request signature actions, instead of Akkoma's instance cache. If that is a merge blocker, I can attempt to move logic around for that. - Regarding the `has_request_signatures: true -> false` state transition: I think that is a higher level thing (resetting instance state on new instance actor key) which is separate from the changes relevant to this one. Co-authored-by: Luna <git@l4.pm> Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/312 Co-authored-by: @luna@f.l4.pm <akkoma@l4.pm> Co-committed-by: @luna@f.l4.pm <akkoma@l4.pm> 2022-11-26 19:22:56 +00:00			`assert conn.assigns.valid_signature == true`
			`assert conn.assigns.signature_actor_id == params["actor"]`
			`assert conn.halted == false`
			`assert called(HTTPSignatures.validate_conn(:_))`
			`end`

			`test "it sets request signatures property on the instance" do`
			`host = "mastodon.example.org"`
			`conn = submit_to_plug(host)`
			`assert conn.assigns.valid_signature == true`
			`instance = Repo.get_by(Instance, %{host: host})`
			`assert instance.has_request_signatures`
			`end`

			`test "it does not set request signatures property on the instance when using inbox" do`
			`host = "mastodon.example.org"`
			`conn = submit_to_plug(host, :post, "/inbox")`
			`assert conn.assigns.valid_signature == true`

			`# we don't even create the instance entry if its just POST /inbox`
			`refute Repo.get_by(Instance, %{host: host})`
			`end`

			`test "it does not set request signatures property on the instance when its cached" do`
			`host = "mastodon.example.org"`
			`Cachex.put(:request_signatures_cache, host, true)`
			`conn = submit_to_plug(host)`
			`assert conn.assigns.valid_signature == true`

			`# we don't even create the instance entry if it was already done`
			`refute Repo.get_by(Instance, %{host: host})`
Fail faster. 2018-04-02 11:13:14 +00:00			`end`
Add an option to require fetches to be signed 2019-12-16 15:24:03 +00:00
Apply suggestion to test/plugs/http_signature_plug_test.exs 2019-12-16 18:39:59 +00:00			describe "requires a signature when `authorized_fetch_mode` is enabled" do
Add an option to require fetches to be signed 2019-12-16 15:24:03 +00:00			`setup do`
Convert tests to all use clear_config instead of Pleroma.Config.put 2021-01-26 17:58:43 +00:00			`clear_config([:activitypub, :authorized_fetch_mode], true)`
Add an option to require fetches to be signed 2019-12-16 15:24:03 +00:00
			`params = %{"actor" => "http://mastodon.example.org/users/admin"}`
Verify HTTP signatures only when request accepts "activity+json" type 2019-12-19 13:17:18 +00:00			`conn = build_conn(:get, "/doesntmattter", params) \|> put_format("activity+json")`
Add an option to require fetches to be signed 2019-12-16 15:24:03 +00:00
			`[conn: conn]`
			`end`

Add Signed Fetch Statistics (#312) Close #304. Notes: - This patch was made on top of Pleroma develop, so I created a separate cachex worker for request signature actions, instead of Akkoma's instance cache. If that is a merge blocker, I can attempt to move logic around for that. - Regarding the `has_request_signatures: true -> false` state transition: I think that is a higher level thing (resetting instance state on new instance actor key) which is separate from the changes relevant to this one. Co-authored-by: Luna <git@l4.pm> Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/312 Co-authored-by: @luna@f.l4.pm <akkoma@l4.pm> Co-committed-by: @luna@f.l4.pm <akkoma@l4.pm> 2022-11-26 19:22:56 +00:00			`test "and signature is present and incorrect", %{conn: conn} do`
			`conn =`
			`conn`
			`\|> assign(:valid_signature, false)`
			`\|> put_req_header(`
			`"signature",`
			`"keyId=\"http://mastodon.example.org/users/admin#main-key"`
			`)`
			`\|> HTTPSignaturePlug.call(%{})`

			`assert conn.assigns.valid_signature == false`
			`assert called(HTTPSignatures.validate_conn(:_))`
			`end`

			`test "and signature is correct", %{conn: conn} do`
			`conn =`
			`conn`
			`\|> put_req_header(`
			`"signature",`
			`"keyId=\"http://mastodon.example.org/users/admin#main-key"`
			`)`
			`\|> HTTPSignaturePlug.call(%{})`

			`assert conn.assigns.valid_signature == true`
			`assert called(HTTPSignatures.validate_conn(:_))`
Add an option to require fetches to be signed 2019-12-16 15:24:03 +00:00			`end`

Add Signed Fetch Statistics (#312) Close #304. Notes: - This patch was made on top of Pleroma develop, so I created a separate cachex worker for request signature actions, instead of Akkoma's instance cache. If that is a merge blocker, I can attempt to move logic around for that. - Regarding the `has_request_signatures: true -> false` state transition: I think that is a higher level thing (resetting instance state on new instance actor key) which is separate from the changes relevant to this one. Co-authored-by: Luna <git@l4.pm> Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/312 Co-authored-by: @luna@f.l4.pm <akkoma@l4.pm> Co-committed-by: @luna@f.l4.pm <akkoma@l4.pm> 2022-11-26 19:22:56 +00:00			test "and halts the connection when `signature` header is not present", %{conn: conn} do
Add an option to require fetches to be signed 2019-12-16 15:24:03 +00:00			`conn = HTTPSignaturePlug.call(conn, %{})`
			`assert conn.assigns[:valid_signature] == nil`
			`end`
Add Signed Fetch Statistics (#312) Close #304. Notes: - This patch was made on top of Pleroma develop, so I created a separate cachex worker for request signature actions, instead of Akkoma's instance cache. If that is a merge blocker, I can attempt to move logic around for that. - Regarding the `has_request_signatures: true -> false` state transition: I think that is a higher level thing (resetting instance state on new instance actor key) which is separate from the changes relevant to this one. Co-authored-by: Luna <git@l4.pm> Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/312 Co-authored-by: @luna@f.l4.pm <akkoma@l4.pm> Co-committed-by: @luna@f.l4.pm <akkoma@l4.pm> 2022-11-26 19:22:56 +00:00			`end`
/notice signing checks on redirect (#150) Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/150 2022-08-05 19:31:32 +00:00
Add Signed Fetch Statistics (#312) Close #304. Notes: - This patch was made on top of Pleroma develop, so I created a separate cachex worker for request signature actions, instead of Akkoma's instance cache. If that is a merge blocker, I can attempt to move logic around for that. - Regarding the `has_request_signatures: true -> false` state transition: I think that is a higher level thing (resetting instance state on new instance actor key) which is separate from the changes relevant to this one. Co-authored-by: Luna <git@l4.pm> Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/312 Co-authored-by: @luna@f.l4.pm <akkoma@l4.pm> Co-committed-by: @luna@f.l4.pm <akkoma@l4.pm> 2022-11-26 19:22:56 +00:00			`test "aliases redirected /object endpoints", _ do`
			`obj = insert(:note)`
			`act = insert(:note_activity, note: obj)`
			`params = %{"actor" => "someparam"}`
			`path = URI.parse(obj.data["id"]).path`
			`conn = build_conn(:get, path, params)`
GTS: cherry-picks and collection usage (#186) https://git.pleroma.social/pleroma/pleroma/-/merge_requests/3725?commit_id=61254111e59f02118cad15de49d1e0704c07030e what is this, a yoink of a yoink? good times Co-authored-by: Hélène <pleroma-dev@helene.moe> Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk> Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/186 2022-08-27 18:05:48 +00:00
Add Signed Fetch Statistics (#312) Close #304. Notes: - This patch was made on top of Pleroma develop, so I created a separate cachex worker for request signature actions, instead of Akkoma's instance cache. If that is a merge blocker, I can attempt to move logic around for that. - Regarding the `has_request_signatures: true -> false` state transition: I think that is a higher level thing (resetting instance state on new instance actor key) which is separate from the changes relevant to this one. Co-authored-by: Luna <git@l4.pm> Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/312 Co-authored-by: @luna@f.l4.pm <akkoma@l4.pm> Co-committed-by: @luna@f.l4.pm <akkoma@l4.pm> 2022-11-26 19:22:56 +00:00			`assert ["/notice/#{act.id}", "/notice/#{act.id}?actor=someparam"] ==`
			`HTTPSignaturePlug.route_aliases(conn)`
Add an option to require fetches to be signed 2019-12-16 15:24:03 +00:00			`end`
Fail faster. 2018-04-02 11:13:14 +00:00			`end`