test

mei23 · Dec 2, 2023 · 8cf7ef4 · 8cf7ef4
1 parent 2cb9d1d
commit 8cf7ef4
Showing 1 changed file with 234 additions and 3 deletions.
diff --git a/packages/backend/test/fetch-resource.ts b/packages/backend/test/fetch-resource.ts
@@ -4,6 +4,10 @@ import * as assert from 'assert';
 import * as childProcess from 'child_process';
 import * as openapi from '@redocly/openapi-core';
 import { async, startServer, signup, post, request, simpleGet, port, shutdownServer } from './utils.js';
+import { StatusError, getResponse } from '@/misc/fetch.js';
+import { genRsaKeyPair } from '@/misc/gen-key-pair.js';
+import { createSignedPost } from '@/remote/activitypub/ap-request.js';
+import { createHash } from 'node:crypto';
 
 // Request Accept
 const ONLY_AP = 'application/activity+json';
@@ -13,7 +17,7 @@ const UNSPECIFIED = '*/*';
 
 // Response Contet-Type
 const AP = 'application/activity+json; charset=utf-8';
-const JSON = 'application/json; charset=utf-8';
+const TYPE_JSON = 'application/json; charset=utf-8';
 const HTML = 'text/html; charset=utf-8';
 
 describe('Fetch resource', () => {
@@ -63,7 +67,7 @@ describe('Fetch resource', () => {
 		it('GET api.json', async(async () => {
 			const res = await simpleGet('/api.json');
 			assert.strictEqual(res.status, 200);
-			assert.strictEqual(res.type, JSON);
+			assert.strictEqual(res.type, TYPE_JSON);
 		}));
 
 		it('Validate api.json', async(async () => {
@@ -196,10 +200,237 @@ describe('Fetch resource', () => {
 			assert.strictEqual(res.type, 'application/atom+xml; charset=utf-8');
 		}));
 
-		it('JSON', async(async () => {
+		it('TYPE_JSON', async(async () => {
 			const res = await simpleGet(`/@${alice.username}.json`, UNSPECIFIED);
 			assert.strictEqual(res.status, 200);
 			assert.strictEqual(res.type, 'application/json; charset=utf-8');
 		}));
 	});
+
+	describe('inbox', async () => {
+		const myInbox = `http://localhost:${port}/inbox`;
+
+		const myHost = 'misskey.local';
+		const xHost = 'xxx.local';
+
+		const inboxPost = async (url: string, headers: Record<string, string>, body: string) => {
+			const res = await getResponse({
+				url,
+				method: 'POST',
+				headers,
+				body,
+				timeout: 10 * 1000,
+			}).then(r => {
+				return {
+					statusCode: r.status,
+					statusMessage: r.statusText,
+					body: r.body,
+				};
+			}).catch(err => {
+				if (err instanceof StatusError) {
+					return {
+						statusCode: err.statusCode,
+						statusMessage: err.statusMessage,
+					};
+				} else {
+					throw err;
+				}
+			});
+			return res;
+		};
+
+		// 鍵はここでは検証しないのでなんでもいい
+		let keyPair: any;
+		let key: any;
+
+		before(async () => {
+			keyPair = await genRsaKeyPair();
+			key = {
+				privateKeyPem: keyPair.privateKey,
+				keyId: `https://${myHost}/users/a#main-key`,
+			};
+		});
+
+		it('Accepted', async () => {
+			const object = { a: 1, b: 2, };
+			const body = JSON.stringify(object);
+
+			const req = createSignedPost({
+				key,
+				url: myInbox,
+				body,
+				additionalHeaders: {
+					Host: myHost,
+				},
+			});
+
+			const res = await inboxPost(myInbox, req.request.headers, body);
+
+			assert.strictEqual(res.statusCode, 202);
+		});
+
+		it('Invalid Host', async () => {
+			const object = { a: 1, b: 2, };
+			const body = JSON.stringify(object);
+
+			const req = createSignedPost({
+				key,
+				url: myInbox,
+				body,
+				additionalHeaders: {
+					Host: xHost,	// ★署名されているが違うホスト向け
+				},
+			});
+
+			const res = await inboxPost(myInbox, req.request.headers, body);
+
+			assert.strictEqual(res.statusCode, 400);
+			assert.strictEqual(res.statusMessage, 'Invalid Host');
+		});
+
+		it('Payload Too Large', async () => {
+			const object = { a: 1, b: 'x'.repeat(70000), };	// ★でかすぎ
+			const body = JSON.stringify(object);
+
+			const req = createSignedPost({
+				key,
+				url: myInbox,
+				body,
+				additionalHeaders: {
+					Host: myHost,
+				},
+			});
+
+			const res = await inboxPost(myInbox, req.request.headers, body);
+
+			assert.strictEqual(res.statusCode, 413);
+		});
+
+		it('Missing Required Header in the request - signature', async () => {
+			const object = { a: 1, b: 2, };
+			const body = JSON.stringify(object);
+
+			const req = createSignedPost({
+				key,
+				url: myInbox,
+				body,
+				additionalHeaders: {
+					Host: myHost,
+				},
+			});
+
+			delete req.request.headers.signature;	// ★署名されてない
+
+			const res = await inboxPost(myInbox, req.request.headers, body);
+
+			assert.strictEqual(res.statusCode, 401);
+			assert.strictEqual(res.statusMessage, 'Missing Required Header');	// TODO: どのheaderがどこに足りないのか
+		});
+
+		it('Missing Required Header in the request - digest', async () => {
+			const object = { a: 1, b: 2, };
+			const body = JSON.stringify(object);
+
+			const req = createSignedPost({
+				key,
+				url: myInbox,
+				body,
+				additionalHeaders: {
+					Host: myHost,
+				},
+			});
+
+			delete req.request.headers.digest;	// ★署名されているがrequestにDigestヘッダーがない
+
+			const res = await inboxPost(myInbox, req.request.headers, body);
+
+			assert.strictEqual(res.statusCode, 401);
+			assert.strictEqual(res.statusMessage, 'Missing Required Header');	// TODO: どのheaderがどこに足りないのか
+		});
+
+		it('Expired Request Error', async () => {
+			const object = { a: 1, b: 2, };
+			const body = JSON.stringify(object);
+
+			const req = createSignedPost({
+				key,
+				url: myInbox,
+				body,
+				additionalHeaders: {
+					Host: myHost,
+					Date: new Date(new Date().getTime() - 600 * 1000).toISOString(),	// ★署名されてるがDateが古すぎる
+				},
+			});
+
+			const res = await inboxPost(myInbox, req.request.headers, body);
+
+			assert.strictEqual(res.statusCode, 401);
+			assert.strictEqual(res.statusMessage, 'Expired Request Error');
+		});
+
+		// TODO: signatureの方に必須ヘッダーがないパターン
+
+		it('Invalid Digest Header', async () => {
+			const object = { a: 1, b: 2, };
+			const body = JSON.stringify(object);
+
+			const req = createSignedPost({
+				key,
+				url: myInbox,
+				body,
+				additionalHeaders: {
+					Host: myHost,
+				},
+			});
+
+			req.request.headers.digest = 'puee';	// ★
+
+			const res = await inboxPost(myInbox, req.request.headers, body);
+
+			assert.strictEqual(res.statusCode, 401);
+			assert.strictEqual(res.statusMessage, 'Invalid Digest Header');
+		});
+
+		it('Unsupported Digest Algorithm', async () => {
+			const object = { a: 1, b: 2, };
+			const body = JSON.stringify(object);
+
+			const req = createSignedPost({
+				key,
+				url: myInbox,
+				body,
+				additionalHeaders: {
+					Host: myHost,
+				},
+			});
+
+			req.request.headers.digest = 'SHA-5000=abc';	// ★
+
+			const res = await inboxPost(myInbox, req.request.headers, body);
+
+			assert.strictEqual(res.statusCode, 401);
+			assert.strictEqual(res.statusMessage, 'Unsupported Digest Algorithm');
+		});
+
+		it('Digest Missmath', async () => {
+			const object = { a: 1, b: 2, };
+			const body = JSON.stringify(object);
+
+			const req = createSignedPost({
+				key,
+				url: myInbox,
+				body,
+				additionalHeaders: {
+					Host: myHost,
+				},
+			});
+
+			req.request.headers.digest = `SHA-256=${createHash('sha256').update('puppukupu-').digest('base64')}`;	// ★
+
+			const res = await inboxPost(myInbox, req.request.headers, body);
+
+			assert.strictEqual(res.statusCode, 401);
+			assert.strictEqual(res.statusMessage, 'Digest Missmatch');
+		});
+	});
 });