aboutsummaryrefslogtreecommitdiff
path: root/src/test/java/com/juick
diff options
context:
space:
mode:
Diffstat (limited to 'src/test/java/com/juick')
-rw-r--r--src/test/java/com/juick/server/configuration/TestActivityConfiguration.java19
-rw-r--r--src/test/java/com/juick/server/tests/ServerTests.java75
2 files changed, 87 insertions, 7 deletions
diff --git a/src/test/java/com/juick/server/configuration/TestActivityConfiguration.java b/src/test/java/com/juick/server/configuration/TestActivityConfiguration.java
new file mode 100644
index 00000000..5daf4900
--- /dev/null
+++ b/src/test/java/com/juick/server/configuration/TestActivityConfiguration.java
@@ -0,0 +1,19 @@
+package com.juick.server.configuration;
+
+import com.juick.server.KeystoreManager;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.core.io.Resource;
+
+import java.io.IOException;
+
+@Configuration
+public class TestActivityConfiguration {
+ @Value("classpath:test.p12")
+ Resource keystoreFile;
+ @Bean
+ public KeystoreManager testKeystoreManager() throws IOException {
+ return new KeystoreManager(keystoreFile.getFile().getAbsolutePath(), "secret");
+ }
+}
diff --git a/src/test/java/com/juick/server/tests/ServerTests.java b/src/test/java/com/juick/server/tests/ServerTests.java
index fa2e2ce9..fedbaba0 100644
--- a/src/test/java/com/juick/server/tests/ServerTests.java
+++ b/src/test/java/com/juick/server/tests/ServerTests.java
@@ -65,10 +65,13 @@ import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMock
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.boot.test.web.client.TestRestTemplate;
import org.springframework.core.io.ClassPathResource;
+import org.springframework.core.io.Resource;
import org.springframework.http.*;
+import org.springframework.http.client.ClientHttpRequestFactory;
import org.springframework.jdbc.core.JdbcTemplate;
import org.springframework.test.context.TestPropertySource;
import org.springframework.test.context.junit4.SpringRunner;
+import org.springframework.test.web.client.MockRestServiceServer;
import org.springframework.test.web.servlet.MockMvc;
import org.springframework.test.web.servlet.MvcResult;
import org.springframework.test.web.servlet.request.MockMvcRequestBuilders;
@@ -76,6 +79,7 @@ import org.springframework.util.DigestUtils;
import org.springframework.util.FileSystemUtils;
import org.springframework.util.LinkedMultiValueMap;
import org.springframework.util.MultiValueMap;
+import org.springframework.web.client.RestTemplate;
import org.springframework.web.util.UriComponents;
import org.springframework.web.util.UriComponentsBuilder;
import org.w3c.dom.Document;
@@ -118,6 +122,9 @@ import static org.hamcrest.MatcherAssert.assertThat;
import static org.hamcrest.Matchers.*;
import static org.junit.Assert.*;
import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.httpBasic;
+import static org.springframework.test.web.client.ExpectedCount.times;
+import static org.springframework.test.web.client.match.MockRestRequestMatchers.requestTo;
+import static org.springframework.test.web.client.response.MockRestResponseCreators.withSuccess;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.*;
import static org.springframework.test.web.servlet.result.MockMvcResultHandlers.print;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.*;
@@ -130,9 +137,6 @@ import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.
@TestPropertySource(properties = {
"broken_ssl_hosts=localhost,serverstorageisfull.tld",
"ios_app_id=12345678.com.juick.ExampleApp",
- "xmppbot_jid=juick@localhost/Juick",
- "hostname=localhost",
- "componentname=localhost",
"spring.jackson.default-property-inclusion=non_default"
})
@AutoConfigureMockMvc
@@ -174,10 +178,6 @@ public class ServerTests {
private ServerManager serverManager;
@Inject
private KeystoreManager keystoreManager;
- @Value("${hostname:localhost}")
- private Jid jid;
- @Value("${xmppbot_jid:juick@localhost}")
- private Jid botJid;
@Value("${upload_tmp_dir:#{systemEnvironment['TEMP'] ?: '/tmp'}}")
private String tmpDir;
@Value("${img_path:#{systemEnvironment['TEMP'] ?: '/tmp'}}")
@@ -192,6 +192,18 @@ public class ServerTests {
private ActivityPubManager activityPubManager;
@Inject
private WebApp webApp;
+ @Inject
+ private RestTemplate apClient;
+
+ @Value("classpath:mocks/activity/testuser.json")
+ private Resource testuserResponse;
+ @Value("classpath:mocks/activity/testfollow.json")
+ private Resource testfollowRequest;
+
+ @Inject
+ private KeystoreManager testKeystoreManager;
+
+ private MockRestServiceServer restServiceServer;
private static User ugnich, freefd, juick;
static String ugnichName, ugnichPassword, freefdName, freefdPassword, juickName, juickPassword;
@@ -1699,6 +1711,55 @@ public class ServerTests {
signatureManager.post(from, to, follow);
}
@Test
+ public void serviceSignatureAuth() throws Exception {
+ String meUri = "/api/me";
+ String testHost = "localhost:8080";
+ Person ugnichPerson = (Person) signatureManager.discoverPerson("ugnich@localhost:8080").get();
+ Instant now = Instant.now();
+ String requestDate = DateFormattersHolder.getHttpDateFormatter().format(now);
+ String signatureString = signatureManager.addSignature(ugnichPerson, testHost, "GET", meUri, requestDate);
+ MvcResult me = mockMvc.perform(get("/api/me")
+ .header("Host", testHost)
+ .header("Date", requestDate)
+ .header("Signature", signatureString))
+ .andExpect(status().isOk())
+ .andReturn();
+ User meUser = jsonMapper.readValue(me.getResponse().getContentAsString(), User.class);
+ assertThat(meUser, is(ugnich));
+ String testuserResponseString = IOUtils.toString(testuserResponse.getInputStream(), StandardCharsets.UTF_8);
+ ClientHttpRequestFactory originalRequestFactory = apClient.getRequestFactory();
+ restServiceServer = MockRestServiceServer.bindTo(apClient).build();
+ URI testuserUri = URI.create("https://example.com/u/testuser");
+ URI testuserkeyUri = URI.create("https://example.com/u/testuser#main-key");
+ restServiceServer.expect(times(3), requestTo(testuserUri))
+ .andRespond(withSuccess(testuserResponseString, MediaType.APPLICATION_JSON_UTF8));
+ restServiceServer.expect(times(3), requestTo(testuserkeyUri))
+ .andRespond(withSuccess(testuserResponseString, MediaType.APPLICATION_JSON_UTF8));
+ Person testuser = (Person)signatureManager.getContext(testuserUri).get();
+ Assert.assertThat(testuser.getPublicKey().getPublicKeyPem(), is(testKeystoreManager.getPublicKeyPem()));
+ Instant now2 = Instant.now();
+ String testRequestDate = DateFormattersHolder.getHttpDateFormatter().format(now2);
+ String inboxUri = "/api/inbox";
+ String testSignatureString =
+ signatureManager.addSignature(testuser, testHost, "POST",
+ inboxUri, testRequestDate, testKeystoreManager);
+ mockMvc.perform(post(inboxUri)
+ .header("Host", testHost)
+ .header("Date", testRequestDate)
+ .header("Signature", testSignatureString)
+ .contentType(Context.LD_JSON_MEDIA_TYPE)
+ .content(IOUtils.toByteArray(testfollowRequest.getInputStream())))
+ .andExpect(status().isAccepted());
+ mockMvc.perform(post(inboxUri)
+ .header("Host", "wronghost")
+ .header("Date", testRequestDate)
+ .header("Signature", testSignatureString)
+ .contentType(Context.LD_JSON_MEDIA_TYPE)
+ .content(IOUtils.toByteArray(testfollowRequest.getInputStream())))
+ .andExpect(status().isUnauthorized());
+ apClient.setRequestFactory(originalRequestFactory);
+ }
+ @Test
public void hostmeta() throws Exception {
MvcResult result = mockMvc.perform(get("/.well-known/host-meta"))
.andExpect(status().isOk()).andReturn();