aboutsummaryrefslogtreecommitdiff
path: root/src/test
diff options
context:
space:
mode:
Diffstat (limited to 'src/test')
-rw-r--r--src/test/java/com/juick/server/tests/ServerTests.java25
1 files changed, 19 insertions, 6 deletions
diff --git a/src/test/java/com/juick/server/tests/ServerTests.java b/src/test/java/com/juick/server/tests/ServerTests.java
index 320ba6fd6..925d42f6f 100644
--- a/src/test/java/com/juick/server/tests/ServerTests.java
+++ b/src/test/java/com/juick/server/tests/ServerTests.java
@@ -104,6 +104,7 @@ import org.springframework.web.client.ResourceAccessException;
import org.springframework.web.client.RestTemplate;
import org.springframework.web.util.UriComponents;
import org.springframework.web.util.UriComponentsBuilder;
+import org.tomitribe.auth.signatures.Base64;
import org.w3c.dom.*;
import org.xml.sax.SAXException;
import rocks.xmpp.addr.Jid;
@@ -1889,7 +1890,7 @@ public class ServerTests {
}
@Test
- public void signingSpec() throws IOException {
+ public void signingSpec() throws IOException, NoSuchAlgorithmException {
Person from = (Person) signatureManager.getContext(URI.create("http://localhost:8080/u/freefd")).get();
Person to = (Person) signatureManager.getContext(URI.create("http://localhost:8080/u/ugnich")).get();
Follow follow = new Follow();
@@ -1910,7 +1911,7 @@ public class ServerTests {
Person ugnichPerson = profileController.getUser("ugnich");
now = Instant.now();
requestDate = DateFormattersHolder.getHttpDateFormatter().format(now);
- String signatureString = signatureManager.addSignature(ugnichPerson, testHost, "GET", meUri, requestDate);
+ String signatureString = signatureManager.addSignature(ugnichPerson, testHost, "GET", meUri, requestDate, StringUtils.EMPTY);
MvcResult me = mockMvc.perform(get("/api/me")
.header("Host", testHost)
.header("Date", requestDate)
@@ -1924,24 +1925,28 @@ public class ServerTests {
URI testuserUri = URI.create("https://example.com/u/testuser");
URI testuserkeyUri = URI.create("https://example.com/u/testuser#main-key");
MockRestServiceServer restServiceServer = MockRestServiceServer.createServer(apClient);
- restServiceServer.expect(times(3), requestTo(testuserUri))
+ restServiceServer.expect(times(4), requestTo(testuserUri))
.andRespond(withSuccess(testuserResponseString, MediaType.APPLICATION_JSON));
- restServiceServer.expect(times(3), requestTo(testuserkeyUri))
+ restServiceServer.expect(times(4), requestTo(testuserkeyUri))
.andRespond(withSuccess(testuserResponseString, MediaType.APPLICATION_JSON));
Person testuser = (Person) signatureManager.getContext(testuserUri).get();
assertThat(testuser.getPublicKey().getPublicKeyPem(), is(testKeystoreManager.getPublicKeyPem()));
Instant now2 = Instant.now();
String testRequestDate = DateFormattersHolder.getHttpDateFormatter().format(now2);
String inboxUri = "/api/inbox";
+ var payload = IOUtils.toByteArray(testfollowRequest.getInputStream());
+ final byte[] digest = MessageDigest.getInstance("SHA-256").digest(payload); // (1)
+ final String digestHeader = "SHA-256=" + new String(Base64.encodeBase64(digest));
String testSignatureString =
signatureManager.addSignature(testuser, testHost, "POST",
- inboxUri, testRequestDate, testKeystoreManager);
+ inboxUri, testRequestDate, digestHeader, testKeystoreManager);
mockMvc.perform(post(inboxUri)
.header("Host", testHost)
.header("Date", testRequestDate)
+ .header("Digest", digestHeader)
.header("Signature", testSignatureString)
.contentType(Context.LD_JSON_MEDIA_TYPE)
- .content(IOUtils.toByteArray(testfollowRequest.getInputStream())))
+ .content(payload))
.andExpect(status().isAccepted());
mockMvc.perform(post(inboxUri)
.header("Host", "wronghost")
@@ -1950,6 +1955,14 @@ public class ServerTests {
.contentType(Context.LD_JSON_MEDIA_TYPE)
.content(IOUtils.toByteArray(testfollowRequest.getInputStream())))
.andExpect(status().isUnauthorized());
+ // digest required but not present
+ mockMvc.perform(post(inboxUri)
+ .header("Host", testHost)
+ .header("Date", testRequestDate)
+ .header("Signature", testSignatureString)
+ .contentType(Context.LD_JSON_MEDIA_TYPE)
+ .content(payload))
+ .andExpect(status().isUnauthorized());
apClient.setRequestFactory(originalRequestFactory);
}