summaryrefslogtreecommitdiff
path: root/test/plugs
diff options
context:
space:
mode:
Diffstat (limited to 'test/plugs')
-rw-r--r--test/plugs/authentication_plug_test.exs44
-rw-r--r--test/plugs/http_signature_plug_test.exs44
2 files changed, 69 insertions, 19 deletions
diff --git a/test/plugs/authentication_plug_test.exs b/test/plugs/authentication_plug_test.exs
index 5480dab43..729ac8ae5 100644
--- a/test/plugs/authentication_plug_test.exs
+++ b/test/plugs/authentication_plug_test.exs
@@ -37,22 +37,24 @@ defmodule Pleroma.Plugs.AuthenticationPlugTest do
describe "without an authorization header" do
test "it halts the application" do
- conn = build_conn()
- |> Plug.Session.call(Plug.Session.init(@session_opts))
- |> fetch_session
- |> AuthenticationPlug.call(%{})
+ conn =
+ build_conn()
+ |> Plug.Session.call(Plug.Session.init(@session_opts))
+ |> fetch_session
+ |> AuthenticationPlug.call(%{})
assert conn.status == 403
assert conn.halted == true
end
test "it assigns a nil user if the 'optional' option is used" do
- conn = build_conn()
- |> Plug.Session.call(Plug.Session.init(@session_opts))
- |> fetch_session
- |> AuthenticationPlug.call(%{optional: true})
+ conn =
+ build_conn()
+ |> Plug.Session.call(Plug.Session.init(@session_opts))
+ |> fetch_session
+ |> AuthenticationPlug.call(%{optional: true})
- assert %{ user: nil } == conn.assigns
+ assert %{user: nil} == conn.assigns
end
end
@@ -73,9 +75,9 @@ defmodule Pleroma.Plugs.AuthenticationPlugTest do
build_conn()
|> Plug.Session.call(Plug.Session.init(@session_opts))
|> fetch_session
- |> AuthenticationPlug.call(%{optional: true, fetcher: &fetch_nil/1 })
+ |> AuthenticationPlug.call(%{optional: true, fetcher: &fetch_nil/1})
- assert %{ user: nil } == conn.assigns
+ assert %{user: nil} == conn.assigns
end
end
@@ -113,7 +115,7 @@ defmodule Pleroma.Plugs.AuthenticationPlugTest do
|> put_req_header("authorization", header)
|> AuthenticationPlug.call(opts)
- assert %{ user: nil } == conn.assigns
+ assert %{user: nil} == conn.assigns
end
end
@@ -126,13 +128,14 @@ defmodule Pleroma.Plugs.AuthenticationPlugTest do
header = basic_auth_enc("dude", "guy")
- conn = conn
+ conn =
+ conn
|> Plug.Session.call(Plug.Session.init(@session_opts))
|> fetch_session
|> put_req_header("authorization", header)
|> AuthenticationPlug.call(opts)
- assert %{ user: @user } == conn.assigns
+ assert %{user: @user} == conn.assigns
assert get_session(conn, :user_id) == @user.id
assert conn.halted == false
end
@@ -147,7 +150,8 @@ defmodule Pleroma.Plugs.AuthenticationPlugTest do
header = basic_auth_enc("dude", "guy")
- conn = conn
+ conn =
+ conn
|> Plug.Session.call(Plug.Session.init(@session_opts))
|> fetch_session
|> put_req_header("authorization", header)
@@ -167,14 +171,15 @@ defmodule Pleroma.Plugs.AuthenticationPlugTest do
header = basic_auth_enc("dude", "THIS IS WRONG")
- conn = conn
+ conn =
+ conn
|> Plug.Session.call(Plug.Session.init(@session_opts))
|> fetch_session
|> put_session(:user_id, @user.id)
|> put_req_header("authorization", header)
|> AuthenticationPlug.call(opts)
- assert %{ user: @user } == conn.assigns
+ assert %{user: @user} == conn.assigns
assert get_session(conn, :user_id) == @user.id
assert conn.halted == false
end
@@ -182,8 +187,9 @@ defmodule Pleroma.Plugs.AuthenticationPlugTest do
describe "with an assigned user" do
test "it does nothing, returning the incoming conn", %{conn: conn} do
- conn = conn
- |> assign(:user, @user)
+ conn =
+ conn
+ |> assign(:user, @user)
conn_result = AuthenticationPlug.call(conn, %{})
diff --git a/test/plugs/http_signature_plug_test.exs b/test/plugs/http_signature_plug_test.exs
new file mode 100644
index 000000000..a15c5b470
--- /dev/null
+++ b/test/plugs/http_signature_plug_test.exs
@@ -0,0 +1,44 @@
+defmodule Pleroma.Web.Plugs.HTTPSignaturePlugTest do
+ use Pleroma.Web.ConnCase
+ alias Pleroma.Web.HTTPSignatures
+ alias Pleroma.Web.Plugs.HTTPSignaturePlug
+
+ import Plug.Conn
+ import Mock
+
+ test "it call HTTPSignatures to check validity if the actor sighed it" do
+ params = %{"actor" => "http://mastodon.example.org/users/admin"}
+ conn = build_conn(:get, "/doesntmattter", params)
+
+ with_mock HTTPSignatures, validate_conn: fn _ -> true end do
+ conn =
+ conn
+ |> put_req_header(
+ "signature",
+ "keyId=\"http://mastodon.example.org/users/admin#main-key"
+ )
+ |> HTTPSignaturePlug.call(%{})
+
+ assert conn.assigns.valid_signature == true
+ assert called(HTTPSignatures.validate_conn(:_))
+ end
+ end
+
+ test "bails out early if the signature isn't by the activity actor" do
+ params = %{"actor" => "https://mst3k.interlinked.me/users/luciferMysticus"}
+ conn = build_conn(:get, "/doesntmattter", params)
+
+ with_mock HTTPSignatures, validate_conn: fn _ -> false end do
+ conn =
+ conn
+ |> put_req_header(
+ "signature",
+ "keyId=\"http://mastodon.example.org/users/admin#main-key"
+ )
+ |> HTTPSignaturePlug.call(%{})
+
+ assert conn.assigns.valid_signature == false
+ refute called(HTTPSignatures.validate_conn(:_))
+ end
+ end
+end
generated by cgit v1.2.3 (git 2.25.1) at 2025-10-31 06:06:03 +0000