From d54c483964692e1ca6b813d6b35a0635d3c0abf9 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Wed, 13 Feb 2019 19:48:24 +0000 Subject: tests: add tests for endpoints --- test/web/activity_pub/views/user_view_test.exs | 28 ++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) (limited to 'test') diff --git a/test/web/activity_pub/views/user_view_test.exs b/test/web/activity_pub/views/user_view_test.exs index 7fc870e96..95d736c50 100644 --- a/test/web/activity_pub/views/user_view_test.exs +++ b/test/web/activity_pub/views/user_view_test.exs @@ -15,4 +15,32 @@ defmodule Pleroma.Web.ActivityPub.UserViewTest do assert String.contains?(result["publicKey"]["publicKeyPem"], "BEGIN PUBLIC KEY") end + + describe "endpoints" do + test "local users have a usable endpoints structure" do + user = insert(:user) + {:ok, user} = Pleroma.Web.WebFinger.ensure_keys_present(user) + + result = UserView.render("user.json", %{user: user}) + + assert result["id"] == user.ap_id + + %{ + "sharedInbox" => _, + "oauthAuthorizationEndpoint" => _, + "oauthRegistrationEndpoint" => _, + "oauthTokenEndpoint" => _ + } = result["endpoints"] + end + + test "remote users have an empty endpoints structure" do + user = insert(:user, local: false) + {:ok, user} = Pleroma.Web.WebFinger.ensure_keys_present(user) + + result = UserView.render("user.json", %{user: user}) + + assert result["id"] == user.ap_id + assert result["endpoints"] == %{} + end + end end -- cgit v1.2.3 From 64620d8980e3e93791d3f880296be2060ffc4d39 Mon Sep 17 00:00:00 2001 From: William Pitcock Date: Thu, 14 Feb 2019 02:41:21 +0000 Subject: activitypub: user view: do not expose oAuth endpoints for instance users --- test/web/activity_pub/views/user_view_test.exs | 11 +++++++++++ 1 file changed, 11 insertions(+) (limited to 'test') diff --git a/test/web/activity_pub/views/user_view_test.exs b/test/web/activity_pub/views/user_view_test.exs index 95d736c50..0bc1d4728 100644 --- a/test/web/activity_pub/views/user_view_test.exs +++ b/test/web/activity_pub/views/user_view_test.exs @@ -42,5 +42,16 @@ defmodule Pleroma.Web.ActivityPub.UserViewTest do assert result["id"] == user.ap_id assert result["endpoints"] == %{} end + + test "instance users do not expose oAuth endpoints" do + user = insert(:user, nickname: nil, local: true) + {:ok, user} = Pleroma.Web.WebFinger.ensure_keys_present(user) + + result = UserView.render("user.json", %{user: user}) + + refute result["endpoints"]["oauthAuthorizationEndpoint"] + refute result["endpoints"]["oauthRegistrationEndpoint"] + refute result["endpoints"]["oauthTokenEndpoint"] + end end end -- cgit v1.2.3