2018-10-14 14:42:28 +00:00
|
|
|
"""Unit tests for redirect.py.
|
|
|
|
"""
|
2019-01-04 15:17:45 +00:00
|
|
|
import copy
|
2023-05-22 22:27:43 +00:00
|
|
|
from unittest.mock import patch
|
2019-01-04 15:17:45 +00:00
|
|
|
|
2022-08-24 00:37:50 +00:00
|
|
|
from granary import as2
|
2023-05-22 22:27:43 +00:00
|
|
|
from oauth_dropins.webutil.testutil import requests_response
|
2019-01-04 15:17:45 +00:00
|
|
|
|
2023-05-30 23:36:18 +00:00
|
|
|
# import first so that Fake is defined before URL routes are registered
|
|
|
|
from . import testutil
|
|
|
|
|
|
|
|
from flask_app import app, cache
|
2023-06-20 18:22:54 +00:00
|
|
|
from models import Object
|
2024-01-26 19:37:34 +00:00
|
|
|
import protocol
|
2023-06-05 03:58:21 +00:00
|
|
|
from web import Web
|
|
|
|
|
|
|
|
from .test_activitypub import ACTOR_BASE_FULL
|
2023-05-27 00:40:29 +00:00
|
|
|
from .test_web import (
|
2023-05-23 06:09:36 +00:00
|
|
|
ACTOR_AS2,
|
|
|
|
ACTOR_HTML,
|
|
|
|
REPOST_AS2,
|
|
|
|
REPOST_HTML,
|
2023-11-03 22:11:21 +00:00
|
|
|
TOOT_AS2,
|
2024-04-15 01:26:34 +00:00
|
|
|
TOOT_AS2_DATA,
|
2023-05-23 06:09:36 +00:00
|
|
|
)
|
2018-10-14 14:42:28 +00:00
|
|
|
|
2023-05-24 22:18:16 +00:00
|
|
|
REPOST_AS2 = {
|
|
|
|
**REPOST_AS2,
|
2023-10-11 23:17:43 +00:00
|
|
|
'actor': 'http://localhost/user.com',
|
2023-05-24 22:18:16 +00:00
|
|
|
}
|
2023-05-22 22:27:43 +00:00
|
|
|
del REPOST_AS2['cc']
|
2018-10-14 14:42:28 +00:00
|
|
|
|
2023-05-23 06:09:36 +00:00
|
|
|
|
2019-01-04 15:17:45 +00:00
|
|
|
class RedirectTest(testutil.TestCase):
|
2018-10-14 14:42:28 +00:00
|
|
|
|
2019-11-13 05:28:44 +00:00
|
|
|
def setUp(self):
|
2021-08-18 14:59:52 +00:00
|
|
|
super().setUp()
|
2023-11-15 22:23:08 +00:00
|
|
|
self.user = self.make_user('user.com', cls=Web)
|
2023-05-22 22:27:43 +00:00
|
|
|
|
2018-10-14 14:42:28 +00:00
|
|
|
def test_redirect(self):
|
2023-03-17 23:42:45 +00:00
|
|
|
got = self.client.get('/r/https://user.com/bar?baz=baj&biff')
|
2021-07-08 04:02:13 +00:00
|
|
|
self.assertEqual(301, got.status_code)
|
2023-03-17 23:42:45 +00:00
|
|
|
self.assertEqual('https://user.com/bar?baz=baj&biff=', got.headers['Location'])
|
2023-12-31 17:20:56 +00:00
|
|
|
self.assertEqual('Accept', got.headers['Vary'])
|
2018-10-14 14:42:28 +00:00
|
|
|
|
|
|
|
def test_redirect_scheme_missing(self):
|
2023-03-17 23:42:45 +00:00
|
|
|
got = self.client.get('/r/user.com')
|
2021-07-08 04:02:13 +00:00
|
|
|
self.assertEqual(400, got.status_code)
|
2018-10-14 14:42:28 +00:00
|
|
|
|
|
|
|
def test_redirect_url_missing(self):
|
2021-08-18 14:59:52 +00:00
|
|
|
got = self.client.get('/r/')
|
2021-07-08 04:02:13 +00:00
|
|
|
self.assertEqual(404, got.status_code)
|
2019-01-04 15:17:45 +00:00
|
|
|
|
2023-05-22 22:27:43 +00:00
|
|
|
def test_redirect_html_no_user(self):
|
2021-08-18 14:59:52 +00:00
|
|
|
got = self.client.get('/r/http://bar.com/baz')
|
2021-07-08 04:02:13 +00:00
|
|
|
self.assertEqual(404, got.status_code)
|
2023-12-31 17:20:56 +00:00
|
|
|
self.assertEqual('Accept', got.headers['Vary'])
|
2021-03-07 15:36:34 +00:00
|
|
|
|
2023-09-23 20:50:19 +00:00
|
|
|
def test_redirect_html_domain_allowlist(self):
|
|
|
|
got = self.client.get('/r/http://bsky.app/baz')
|
|
|
|
self.assertEqual(301, got.status_code)
|
|
|
|
self.assertEqual('http://bsky.app/baz', got.headers['Location'])
|
2023-12-31 17:20:56 +00:00
|
|
|
self.assertEqual('Accept', got.headers['Vary'])
|
2023-09-23 20:50:19 +00:00
|
|
|
|
2021-06-29 05:52:04 +00:00
|
|
|
def test_redirect_single_slash(self):
|
2023-03-17 23:42:45 +00:00
|
|
|
got = self.client.get('/r/https:/user.com/bar')
|
2021-07-08 04:02:13 +00:00
|
|
|
self.assertEqual(301, got.status_code)
|
2023-03-17 23:42:45 +00:00
|
|
|
self.assertEqual('https://user.com/bar', got.headers['Location'])
|
2023-12-31 17:20:56 +00:00
|
|
|
self.assertEqual('Accept', got.headers['Vary'])
|
2021-06-29 05:52:04 +00:00
|
|
|
|
2021-09-02 02:48:37 +00:00
|
|
|
def test_redirect_trailing_garbage_chars(self):
|
|
|
|
got = self.client.get(r'/r/https://v2.jacky.wtf\"')
|
|
|
|
self.assertEqual(404, got.status_code)
|
2023-10-18 18:02:50 +00:00
|
|
|
|
|
|
|
def test_redirect_url_parse_value_error(self):
|
|
|
|
got = self.client.get(r'/r/https:/[DOMAIN]/')
|
|
|
|
self.assertEqual(400, got.status_code)
|
2021-09-02 02:48:37 +00:00
|
|
|
|
2019-01-04 15:17:45 +00:00
|
|
|
def test_as2(self):
|
2023-01-07 05:01:33 +00:00
|
|
|
self._test_as2(as2.CONTENT_TYPE)
|
2019-01-04 15:17:45 +00:00
|
|
|
|
|
|
|
def test_as2_ld(self):
|
2024-02-27 19:38:00 +00:00
|
|
|
self._test_as2(as2.CONTENT_TYPE_LD_PROFILE)
|
2019-01-04 15:17:45 +00:00
|
|
|
|
2023-05-30 02:37:35 +00:00
|
|
|
def test_as2_creates_user(self):
|
2024-04-15 01:26:34 +00:00
|
|
|
Object(id='https://user.com/repost', source_protocol='web',
|
|
|
|
as2=REPOST_AS2).put()
|
2023-05-23 06:09:36 +00:00
|
|
|
|
2023-05-22 22:27:43 +00:00
|
|
|
self.user.key.delete()
|
2023-05-23 06:09:36 +00:00
|
|
|
|
2023-05-23 16:31:09 +00:00
|
|
|
resp = self.client.get('/r/https://user.com/repost',
|
2024-02-27 19:38:00 +00:00
|
|
|
headers={'Accept': as2.CONTENT_TYPE_LD_PROFILE})
|
2023-05-23 06:09:36 +00:00
|
|
|
self.assertEqual(200, resp.status_code, resp.get_data(as_text=True))
|
2023-06-05 03:58:21 +00:00
|
|
|
self.assert_equals(REPOST_AS2, resp.json)
|
2023-12-31 17:20:56 +00:00
|
|
|
self.assertEqual('Accept', resp.headers['Vary'])
|
2023-06-05 03:58:21 +00:00
|
|
|
|
|
|
|
self.assert_user(Web, 'user.com', direct=False)
|
2023-05-22 22:27:43 +00:00
|
|
|
|
Revert "cache outbound HTTP request responses, locally to each inbound request"
This reverts commit 30debfc8faf730190bd51a3aef49df6c6bfbd50a.
seemed promising, but broke in production. Saw a lot of `IncompleteRead`s on both GETs and POSTs. Rolled back for now.
```
('Connection broken: IncompleteRead(9172 bytes read, -4586 more expected)', IncompleteRead(9172 bytes read, -4586 more expected))
...
File "oauth_dropins/webutil/util.py", line 1673, in call
resp = getattr((session or requests), fn)(url, *args, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "requests_cache/session.py", line 102, in get
return self.request('GET', url, params=params, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "requests_cache/session.py", line 158, in request
return super().request(method, url, *args, headers=headers, **kwargs) # type: ignore
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "requests/sessions.py", line 589, in request
resp = self.send(prep, **send_kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "requests_cache/session.py", line 205, in send
response = self._send_and_cache(request, actions, cached_response, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "requests_cache/session.py", line 233, in _send_and_cache
self.cache.save_response(response, actions.cache_key, actions.expires)
File "requests_cache/backends/base.py", line 89, in save_response
cached_response = CachedResponse.from_response(response, expires=expires)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "requests_cache/models/response.py", line 102, in from_response
obj.raw = CachedHTTPResponse.from_response(response)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "requests_cache/models/raw_response.py", line 69, in from_response
_ = response.content # This property reads, decodes, and stores response content
^^^^^^^^^^^^^^^^
File "requests/models.py", line 899, in content
self._content = b"".join(self.iter_content(CONTENT_CHUNK_SIZE)) or b""
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "requests/models.py", line 818, in generate
raise ChunkedEncodingError(e)
```
2024-03-08 21:24:28 +00:00
|
|
|
@patch('requests.get')
|
2023-05-22 22:27:43 +00:00
|
|
|
def test_as2_fetch_post(self, mock_get):
|
2024-04-15 01:26:34 +00:00
|
|
|
mock_get.return_value = TOOT_AS2 # from Protocol.for_id
|
2023-05-23 06:09:36 +00:00
|
|
|
|
2023-05-23 16:31:09 +00:00
|
|
|
resp = self.client.get('/r/https://user.com/repost',
|
2024-02-27 19:38:00 +00:00
|
|
|
headers={'Accept': as2.CONTENT_TYPE_LD_PROFILE})
|
2023-05-23 16:31:09 +00:00
|
|
|
self.assertEqual(200, resp.status_code, resp.get_data(as_text=True))
|
2024-04-15 01:26:34 +00:00
|
|
|
self.assert_equals(TOOT_AS2_DATA, resp.json)
|
2023-12-31 17:20:56 +00:00
|
|
|
self.assertEqual('Accept', resp.headers['Vary'])
|
2023-05-23 16:31:09 +00:00
|
|
|
|
2024-04-15 01:26:34 +00:00
|
|
|
@patch('requests.get', side_effect=[
|
|
|
|
requests_response(ACTOR_HTML), # AS2 fetch
|
|
|
|
requests_response(ACTOR_HTML), # web fetch
|
|
|
|
])
|
2023-05-23 06:09:36 +00:00
|
|
|
def test_as2_no_user_fetch_homepage(self, mock_get):
|
|
|
|
self.user.key.delete()
|
2024-01-26 19:37:34 +00:00
|
|
|
self.user.obj_key.delete()
|
|
|
|
protocol.objects_cache.clear()
|
2023-05-23 06:09:36 +00:00
|
|
|
|
|
|
|
resp = self.client.get('/r/https://user.com/',
|
2024-02-27 19:38:00 +00:00
|
|
|
headers={'Accept': as2.CONTENT_TYPE_LD_PROFILE})
|
2023-05-23 06:09:36 +00:00
|
|
|
self.assertEqual(200, resp.status_code, resp.get_data(as_text=True))
|
2023-12-31 17:20:56 +00:00
|
|
|
self.assertEqual('Accept', resp.headers['Vary'])
|
2023-06-05 03:58:21 +00:00
|
|
|
|
|
|
|
expected = copy.deepcopy(ACTOR_BASE_FULL)
|
|
|
|
del expected['endpoints']
|
|
|
|
del expected['followers']
|
|
|
|
del expected['following']
|
2024-05-14 22:58:53 +00:00
|
|
|
self.assert_equals(expected, resp.json, ignore=['publicKeyPem', 'summary'])
|
2023-06-05 03:58:21 +00:00
|
|
|
|
2023-06-16 04:22:20 +00:00
|
|
|
self.assert_user(Web, 'user.com', direct=False, obj_as2={
|
2023-06-05 03:58:21 +00:00
|
|
|
'@context': 'https://www.w3.org/ns/activitystreams',
|
|
|
|
'type': 'Person',
|
2023-07-10 19:23:00 +00:00
|
|
|
'id': 'https://user.com/',
|
2023-06-05 03:58:21 +00:00
|
|
|
'url': 'https://user.com/',
|
|
|
|
'name': 'Ms. ☕ Baz',
|
2023-05-23 06:09:36 +00:00
|
|
|
'attachment': [{
|
|
|
|
'type': 'PropertyValue',
|
2023-06-05 03:58:21 +00:00
|
|
|
'name': 'Ms. ☕ Baz',
|
2023-10-24 23:02:16 +00:00
|
|
|
'value': '<a rel="me" href="https://user.com"><span class="invisible">https://</span>user.com</a>',
|
2023-05-23 06:09:36 +00:00
|
|
|
}],
|
2023-06-05 03:58:21 +00:00
|
|
|
})
|
2023-05-22 22:27:43 +00:00
|
|
|
|
2022-12-26 17:52:08 +00:00
|
|
|
def test_accept_header_cache_key(self):
|
|
|
|
app.config['CACHE_TYPE'] = 'SimpleCache'
|
|
|
|
cache.init_app(app)
|
|
|
|
self.client = app.test_client()
|
|
|
|
|
2024-02-27 19:38:00 +00:00
|
|
|
self._test_as2(as2.CONTENT_TYPE_LD_PROFILE)
|
2022-12-26 17:52:08 +00:00
|
|
|
|
2023-03-17 23:42:45 +00:00
|
|
|
resp = self.client.get('/r/https://user.com/bar')
|
2023-02-12 02:35:34 +00:00
|
|
|
self.assertEqual(301, resp.status_code)
|
2023-03-17 23:42:45 +00:00
|
|
|
self.assertEqual('https://user.com/bar', resp.headers['Location'])
|
2022-12-26 17:52:08 +00:00
|
|
|
|
2023-02-12 02:35:34 +00:00
|
|
|
# delete stored Object to make sure we're serving from cache
|
|
|
|
self.obj.delete()
|
2019-01-04 15:17:45 +00:00
|
|
|
|
2024-02-27 19:38:00 +00:00
|
|
|
self._test_as2(as2.CONTENT_TYPE_LD_PROFILE)
|
2019-01-04 15:17:45 +00:00
|
|
|
|
2023-03-17 23:42:45 +00:00
|
|
|
resp = self.client.get('/r/https://user.com/bar',
|
2023-06-20 18:22:54 +00:00
|
|
|
headers={'Accept': 'text/html'})
|
2023-02-12 02:35:34 +00:00
|
|
|
self.assertEqual(301, resp.status_code)
|
2023-03-17 23:42:45 +00:00
|
|
|
self.assertEqual('https://user.com/bar', resp.headers['Location'])
|
2019-01-04 15:17:45 +00:00
|
|
|
|
2023-05-23 06:09:36 +00:00
|
|
|
def _test_as2(self, content_type):
|
2024-04-15 01:26:34 +00:00
|
|
|
self.obj = Object(id='https://user.com/', source_protocol='web',
|
|
|
|
as2=REPOST_AS2).put()
|
2019-01-04 15:17:45 +00:00
|
|
|
|
2023-05-23 06:09:36 +00:00
|
|
|
resp = self.client.get('/r/https://user.com/', headers={'Accept': content_type})
|
2023-03-17 23:42:45 +00:00
|
|
|
self.assertEqual(200, resp.status_code, resp.get_data(as_text=True))
|
2023-02-12 02:35:34 +00:00
|
|
|
self.assertEqual(content_type, resp.content_type)
|
2023-05-23 06:09:36 +00:00
|
|
|
self.assert_equals(REPOST_AS2, resp.json)
|
2023-12-31 17:20:56 +00:00
|
|
|
self.assertEqual('Accept', resp.headers['Vary'])
|
2023-02-12 05:46:47 +00:00
|
|
|
|
|
|
|
def test_as2_deleted(self):
|
2024-04-15 01:26:34 +00:00
|
|
|
Object(id='https://user.com/bar', as2={}, source_protocol='web',
|
|
|
|
deleted=True).put()
|
2023-02-12 05:46:47 +00:00
|
|
|
|
2023-03-17 23:42:45 +00:00
|
|
|
resp = self.client.get('/r/https://user.com/bar',
|
2024-02-27 19:38:00 +00:00
|
|
|
headers={'Accept': as2.CONTENT_TYPE_LD_PROFILE})
|
2023-03-17 23:42:45 +00:00
|
|
|
self.assertEqual(404, resp.status_code, resp.get_data(as_text=True))
|
2024-01-28 16:54:35 +00:00
|
|
|
|
|
|
|
def test_as2_opted_out(self):
|
|
|
|
self.user.manual_opt_out = True
|
|
|
|
self.user.put()
|
|
|
|
|
|
|
|
resp = self.client.get('/r/https://user.com/',
|
2024-02-27 19:38:00 +00:00
|
|
|
headers={'Accept': as2.CONTENT_TYPE_LD_PROFILE})
|
2024-01-28 16:54:35 +00:00
|
|
|
self.assertEqual(404, resp.status_code, resp.get_data(as_text=True))
|
2024-04-15 01:26:34 +00:00
|
|
|
|
|
|
|
def test_as2_atproto_normalize_id(self):
|
|
|
|
self.obj = Object(id='at://did:plc:foo/app.bsky.feed.post/123',
|
|
|
|
source_protocol='atproto', as2=REPOST_AS2).put()
|
|
|
|
|
|
|
|
resp = self.client.get('/r/https://bsky.app/profile/did:plc:foo/post/123',
|
|
|
|
headers={'Accept': as2.CONTENT_TYPE_LD_PROFILE})
|
|
|
|
self.assertEqual(200, resp.status_code, resp.get_data(as_text=True))
|
|
|
|
self.assertEqual(as2.CONTENT_TYPE_LD_PROFILE, resp.content_type)
|
|
|
|
self.assert_equals(REPOST_AS2, resp.json)
|