kopia lustrzana https://github.com/snarfed/bridgy-fed
223 wiersze
8.3 KiB
Python
223 wiersze
8.3 KiB
Python
# coding=utf-8
|
|
"""Unit tests for webfinger.py.
|
|
|
|
to test:
|
|
* user URL that redirects
|
|
* error handling
|
|
"""
|
|
import html
|
|
from unittest import mock
|
|
import urllib.parse
|
|
|
|
from oauth_dropins.webutil import util
|
|
from oauth_dropins.webutil.testutil import requests_response
|
|
from oauth_dropins.webutil.util import json_loads
|
|
import requests
|
|
|
|
import common
|
|
import models
|
|
from . import testutil
|
|
|
|
|
|
class WebfingerTest(testutil.TestCase):
|
|
|
|
def setUp(self):
|
|
super().setUp()
|
|
|
|
self.html = """
|
|
<body class="h-card">
|
|
<a class="u-url" rel="me" href="/about-me">
|
|
<img class="u-photo" src="/me.jpg" />
|
|
Mrs. ☕ Foo
|
|
</a>
|
|
</body>
|
|
"""
|
|
self.key = models.User.get_or_create('foo.com')
|
|
self.expected_webfinger = {
|
|
'subject': 'acct:foo.com@foo.com',
|
|
'aliases': [
|
|
'https://foo.com/about-me',
|
|
'https://foo.com/',
|
|
],
|
|
'links': [{
|
|
'rel': 'http://webfinger.net/rel/profile-page',
|
|
'type': 'text/html',
|
|
'href': 'https://foo.com/about-me'
|
|
}, {
|
|
'rel': 'http://webfinger.net/rel/profile-page',
|
|
'type': 'text/html',
|
|
'href': 'https://foo.com/'
|
|
}, {
|
|
'rel': 'http://webfinger.net/rel/avatar',
|
|
'href': 'https://foo.com/me.jpg'
|
|
}, {
|
|
'rel': 'canonical_uri',
|
|
'type': 'text/html',
|
|
'href': 'https://foo.com/about-me'
|
|
}, {
|
|
'rel': 'self',
|
|
'type': 'application/activity+json',
|
|
'href': 'http://localhost/foo.com'
|
|
}, {
|
|
'rel': 'inbox',
|
|
'type': 'application/activity+json',
|
|
'href': 'http://localhost/foo.com/inbox'
|
|
}, {
|
|
'rel': 'sharedInbox',
|
|
'type': 'application/activity+json',
|
|
'href': 'http://localhost/inbox'
|
|
}, {
|
|
'rel': 'http://ostatus.org/schema/1.0/subscribe',
|
|
'template': 'http://localhost/user/foo.com?url={uri}',
|
|
}],
|
|
}
|
|
|
|
def test_host_meta_xrd(self):
|
|
got = self.client.get('/.well-known/host-meta')
|
|
self.assertEqual(200, got.status_code)
|
|
self.assertEqual('application/xrd+xml; charset=utf-8',
|
|
got.headers['Content-Type'])
|
|
body = got.get_data(as_text=True)
|
|
self.assertTrue(body.startswith('<?xml'), body)
|
|
|
|
def test_host_meta_xrds(self):
|
|
got = self.client.get('/.well-known/host-meta.xrds')
|
|
self.assertEqual(200, got.status_code)
|
|
self.assertEqual('application/xrds+xml', got.headers['Content-Type'])
|
|
body = got.get_data(as_text=True)
|
|
self.assertTrue(body.startswith('<XRDS'), body)
|
|
|
|
def test_host_meta_jrd(self):
|
|
got = self.client.get('/.well-known/host-meta.json')
|
|
self.assertEqual(200, got.status_code)
|
|
self.assertEqual('application/jrd+json', got.headers['Content-Type'])
|
|
body = got.get_data(as_text=True)
|
|
self.assertTrue(body.startswith('{'), body)
|
|
|
|
@mock.patch('requests.get')
|
|
def test_user(self, mock_get):
|
|
mock_get.return_value = requests_response(self.html, url='https://foo.com/')
|
|
|
|
got = self.client.get('/acct:foo.com', headers={'Accept': 'application/json'})
|
|
self.assertEqual(200, got.status_code)
|
|
self.assertEqual('application/jrd+json', got.headers['Content-Type'])
|
|
self.assert_req(mock_get, 'https://foo.com/')
|
|
|
|
self.assertEqual(self.expected_webfinger, got.json)
|
|
|
|
@mock.patch('requests.get')
|
|
def test_user_no_hcard(self, mock_get):
|
|
mock_get.return_value = requests_response("""
|
|
<body>
|
|
<div class="h-entry">
|
|
<p class="e-content">foo bar</p>
|
|
</div>
|
|
</body>
|
|
""", url='https://foo.com/')
|
|
got = self.client.get('/acct:foo.com')
|
|
self.assert_req(mock_get, 'https://foo.com/')
|
|
self.assertEqual(200, got.status_code)
|
|
self.assert_equals({
|
|
'subject': 'acct:foo.com@foo.com',
|
|
'aliases': ['https://foo.com/'],
|
|
'links': [{
|
|
'rel': 'http://webfinger.net/rel/profile-page',
|
|
'type': 'text/html',
|
|
'href': 'https://foo.com/'
|
|
}, {
|
|
'rel': 'canonical_uri',
|
|
'type': 'text/html',
|
|
'href': 'https://foo.com/'
|
|
}, {
|
|
'rel': 'self',
|
|
'type': 'application/activity+json',
|
|
'href': 'http://localhost/foo.com'
|
|
}, {
|
|
'rel': 'inbox',
|
|
'type': 'application/activity+json',
|
|
'href': 'http://localhost/foo.com/inbox'
|
|
}, {
|
|
'rel': 'sharedInbox',
|
|
'type': 'application/activity+json',
|
|
'href': 'http://localhost/inbox'
|
|
}, {
|
|
'rel': 'http://ostatus.org/schema/1.0/subscribe',
|
|
'template': 'http://localhost/user/foo.com?url={uri}',
|
|
}]
|
|
}, got.json)
|
|
|
|
def test_user_bad_tld(self):
|
|
got = self.client.get('/acct:foo.json')
|
|
self.assertEqual(404, got.status_code)
|
|
self.assertIn("doesn't look like a domain",
|
|
html.unescape(got.get_data(as_text=True)))
|
|
|
|
def test_user_not_found(self):
|
|
got = self.client.get('/acct:nope.com', headers={'Accept': 'application/json'})
|
|
self.assertEqual(404, got.status_code)
|
|
|
|
@mock.patch('requests.get')
|
|
def test_webfinger(self, mock_get):
|
|
mock_get.return_value = requests_response(self.html, url='https://foo.com/')
|
|
|
|
for resource in ('foo.com@foo.com', 'acct:foo.com@foo.com', 'xyz@foo.com',
|
|
'foo.com', 'http://foo.com/', 'https://foo.com/',
|
|
'http://localhost/foo.com'):
|
|
with self.subTest(resource=resource):
|
|
url = (f'/.well-known/webfinger?' +
|
|
urllib.parse.urlencode({'resource': resource}))
|
|
got = self.client.get(url, headers={'Accept': 'application/json'})
|
|
self.assertEqual(200, got.status_code, got.get_data(as_text=True))
|
|
self.assertEqual('application/jrd+json', got.headers['Content-Type'])
|
|
self.assertEqual(self.expected_webfinger, got.json)
|
|
|
|
@mock.patch('requests.get')
|
|
def test_webfinger_custom_username(self, mock_get):
|
|
self.html = """
|
|
<body class="h-card">
|
|
<a class="u-url" rel="me" href="/about-me">
|
|
<img class="u-photo" src="/me.jpg" />
|
|
Mrs. ☕ Foo
|
|
</a>
|
|
<a class="u-url" href="acct:notthisuser@boop.org"></a>
|
|
<a class="u-url" href="acct:customuser@foo.com"></a>
|
|
</body>
|
|
"""
|
|
self.expected_webfinger.update({
|
|
'subject': 'acct:customuser@foo.com',
|
|
'aliases': [
|
|
'https://foo.com/about-me',
|
|
'acct:notthisuser@boop.org',
|
|
'acct:customuser@foo.com',
|
|
'https://foo.com/',
|
|
],
|
|
})
|
|
mock_get.return_value = requests_response(self.html, url='https://foo.com/')
|
|
|
|
for resource in (
|
|
'customuser@foo.com',
|
|
'acct:customuser@foo.com',
|
|
'foo.com',
|
|
'http://foo.com/',
|
|
'https://foo.com/',
|
|
# Mastodon requires this as of 3.3.0
|
|
# https://github.com/snarfed/bridgy-fed/issues/73
|
|
'acct:foo.com@fed.brid.gy',
|
|
'acct:foo.com@bridgy-federated.appspot.com',
|
|
'acct:foo.com@localhost',
|
|
):
|
|
with self.subTest(resource=resource):
|
|
url = (f'/.well-known/webfinger?' +
|
|
urllib.parse.urlencode({'resource': resource}))
|
|
got = self.client.get(url, headers={'Accept': 'application/json'})
|
|
self.assertEqual(200, got.status_code, got.get_data(as_text=True))
|
|
self.assertEqual('application/jrd+json', got.headers['Content-Type'])
|
|
self.assertEqual(self.expected_webfinger, got.json)
|
|
|
|
def test_webfinger_fed_brid_gy(self):
|
|
got = self.client.get('/.well-known/webfinger?resource=http://localhost/')
|
|
self.assertEqual(400, got.status_code, got.get_data(as_text=True))
|
|
|
|
got = self.client.get('/.well-known/webfinger?resource=acct%3A%40localhost')
|
|
self.assertEqual(400, got.status_code, got.get_data(as_text=True))
|