diff options
21 files changed, 446 insertions, 11 deletions
diff --git a/config/config.exs b/config/config.exs index 01109b30f..e6c695215 100644 --- a/config/config.exs +++ b/config/config.exs @@ -27,7 +27,8 @@ config :logger, :console, metadata: [:request_id] config :mime, :types, %{ - "application/xrd+xml" => ["xrd+xml"] + "application/xrd+xml" => ["xrd+xml"], + "application/activity+json" => ["activity+json"] } config :pleroma, :websub, Pleroma.Web.Websub diff --git a/lib/pleroma/activity.ex b/lib/pleroma/activity.ex index afd09982f..a8154859a 100644 --- a/lib/pleroma/activity.ex +++ b/lib/pleroma/activity.ex @@ -7,6 +7,7 @@ defmodule Pleroma.Activity do field :data, :map field :local, :boolean, default: true field :actor, :string + field :recipients, {:array, :string} has_many :notifications, Notification, on_delete: :delete_all timestamps() diff --git a/lib/pleroma/plugs/http_signature.ex b/lib/pleroma/plugs/http_signature.ex new file mode 100644 index 000000000..17030cdbf --- /dev/null +++ b/lib/pleroma/plugs/http_signature.ex @@ -0,0 +1,19 @@ +defmodule Pleroma.Web.Plugs.HTTPSignaturePlug do + alias Pleroma.Web.HTTPSignatures + import Plug.Conn + + def init(options) do + options + end + + def call(conn, opts) do + if get_req_header(conn, "signature") do + conn = conn + |> put_req_header("(request-target)", String.downcase("#{conn.method} #{conn.request_path}")) + + assign(conn, :valid_signature, HTTPSignatures.validate_conn(conn)) + else + conn + end + end +end diff --git a/lib/pleroma/user.ex b/lib/pleroma/user.ex index 81cec8265..e544d3772 100644 --- a/lib/pleroma/user.ex +++ b/lib/pleroma/user.ex @@ -376,4 +376,14 @@ defmodule Pleroma.User do :ok end + + def get_public_key_for_ap_id(ap_id) do + with %User{} = user <- get_cached_by_ap_id(ap_id), + %{info: %{"magic_key" => magic_key}} <- user, + public_key <- Pleroma.Web.Salmon.decode_key(magic_key) do + {:ok, public_key} + else + _ -> :error + end + end end diff --git a/lib/pleroma/web/activity_pub/activity_pub.ex b/lib/pleroma/web/activity_pub/activity_pub.ex index 421fd5cd7..7b85770b7 100644 --- a/lib/pleroma/web/activity_pub/activity_pub.ex +++ b/lib/pleroma/web/activity_pub/activity_pub.ex @@ -1,14 +1,19 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do alias Pleroma.{Activity, Repo, Object, Upload, User, Notification} + alias Pleroma.Web.OStatus import Ecto.Query import Pleroma.Web.ActivityPub.Utils require Logger + def get_recipients(data) do + (data["to"] || []) ++ (data["cc"] || []) + end + def insert(map, local \\ true) when is_map(map) do with nil <- Activity.get_by_ap_id(map["id"]), map <- lazy_put_activity_defaults(map), :ok <- insert_full_object(map) do - {:ok, activity} = Repo.insert(%Activity{data: map, local: local, actor: map["actor"]}) + {:ok, activity} = Repo.insert(%Activity{data: map, local: local, actor: map["actor"], recipients: get_recipients(map)}) Notification.create_notifications(activity) stream_out(activity) {:ok, activity} @@ -215,4 +220,16 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do data = Upload.store(file) Repo.insert(%Object{data: data}) end + + def prepare_incoming(%{"type" => "Create", "object" => %{"type" => "Note"} = object} = data) do + with {:ok, user} <- OStatus.find_or_make_user(data["actor"]) do + data + else + _e -> :error + end + end + + def prepare_incoming(_) do + :error + end end diff --git a/lib/pleroma/web/activity_pub/activity_pub_controller.ex b/lib/pleroma/web/activity_pub/activity_pub_controller.ex new file mode 100644 index 000000000..0d3e8f44c --- /dev/null +++ b/lib/pleroma/web/activity_pub/activity_pub_controller.ex @@ -0,0 +1,28 @@ +defmodule Pleroma.Web.ActivityPub.ActivityPubController do + use Pleroma.Web, :controller + alias Pleroma.{User, Repo, Object} + alias Pleroma.Web.ActivityPub.{ObjectView, UserView} + alias Pleroma.Web.ActivityPub.ActivityPub + + def user(conn, %{"nickname" => nickname}) do + with %User{} = user <- User.get_cached_by_nickname(nickname), + {:ok, user} <- Pleroma.Web.WebFinger.ensure_keys_present(user) do + json(conn, UserView.render("user.json", %{user: user})) + end + end + + def object(conn, %{"uuid" => uuid}) do + with ap_id <- o_status_url(conn, :object, uuid), + %Object{} = object <- Object.get_cached_by_ap_id(ap_id) do + json(conn, ObjectView.render("object.json", %{object: object})) + end + end + + # TODO: Move signature failure halt into plug + def inbox(%{assigns: %{valid_signature: true}} = conn, params) do + with {:ok, data} <- ActivityPub.prepare_incoming(params), + {:ok, activity} <- ActivityPub.insert(data, false) do + json(conn, "ok") + end + end +end diff --git a/lib/pleroma/web/activity_pub/views/object_view.ex b/lib/pleroma/web/activity_pub/views/object_view.ex new file mode 100644 index 000000000..403f8cb17 --- /dev/null +++ b/lib/pleroma/web/activity_pub/views/object_view.ex @@ -0,0 +1,26 @@ +defmodule Pleroma.Web.ActivityPub.ObjectView do + use Pleroma.Web, :view + + def render("object.json", %{object: object}) do + base = %{ + "@context" => [ + "https://www.w3.org/ns/activitystreams", + "https://w3id.org/security/v1", + %{ + "manuallyApprovesFollowers" => "as:manuallyApprovesFollowers", + "sensitive" => "as:sensitive", + "Hashtag" => "as:Hashtag", + "ostatus" => "http://ostatus.org#", + "atomUri" => "ostatus:atomUri", + "inReplyToAtomUri" => "ostatus:inReplyToAtomUri", + "conversation" => "ostatus:conversation", + "toot" => "http://joinmastodon.org/ns#", + "Emoji" => "toot:Emoji" + } + ] + } + + additional = Map.take(object.data, ["id", "to", "cc", "actor", "content", "summary", "type"]) + Map.merge(base, additional) + end +end diff --git a/lib/pleroma/web/activity_pub/views/user_view.ex b/lib/pleroma/web/activity_pub/views/user_view.ex new file mode 100644 index 000000000..b3b02c4fb --- /dev/null +++ b/lib/pleroma/web/activity_pub/views/user_view.ex @@ -0,0 +1,51 @@ +defmodule Pleroma.Web.ActivityPub.UserView do + use Pleroma.Web, :view + alias Pleroma.Web.Salmon + alias Pleroma.User + + def render("user.json", %{user: user}) do + {:ok, _, public_key} = Salmon.keys_from_pem(user.info["keys"]) + public_key = :public_key.pem_entry_encode(:RSAPublicKey, public_key) + public_key = :public_key.pem_encode([public_key]) + %{ + "@context" => [ + "https://www.w3.org/ns/activitystreams", + "https://w3id.org/security/v1", + %{ + "manuallyApprovesFollowers" => "as:manuallyApprovesFollowers", + "sensitive" => "as:sensitive", + "Hashtag" => "as:Hashtag", + "ostatus" => "http://ostatus.org#", + "atomUri" => "ostatus:atomUri", + "inReplyToAtomUri" => "ostatus:inReplyToAtomUri", + "conversation" => "ostatus:conversation", + "toot" => "http://joinmastodon.org/ns#", + "Emoji" => "toot:Emoji" + } + ], + "id" => user.ap_id, + "type" => "Person", + "following" => "#{user.ap_id}/following", + "followers" => "#{user.ap_id}/followers", + "inbox" => "#{user.ap_id}/inbox", + "outbox" => "#{user.ap_id}/outbox", + "preferredUsername" => user.nickname, + "name" => user.name, + "summary" => user.bio, + "url" => user.ap_id, + "manuallyApprovesFollowers" => false, + "publicKey" => %{ + "id" => "#{user.ap_id}#main-key", + "owner" => user.ap_id, + "publicKeyPem" => public_key + }, + "endpoints" => %{ + "sharedInbox" => "#{Pleroma.Web.Endpoint.url}/inbox" + }, + "icon" => %{ + "type" => "Image", + "url" => User.avatar_url(user) + } + } + end +end diff --git a/lib/pleroma/web/http_signatures/http_signatures.ex b/lib/pleroma/web/http_signatures/http_signatures.ex new file mode 100644 index 000000000..830ddf64d --- /dev/null +++ b/lib/pleroma/web/http_signatures/http_signatures.ex @@ -0,0 +1,48 @@ +# https://tools.ietf.org/html/draft-cavage-http-signatures-08 +defmodule Pleroma.Web.HTTPSignatures do + alias Pleroma.User + + def split_signature(sig) do + default = %{"headers" => "date"} + + sig = sig + |> String.trim() + |> String.split(",") + |> Enum.reduce(default, fn(part, acc) -> + [key | rest] = String.split(part, "=") + value = Enum.join(rest, "=") + Map.put(acc, key, String.trim(value, "\"")) + end) + + Map.put(sig, "headers", String.split(sig["headers"], ~r/\s/)) + end + + def validate(headers, signature, public_key) do + sigstring = build_signing_string(headers, signature["headers"]) + {:ok, sig} = Base.decode64(signature["signature"]) + :public_key.verify(sigstring, :sha256, sig, public_key) + end + + def validate_conn(conn) do + # TODO: How to get the right key and see if it is actually valid for that request. + # For now, fetch the key for the actor. + with actor_id <- conn.params["actor"], + {:ok, public_key} <- User.get_public_key_for_ap_id(actor_id) do + validate_conn(conn, public_key) + else + _ -> false + end + end + + def validate_conn(conn, public_key) do + headers = Enum.into(conn.req_headers, %{}) + signature = split_signature(headers["signature"]) + validate(headers, signature, public_key) + end + + def build_signing_string(headers, used_headers) do + used_headers + |> Enum.map(fn (header) -> "#{header}: #{headers[header]}" end) + |> Enum.join("\n") + end +end diff --git a/lib/pleroma/web/ostatus/ostatus_controller.ex b/lib/pleroma/web/ostatus/ostatus_controller.ex index d442d16fd..e5f99c66c 100644 --- a/lib/pleroma/web/ostatus/ostatus_controller.ex +++ b/lib/pleroma/web/ostatus/ostatus_controller.ex @@ -6,13 +6,15 @@ defmodule Pleroma.Web.OStatus.OStatusController do alias Pleroma.Repo alias Pleroma.Web.{OStatus, Federator} alias Pleroma.Web.XML + alias Pleroma.Web.ActivityPub.ActivityPubController import Ecto.Query - def feed_redirect(conn, %{"nickname" => nickname}) do + def feed_redirect(conn, %{"nickname" => nickname} = params) do user = User.get_cached_by_nickname(nickname) case get_format(conn) do "html" -> Fallback.RedirectController.redirector(conn, nil) + "activity+json" -> ActivityPubController.user(conn, params) _ -> redirect conn, external: OStatus.feed_path(user) end end @@ -64,13 +66,17 @@ defmodule Pleroma.Web.OStatus.OStatusController do |> send_resp(200, "") end - def object(conn, %{"uuid" => uuid}) do - with id <- o_status_url(conn, :object, uuid), - %Activity{} = activity <- Activity.get_create_activity_by_object_ap_id(id), - %User{} = user <- User.get_cached_by_ap_id(activity.data["actor"]) do - case get_format(conn) do - "html" -> redirect(conn, to: "/notice/#{activity.id}") - _ -> represent_activity(conn, activity, user) + def object(conn, %{"uuid" => uuid} = params) do + if get_format(conn) == "activity+json" do + ActivityPubController.object(conn, params) + else + with id <- o_status_url(conn, :object, uuid), + %Activity{} = activity <- Activity.get_create_activity_by_object_ap_id(id), + %User{} = user <- User.get_cached_by_ap_id(activity.data["actor"]) do + case get_format(conn) do + "html" -> redirect(conn, to: "/notice/#{activity.id}") + _ -> represent_activity(conn, activity, user) + end end end end diff --git a/lib/pleroma/web/router.ex b/lib/pleroma/web/router.ex index 6e9f40955..6455ff108 100644 --- a/lib/pleroma/web/router.ex +++ b/lib/pleroma/web/router.ex @@ -219,7 +219,7 @@ defmodule Pleroma.Web.Router do end pipeline :ostatus do - plug :accepts, ["xml", "atom", "html"] + plug :accepts, ["xml", "atom", "html", "activity+json"] end scope "/", Pleroma.Web do @@ -237,6 +237,16 @@ defmodule Pleroma.Web.Router do post "/push/subscriptions/:id", Websub.WebsubController, :websub_incoming end + pipeline :activitypub do + plug :accepts, ["activity+json"] + plug Pleroma.Web.Plugs.HTTPSignaturePlug + end + + scope "/", Pleroma.Web.ActivityPub do + pipe_through :activitypub + post "/users/:nickname/inbox", ActivityPubController, :inbox + end + scope "/.well-known", Pleroma.Web do pipe_through :well_known diff --git a/lib/pleroma/web/web_finger/web_finger.ex b/lib/pleroma/web/web_finger/web_finger.ex index 95e717b17..09957e133 100644 --- a/lib/pleroma/web/web_finger/web_finger.ex +++ b/lib/pleroma/web/web_finger/web_finger.ex @@ -45,6 +45,7 @@ defmodule Pleroma.Web.WebFinger do {:Link, %{rel: "http://webfinger.net/rel/profile-page", type: "text/html", href: user.ap_id}}, {:Link, %{rel: "salmon", href: OStatus.salmon_path(user)}}, {:Link, %{rel: "magic-public-key", href: "data:application/magic-public-key,#{magic_key}"}}, + {:Link, %{rel: "self", type: "application/activity+json", href: user.ap_id}}, {:Link, %{rel: "http://ostatus.org/schema/1.0/subscribe", template: OStatus.remote_follow_path()}} ] } diff --git a/priv/repo/migrations/20171212163643_add_recipients_to_activities.exs b/priv/repo/migrations/20171212163643_add_recipients_to_activities.exs new file mode 100644 index 000000000..7bce78108 --- /dev/null +++ b/priv/repo/migrations/20171212163643_add_recipients_to_activities.exs @@ -0,0 +1,11 @@ +defmodule Pleroma.Repo.Migrations.AddRecipientsToActivities do + use Ecto.Migration + + def change do + alter table(:activities) do + add :recipients, {:array, :string} + end + + create index(:activities, [:recipients], using: :gin) + end +end diff --git a/priv/repo/migrations/20171212164525_fill_recipients_in_activities.exs b/priv/repo/migrations/20171212164525_fill_recipients_in_activities.exs new file mode 100644 index 000000000..1fcc0dabb --- /dev/null +++ b/priv/repo/migrations/20171212164525_fill_recipients_in_activities.exs @@ -0,0 +1,21 @@ +defmodule Pleroma.Repo.Migrations.FillRecipientsInActivities do + use Ecto.Migration + alias Pleroma.{Repo, Activity} + + def up do + max = Repo.aggregate(Activity, :max, :id) + if max do + IO.puts("#{max} activities") + chunks = 0..(round(max / 10_000)) + + Enum.each(chunks, fn (i) -> + min = i * 10_000 + max = min + 10_000 + execute(""" + update activities set recipients = array(select jsonb_array_elements_text(data->'to')) where id > #{min} and id <= #{max}; + """) + |> IO.inspect + end) + end + end +end diff --git a/test/web/activity_pub/activity_pub_controller_test.exs b/test/web/activity_pub/activity_pub_controller_test.exs new file mode 100644 index 000000000..21ed28cf2 --- /dev/null +++ b/test/web/activity_pub/activity_pub_controller_test.exs @@ -0,0 +1,39 @@ +defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do + use Pleroma.Web.ConnCase + import Pleroma.Factory + alias Pleroma.Web.ActivityPub.{UserView, ObjectView} + alias Pleroma.{Repo, User} + + describe "/users/:nickname" do + test "it returns a json representation of the user", %{conn: conn} do + user = insert(:user) + + conn = conn + |> put_req_header("accept", "application/activity+json") + |> get("/users/#{user.nickname}") + + user = Repo.get(User, user.id) + + assert json_response(conn, 200) == UserView.render("user.json", %{user: user}) + end + end + + describe "/object/:uuid" do + test "it returns a json representation of the object", %{conn: conn} do + note = insert(:note) + uuid = String.split(note.data["id"], "/") |> List.last + + conn = conn + |> put_req_header("accept", "application/activity+json") + |> get("/objects/#{uuid}") + + assert json_response(conn, 200) == ObjectView.render("object.json", %{object: note}) + end + end + + describe "/users/:nickname/inbox" do + test "it inserts an incoming activity into the database" do + assert false + end + end +end diff --git a/test/web/activity_pub/activity_pub_test.exs b/test/web/activity_pub/activity_pub_test.exs index f50509b63..a38ca84ad 100644 --- a/test/web/activity_pub/activity_pub_test.exs +++ b/test/web/activity_pub/activity_pub_test.exs @@ -53,6 +53,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubTest do {:ok, activity} = ActivityPub.create(["user1", "user1", "user2"], %User{ap_id: "1"}, "", %{}) assert activity.data["to"] == ["user1", "user2"] assert activity.actor == "1" + assert activity.recipients == ["user1", "user2"] end end diff --git a/test/web/activity_pub/views/object_view_test.exs b/test/web/activity_pub/views/object_view_test.exs new file mode 100644 index 000000000..6a1311be7 --- /dev/null +++ b/test/web/activity_pub/views/object_view_test.exs @@ -0,0 +1,17 @@ +defmodule Pleroma.Web.ActivityPub.ObjectViewTest do + use Pleroma.DataCase + import Pleroma.Factory + + alias Pleroma.Web.ActivityPub.ObjectView + + test "renders a note object" do + note = insert(:note) + + result = ObjectView.render("object.json", %{object: note}) + + assert result["id"] == note.data["id"] + assert result["to"] == note.data["to"] + assert result["content"] == note.data["content"] + assert result["type"] == "Note" + end +end diff --git a/test/web/activity_pub/views/user_view_test.exs b/test/web/activity_pub/views/user_view_test.exs new file mode 100644 index 000000000..0c64e62c3 --- /dev/null +++ b/test/web/activity_pub/views/user_view_test.exs @@ -0,0 +1,18 @@ +defmodule Pleroma.Web.ActivityPub.UserViewTest do + use Pleroma.DataCase + import Pleroma.Factory + + alias Pleroma.Web.ActivityPub.UserView + + test "Renders a user, including the public key" do + user = insert(:user) + {:ok, user} = Pleroma.Web.WebFinger.ensure_keys_present(user) + + result = UserView.render("user.json", %{user: user}) + + assert result["id"] == user.ap_id + assert result["preferredUsername"] == user.nickname + + assert String.contains?(result["publicKey"]["publicKeyPem"], "BEGIN RSA PUBLIC KEY") + end +end diff --git a/test/web/http_sigs/http_sig_test.exs b/test/web/http_sigs/http_sig_test.exs new file mode 100644 index 000000000..bd9e10b65 --- /dev/null +++ b/test/web/http_sigs/http_sig_test.exs @@ -0,0 +1,89 @@ +# http signatures +# Test data from https://tools.ietf.org/html/draft-cavage-http-signatures-08#appendix-C +defmodule Pleroma.Web.HTTPSignaturesTest do + use Pleroma.DataCase + alias Pleroma.Web.HTTPSignatures + + @private_key (hd(:public_key.pem_decode(File.read!("test/web/http_sigs/priv.key"))) + |> :public_key.pem_entry_decode()) + + @public_key (hd(:public_key.pem_decode(File.read!("test/web/http_sigs/pub.key"))) + |> :public_key.pem_entry_decode()) + + @headers %{ + "(request-target)" => "post /foo?param=value&pet=dog", + "host" => "example.com", + "date" => "Thu, 05 Jan 2014 21:31:40 GMT", + "content-type" => "application/json", + "digest" => "SHA-256=X48E9qOokqqrvdts8nOJRJN3OWDUoyWxBf7kbu9DBPE=", + "content-length" => "18" + } + + @body "{\"hello\": \"world\"}" + + @default_signature """ + keyId="Test",algorithm="rsa-sha256",signature="jKyvPcxB4JbmYY4mByyBY7cZfNl4OW9HpFQlG7N4YcJPteKTu4MWCLyk+gIr0wDgqtLWf9NLpMAMimdfsH7FSWGfbMFSrsVTHNTk0rK3usrfFnti1dxsM4jl0kYJCKTGI/UWkqiaxwNiKqGcdlEDrTcUhhsFsOIo8VhddmZTZ8w=" + """ + + @basic_signature """ + keyId="Test",algorithm="rsa-sha256",headers="(request-target) host date",signature="HUxc9BS3P/kPhSmJo+0pQ4IsCo007vkv6bUm4Qehrx+B1Eo4Mq5/6KylET72ZpMUS80XvjlOPjKzxfeTQj4DiKbAzwJAb4HX3qX6obQTa00/qPDXlMepD2JtTw33yNnm/0xV7fQuvILN/ys+378Ysi082+4xBQFwvhNvSoVsGv4=" + """ + + @all_headers_signature """ + keyId="Test",algorithm="rsa-sha256",headers="(request-target) host date content-type digest content-length",signature="Ef7MlxLXoBovhil3AlyjtBwAL9g4TN3tibLj7uuNB3CROat/9KaeQ4hW2NiJ+pZ6HQEOx9vYZAyi+7cmIkmJszJCut5kQLAwuX+Ms/mUFvpKlSo9StS2bMXDBNjOh4Auj774GFj4gwjS+3NhFeoqyr/MuN6HsEnkvn6zdgfE2i0=" + """ + + test "split up a signature" do + expected = %{ + "keyId" => "Test", + "algorithm" => "rsa-sha256", + "signature" => "jKyvPcxB4JbmYY4mByyBY7cZfNl4OW9HpFQlG7N4YcJPteKTu4MWCLyk+gIr0wDgqtLWf9NLpMAMimdfsH7FSWGfbMFSrsVTHNTk0rK3usrfFnti1dxsM4jl0kYJCKTGI/UWkqiaxwNiKqGcdlEDrTcUhhsFsOIo8VhddmZTZ8w=", + "headers" => ["date"] + } + + assert HTTPSignatures.split_signature(@default_signature) == expected + end + + test "validates the default case" do + signature = HTTPSignatures.split_signature(@default_signature) + assert HTTPSignatures.validate(@headers, signature, @public_key) + end + + test "validates the basic case" do + signature = HTTPSignatures.split_signature(@basic_signature) + assert HTTPSignatures.validate(@headers, signature, @public_key) + end + + test "validates the all-headers case" do + signature = HTTPSignatures.split_signature(@all_headers_signature) + assert HTTPSignatures.validate(@headers, signature, @public_key) + end + + test "it contructs a signing string" do + expected = "date: Thu, 05 Jan 2014 21:31:40 GMT\ncontent-length: 18" + assert expected == HTTPSignatures.build_signing_string(@headers, ["date", "content-length"]) + end + + test "it validates a conn" do + public_key_pem = "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGb42rPZIapY4Hfhxrgn\nxKVJczBkfDviCrrYaYjfGxawSw93dWTUlenCVTymJo8meBlFgIQ70ar4rUbzl6GX\nMYvRdku072d1WpglNHXkjKPkXQgngFDrh2sGKtNB/cEtJcAPRO8OiCgPFqRtMiNM\nc8VdPfPdZuHEIZsJ/aUM38EnqHi9YnVDQik2xxDe3wPghOhqjxUM6eLC9jrjI+7i\naIaEygUdyst9qVg8e2FGQlwAeS2Eh8ygCxn+bBlT5OyV59jSzbYfbhtF2qnWHtZy\nkL7KOOwhIfGs7O9SoR2ZVpTEQ4HthNzainIe/6iCR5HGrao/T8dygweXFYRv+k5A\nPQIDAQAB\n-----END PUBLIC KEY-----\n" + [public_key] = :public_key.pem_decode(public_key_pem) + + public_key = public_key + |> :public_key.pem_entry_decode() + + conn = %{ + req_headers: [ + {"host", "localtesting.pleroma.lol"}, + {"connection", "close"}, + {"content-length", "2316"}, + {"user-agent", "http.rb/2.2.2 (Mastodon/2.1.0.rc3; +http://mastodon.example.org/)"}, + {"date", "Sun, 10 Dec 2017 14:23:49 GMT"}, + {"digest", "SHA-256=x/bHADMW8qRrq2NdPb5P9fl0lYpKXXpe5h5maCIL0nM="}, + {"content-type", "application/activity+json"}, + {"(request-target)", "post /users/demiurge/inbox"}, + {"signature", "keyId=\"http://mastodon.example.org/users/admin#main-key\",algorithm=\"rsa-sha256\",headers=\"(request-target) user-agent host date digest content-type\",signature=\"i0FQvr51sj9BoWAKydySUAO1RDxZmNY6g7M62IA7VesbRSdFZZj9/fZapLp6YSuvxUF0h80ZcBEq9GzUDY3Chi9lx6yjpUAS2eKb+Am/hY3aswhnAfYd6FmIdEHzsMrpdKIRqO+rpQ2tR05LwiGEHJPGS0p528NvyVxrxMT5H5yZS5RnxY5X2HmTKEgKYYcvujdv7JWvsfH88xeRS7Jlq5aDZkmXvqoR4wFyfgnwJMPLel8P/BUbn8BcXglH/cunR0LUP7sflTxEz+Rv5qg+9yB8zgBsB4C0233WpcJxjeD6Dkq0EcoJObBR56F8dcb7NQtUDu7x6xxzcgSd7dHm5w==\""}] + } + + assert HTTPSignatures.validate_conn(conn, public_key) + end +end diff --git a/test/web/http_sigs/priv.key b/test/web/http_sigs/priv.key new file mode 100644 index 000000000..425518a06 --- /dev/null +++ b/test/web/http_sigs/priv.key @@ -0,0 +1,15 @@ +-----BEGIN RSA PRIVATE KEY----- +MIICXgIBAAKBgQDCFENGw33yGihy92pDjZQhl0C36rPJj+CvfSC8+q28hxA161QF +NUd13wuCTUcq0Qd2qsBe/2hFyc2DCJJg0h1L78+6Z4UMR7EOcpfdUE9Hf3m/hs+F +UR45uBJeDK1HSFHD8bHKD6kv8FPGfJTotc+2xjJwoYi+1hqp1fIekaxsyQIDAQAB +AoGBAJR8ZkCUvx5kzv+utdl7T5MnordT1TvoXXJGXK7ZZ+UuvMNUCdN2QPc4sBiA +QWvLw1cSKt5DsKZ8UETpYPy8pPYnnDEz2dDYiaew9+xEpubyeW2oH4Zx71wqBtOK +kqwrXa/pzdpiucRRjk6vE6YY7EBBs/g7uanVpGibOVAEsqH1AkEA7DkjVH28WDUg +f1nqvfn2Kj6CT7nIcE3jGJsZZ7zlZmBmHFDONMLUrXR/Zm3pR5m0tCmBqa5RK95u +412jt1dPIwJBANJT3v8pnkth48bQo/fKel6uEYyboRtA5/uHuHkZ6FQF7OUkGogc +mSJluOdc5t6hI1VsLn0QZEjQZMEOWr+wKSMCQQCC4kXJEsHAve77oP6HtG/IiEn7 +kpyUXRNvFsDE0czpJJBvL/aRFUJxuRK91jhjC68sA7NsKMGg5OXb5I5Jj36xAkEA +gIT7aFOYBFwGgQAQkWNKLvySgKbAZRTeLBacpHMuQdl1DfdntvAyqpAZ0lY0RKmW +G6aFKaqQfOXKCyWoUiVknQJAXrlgySFci/2ueKlIE1QqIiLSZ8V8OlpFLRnb1pzI +7U1yQXnTAEFYM560yJlzUpOb1V4cScGd365tiSMvxLOvTA== +-----END RSA PRIVATE KEY----- diff --git a/test/web/http_sigs/pub.key b/test/web/http_sigs/pub.key new file mode 100644 index 000000000..b3bbf6cb9 --- /dev/null +++ b/test/web/http_sigs/pub.key @@ -0,0 +1,6 @@ +-----BEGIN PUBLIC KEY----- +MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCFENGw33yGihy92pDjZQhl0C3 +6rPJj+CvfSC8+q28hxA161QFNUd13wuCTUcq0Qd2qsBe/2hFyc2DCJJg0h1L78+6 +Z4UMR7EOcpfdUE9Hf3m/hs+FUR45uBJeDK1HSFHD8bHKD6kv8FPGfJTotc+2xjJw +oYi+1hqp1fIekaxsyQIDAQAB +-----END PUBLIC KEY----- |