diff options
Diffstat (limited to 'tests/integration/api_activitypub_repository_test.go')
-rw-r--r-- | tests/integration/api_activitypub_repository_test.go | 249 |
1 files changed, 249 insertions, 0 deletions
diff --git a/tests/integration/api_activitypub_repository_test.go b/tests/integration/api_activitypub_repository_test.go new file mode 100644 index 0000000..737f580 --- /dev/null +++ b/tests/integration/api_activitypub_repository_test.go @@ -0,0 +1,249 @@ +// Copyright 2024 The Forgejo Authors. All rights reserved. +// SPDX-License-Identifier: MIT + +package integration + +import ( + "fmt" + "net/http" + "net/http/httptest" + "net/url" + "testing" + "time" + + "code.gitea.io/gitea/models/db" + "code.gitea.io/gitea/models/forgefed" + "code.gitea.io/gitea/models/unittest" + "code.gitea.io/gitea/models/user" + "code.gitea.io/gitea/modules/activitypub" + forgefed_modules "code.gitea.io/gitea/modules/forgefed" + "code.gitea.io/gitea/modules/setting" + "code.gitea.io/gitea/routers" + + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" +) + +func TestActivityPubRepository(t *testing.T) { + setting.Federation.Enabled = true + testWebRoutes = routers.NormalRoutes() + defer func() { + setting.Federation.Enabled = false + testWebRoutes = routers.NormalRoutes() + }() + + onGiteaRun(t, func(*testing.T, *url.URL) { + repositoryID := 2 + req := NewRequest(t, "GET", fmt.Sprintf("/api/v1/activitypub/repository-id/%v", repositoryID)) + resp := MakeRequest(t, req, http.StatusOK) + body := resp.Body.Bytes() + assert.Contains(t, string(body), "@context") + + var repository forgefed_modules.Repository + err := repository.UnmarshalJSON(body) + require.NoError(t, err) + + assert.Regexp(t, fmt.Sprintf("activitypub/repository-id/%v$", repositoryID), repository.GetID().String()) + }) +} + +func TestActivityPubMissingRepository(t *testing.T) { + setting.Federation.Enabled = true + testWebRoutes = routers.NormalRoutes() + defer func() { + setting.Federation.Enabled = false + testWebRoutes = routers.NormalRoutes() + }() + + onGiteaRun(t, func(*testing.T, *url.URL) { + repositoryID := 9999999 + req := NewRequest(t, "GET", fmt.Sprintf("/api/v1/activitypub/repository-id/%v", repositoryID)) + resp := MakeRequest(t, req, http.StatusNotFound) + assert.Contains(t, resp.Body.String(), "repository does not exist") + }) +} + +func TestActivityPubRepositoryInboxValid(t *testing.T) { + setting.Federation.Enabled = true + testWebRoutes = routers.NormalRoutes() + defer func() { + setting.Federation.Enabled = false + testWebRoutes = routers.NormalRoutes() + }() + + srv := httptest.NewServer(testWebRoutes) + defer srv.Close() + + federatedRoutes := http.NewServeMux() + federatedRoutes.HandleFunc("/.well-known/nodeinfo", + func(res http.ResponseWriter, req *http.Request) { + // curl -H "Accept: application/json" https://federated-repo.prod.meissa.de/.well-known/nodeinfo + responseBody := fmt.Sprintf(`{"links":[{"href":"http://%s/api/v1/nodeinfo","rel":"http://nodeinfo.diaspora.software/ns/schema/2.1"}]}`, req.Host) + t.Logf("response: %s", responseBody) + // TODO: as soon as content-type will become important: content-type: application/json;charset=utf-8 + fmt.Fprint(res, responseBody) + }) + federatedRoutes.HandleFunc("/api/v1/nodeinfo", + func(res http.ResponseWriter, req *http.Request) { + // curl -H "Accept: application/json" https://federated-repo.prod.meissa.de/api/v1/nodeinfo + responseBody := fmt.Sprintf(`{"version":"2.1","software":{"name":"forgejo","version":"1.20.0+dev-3183-g976d79044",` + + `"repository":"https://codeberg.org/forgejo/forgejo.git","homepage":"https://forgejo.org/"},` + + `"protocols":["activitypub"],"services":{"inbound":[],"outbound":["rss2.0"]},` + + `"openRegistrations":true,"usage":{"users":{"total":14,"activeHalfyear":2}},"metadata":{}}`) + fmt.Fprint(res, responseBody) + }) + federatedRoutes.HandleFunc("/api/v1/activitypub/user-id/15", + func(res http.ResponseWriter, req *http.Request) { + // curl -H "Accept: application/json" https://federated-repo.prod.meissa.de/api/v1/activitypub/user-id/2 + responseBody := fmt.Sprintf(`{"@context":["https://www.w3.org/ns/activitystreams","https://w3id.org/security/v1"],` + + `"id":"https://federated-repo.prod.meissa.de/api/v1/activitypub/user-id/15","type":"Person",` + + `"icon":{"type":"Image","mediaType":"image/png","url":"https://federated-repo.prod.meissa.de/avatars/1bb05d9a5f6675ed0272af9ea193063c"},` + + `"url":"https://federated-repo.prod.meissa.de/stargoose1","inbox":"https://federated-repo.prod.meissa.de/api/v1/activitypub/user-id/15/inbox",` + + `"outbox":"https://federated-repo.prod.meissa.de/api/v1/activitypub/user-id/15/outbox","preferredUsername":"stargoose1",` + + `"publicKey":{"id":"https://federated-repo.prod.meissa.de/api/v1/activitypub/user-id/15#main-key","owner":"https://federated-repo.prod.meissa.de/api/v1/activitypub/user-id/15",` + + `"publicKeyPem":"-----BEGIN PUBLIC KEY-----\nMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEA18H5s7N6ItZUAh9tneII\nIuZdTTa3cZlLa/9ejWAHTkcp3WLW+/zbsumlMrWYfBy2/yTm56qasWt38iY4D6ul\n` + + `CPiwhAqX3REvVq8tM79a2CEqZn9ka6vuXoDgBg/sBf/BUWqf7orkjUXwk/U0Egjf\nk5jcurF4vqf1u+rlAHH37dvSBaDjNj6Qnj4OP12bjfaY/yvs7+jue/eNXFHjzN4E\n` + + `T2H4B/yeKTJ4UuAwTlLaNbZJul2baLlHelJPAsxiYaziVuV5P+IGWckY6RSerRaZ\nAkc4mmGGtjAyfN9aewe+lNVfwS7ElFx546PlLgdQgjmeSwLX8FWxbPE5A/PmaXCs\n` + + `nx+nou+3dD7NluULLtdd7K+2x02trObKXCAzmi5/Dc+yKTzpFqEz+hLNCz7TImP/\ncK//NV9Q+X67J9O27baH9R9ZF4zMw8rv2Pg0WLSw1z7lLXwlgIsDapeMCsrxkVO4\n` + + `LXX5AQ1xQNtlssnVoUBqBrvZsX2jUUKUocvZqMGuE4hfAgMBAAE=\n-----END PUBLIC KEY-----\n"}}`) + fmt.Fprint(res, responseBody) + }) + federatedRoutes.HandleFunc("/api/v1/activitypub/user-id/30", + func(res http.ResponseWriter, req *http.Request) { + // curl -H "Accept: application/json" https://federated-repo.prod.meissa.de/api/v1/activitypub/user-id/3 + responseBody := fmt.Sprintf(`{"@context":["https://www.w3.org/ns/activitystreams","https://w3id.org/security/v1"],` + + `"id":"https://federated-repo.prod.meissa.de/api/v1/activitypub/user-id/30","type":"Person",` + + `"icon":{"type":"Image","mediaType":"image/png","url":"https://federated-repo.prod.meissa.de/avatars/9c03f03d1c1f13f21976a22489326fe1"},` + + `"url":"https://federated-repo.prod.meissa.de/stargoose2","inbox":"https://federated-repo.prod.meissa.de/api/v1/activitypub/user-id/30/inbox",` + + `"outbox":"https://federated-repo.prod.meissa.de/api/v1/activitypub/user-id/30/outbox","preferredUsername":"stargoose2",` + + `"publicKey":{"id":"https://federated-repo.prod.meissa.de/api/v1/activitypub/user-id/30#main-key","owner":"https://federated-repo.prod.meissa.de/api/v1/activitypub/user-id/30",` + + `"publicKeyPem":"-----BEGIN PUBLIC KEY-----\nMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAyv5NytsfqpWXSrwuk8a3\n0W1zE13QJioXb/e3opgN2CfKZkdm3hb+4+mGKoU/rCqegnL9/AO0Aw+R8fCHXx44\n` + + `iNkdVpdY8Dzq+tQ9IetPWbyVIBvSzGgvpqfS05JuVPsy8cBX9wByODjr5kq7k1/v\nY1G7E3uh0a/XJc+mZutwGC3gPgR93NSrqsvTPN4wdhCCu9uj02S8OBoKuSYaPkU+\n` + + `tZ4CEDpnclAOw/eNiH4x2irMvVtruEgtlTA5K2I4YJrmtGLidus47FCyc8/zEKUh\nAeiD8KWDvqsQgOhUwcQgRxAnYVCoMD9cnE+WFFRHTuQecNlmdNFs3Cr0yKcWjDde\n` + + `trvnehW7LfPveGb0tHRHPuVAJpncTOidUR5h/7pqMyvKHzuAHWomm9rEaGUxd/7a\nL1CFjAf39+QIEgu0Anj8mIc7CTiz+DQhDz+0jBOsQ0iDXc5GeBz7X9Xv4Jp966nq\n` + + `MUR0GQGXvfZQN9IqMO+WoUVy10Ddhns1EWGlA0x4fecnAgMBAAE=\n-----END PUBLIC KEY-----\n"}}`) + fmt.Fprint(res, responseBody) + }) + federatedRoutes.HandleFunc("/", + func(res http.ResponseWriter, req *http.Request) { + t.Errorf("Unhandled request: %q", req.URL.EscapedPath()) + }) + federatedSrv := httptest.NewServer(federatedRoutes) + defer federatedSrv.Close() + + onGiteaRun(t, func(*testing.T, *url.URL) { + appURL := setting.AppURL + setting.AppURL = srv.URL + "/" + defer func() { + setting.Database.LogSQL = false + setting.AppURL = appURL + }() + actionsUser := user.NewActionsUser() + repositoryID := 2 + cf, err := activitypub.GetClientFactory(db.DefaultContext) + require.NoError(t, err) + c, err := cf.WithKeys(db.DefaultContext, actionsUser, "not used") + require.NoError(t, err) + repoInboxURL := fmt.Sprintf( + "%s/api/v1/activitypub/repository-id/%v/inbox", + srv.URL, repositoryID) + + timeNow := time.Now().UTC() + + activity1 := []byte(fmt.Sprintf( + `{"type":"Like",`+ + `"startTime":"%s",`+ + `"actor":"%s/api/v1/activitypub/user-id/15",`+ + `"object":"%s/api/v1/activitypub/repository-id/%v"}`, + timeNow.Format(time.RFC3339), + federatedSrv.URL, srv.URL, repositoryID)) + t.Logf("activity: %s", activity1) + resp, err := c.Post(activity1, repoInboxURL) + + require.NoError(t, err) + assert.Equal(t, http.StatusNoContent, resp.StatusCode) + + federationHost := unittest.AssertExistsAndLoadBean(t, &forgefed.FederationHost{HostFqdn: "127.0.0.1"}) + federatedUser := unittest.AssertExistsAndLoadBean(t, &user.FederatedUser{ExternalID: "15", FederationHostID: federationHost.ID}) + unittest.AssertExistsAndLoadBean(t, &user.User{ID: federatedUser.UserID}) + + // A like activity by a different user of the same federated host. + activity2 := []byte(fmt.Sprintf( + `{"type":"Like",`+ + `"startTime":"%s",`+ + `"actor":"%s/api/v1/activitypub/user-id/30",`+ + `"object":"%s/api/v1/activitypub/repository-id/%v"}`, + // Make sure this activity happens later then the one before + timeNow.Add(time.Second).Format(time.RFC3339), + federatedSrv.URL, srv.URL, repositoryID)) + t.Logf("activity: %s", activity2) + resp, err = c.Post(activity2, repoInboxURL) + + require.NoError(t, err) + assert.Equal(t, http.StatusNoContent, resp.StatusCode) + + federatedUser = unittest.AssertExistsAndLoadBean(t, &user.FederatedUser{ExternalID: "30", FederationHostID: federationHost.ID}) + unittest.AssertExistsAndLoadBean(t, &user.User{ID: federatedUser.UserID}) + + // The same user sends another like activity + otherRepositoryID := 3 + otherRepoInboxURL := fmt.Sprintf( + "%s/api/v1/activitypub/repository-id/%v/inbox", + srv.URL, otherRepositoryID) + activity3 := []byte(fmt.Sprintf( + `{"type":"Like",`+ + `"startTime":"%s",`+ + `"actor":"%s/api/v1/activitypub/user-id/30",`+ + `"object":"%s/api/v1/activitypub/repository-id/%v"}`, + // Make sure this activity happens later then the ones before + timeNow.Add(time.Second*2).Format(time.RFC3339), + federatedSrv.URL, srv.URL, otherRepositoryID)) + t.Logf("activity: %s", activity3) + resp, err = c.Post(activity3, otherRepoInboxURL) + + require.NoError(t, err) + assert.Equal(t, http.StatusNoContent, resp.StatusCode) + + federatedUser = unittest.AssertExistsAndLoadBean(t, &user.FederatedUser{ExternalID: "30", FederationHostID: federationHost.ID}) + unittest.AssertExistsAndLoadBean(t, &user.User{ID: federatedUser.UserID}) + + // Replay activity2. + resp, err = c.Post(activity2, repoInboxURL) + require.NoError(t, err) + assert.Equal(t, http.StatusNotAcceptable, resp.StatusCode) + }) +} + +func TestActivityPubRepositoryInboxInvalid(t *testing.T) { + setting.Federation.Enabled = true + testWebRoutes = routers.NormalRoutes() + defer func() { + setting.Federation.Enabled = false + testWebRoutes = routers.NormalRoutes() + }() + + srv := httptest.NewServer(testWebRoutes) + defer srv.Close() + + onGiteaRun(t, func(*testing.T, *url.URL) { + appURL := setting.AppURL + setting.AppURL = srv.URL + "/" + defer func() { + setting.Database.LogSQL = false + setting.AppURL = appURL + }() + actionsUser := user.NewActionsUser() + repositoryID := 2 + cf, err := activitypub.GetClientFactory(db.DefaultContext) + require.NoError(t, err) + c, err := cf.WithKeys(db.DefaultContext, actionsUser, "not used") + require.NoError(t, err) + repoInboxURL := fmt.Sprintf("%s/api/v1/activitypub/repository-id/%v/inbox", + srv.URL, repositoryID) + + activity := []byte(`{"type":"Wrong"}`) + resp, err := c.Post(activity, repoInboxURL) + require.NoError(t, err) + assert.Equal(t, http.StatusNotAcceptable, resp.StatusCode) + }) +} |