parent
d7ffb47fb2
commit
62f2b867b9
|
@ -84,7 +84,7 @@ class HttpSignature:
|
||||||
headers = {}
|
headers = {}
|
||||||
for header_name in header_names:
|
for header_name in header_names:
|
||||||
if header_name == "(request-target)":
|
if header_name == "(request-target)":
|
||||||
value = f"post {request.path}"
|
value = f"{request.method.lower()} {request.path}"
|
||||||
elif header_name == "content-type":
|
elif header_name == "content-type":
|
||||||
value = request.META["CONTENT_TYPE"]
|
value = request.META["CONTENT_TYPE"]
|
||||||
else:
|
else:
|
||||||
|
|
|
@ -0,0 +1,33 @@
|
||||||
|
import pytest
|
||||||
|
from asgiref.sync import async_to_sync
|
||||||
|
from django.test.client import RequestFactory
|
||||||
|
from pytest_httpx import HTTPXMock
|
||||||
|
|
||||||
|
from core.signatures import HttpSignature
|
||||||
|
from users.models import SystemActor
|
||||||
|
|
||||||
|
|
||||||
|
@pytest.mark.django_db
|
||||||
|
def test_system_actor_signed(config_system, httpx_mock: HTTPXMock):
|
||||||
|
"""
|
||||||
|
Tests that the system actor signs requests properly
|
||||||
|
"""
|
||||||
|
system_actor = SystemActor()
|
||||||
|
system_actor.generate_keys()
|
||||||
|
# Send a fake outbound request
|
||||||
|
httpx_mock.add_response()
|
||||||
|
async_to_sync(system_actor.signed_request)(
|
||||||
|
method="get",
|
||||||
|
uri="http://example.com/test-actor",
|
||||||
|
)
|
||||||
|
# Retrieve it and construct a fake request object
|
||||||
|
outbound_request = httpx_mock.get_request()
|
||||||
|
fake_request = RequestFactory().get(
|
||||||
|
path="/test-actor",
|
||||||
|
HTTP_HOST="example.com",
|
||||||
|
HTTP_DATE=outbound_request.headers["date"],
|
||||||
|
HTTP_SIGNATURE=outbound_request.headers["signature"],
|
||||||
|
HTTP_ACCEPT=outbound_request.headers["accept"],
|
||||||
|
)
|
||||||
|
# Verify that
|
||||||
|
HttpSignature.verify_request(fake_request, system_actor.public_key)
|
|
@ -398,10 +398,10 @@ class Identity(StatorModel):
|
||||||
"""
|
"""
|
||||||
domain = handle.split("@")[1].lower()
|
domain = handle.split("@")[1].lower()
|
||||||
try:
|
try:
|
||||||
response = await SystemActor().signed_request(
|
async with httpx.AsyncClient() as client:
|
||||||
method="get",
|
response = await client.get(
|
||||||
uri=f"https://{domain}/.well-known/webfinger?resource=acct:{handle}",
|
f"https://{domain}/.well-known/webfinger?resource=acct:{handle}",
|
||||||
)
|
)
|
||||||
except (httpx.RequestError, httpx.ConnectError):
|
except (httpx.RequestError, httpx.ConnectError):
|
||||||
return None, None
|
return None, None
|
||||||
if response.status_code in [404, 410]:
|
if response.status_code in [404, 410]:
|
||||||
|
|
|
@ -49,6 +49,7 @@ class SystemActor:
|
||||||
"preferredUsername": self.username,
|
"preferredUsername": self.username,
|
||||||
"url": self.profile_uri,
|
"url": self.profile_uri,
|
||||||
"manuallyApprovesFollowers": True,
|
"manuallyApprovesFollowers": True,
|
||||||
|
"toot:discoverable": False,
|
||||||
"publicKey": {
|
"publicKey": {
|
||||||
"id": self.public_key_id,
|
"id": self.public_key_id,
|
||||||
"owner": self.actor_uri,
|
"owner": self.actor_uri,
|
||||||
|
|
|
@ -219,5 +219,6 @@ class SystemActorView(View):
|
||||||
canonicalise(
|
canonicalise(
|
||||||
SystemActor().to_ap(),
|
SystemActor().to_ap(),
|
||||||
include_security=True,
|
include_security=True,
|
||||||
)
|
),
|
||||||
|
content_type="application/activity+json",
|
||||||
)
|
)
|
||||||
|
|
Loading…
Reference in New Issue