signature: properly deduce the actor from misskey key IDs

This commit is contained in:
Ariadne Conill 2019-07-23 16:47:22 +00:00
parent a042a7ac6d
commit e7c64f106e
2 changed files with 27 additions and 9 deletions

View File

@ -10,9 +10,18 @@ defmodule Pleroma.Signature do
alias Pleroma.Web.ActivityPub.ActivityPub
def key_id_to_actor_id(key_id) do
uri =
URI.parse(key_id)
|> Map.put(:fragment, nil)
|> URI.to_string()
uri =
if String.ends_with?(uri.path, "/publickey") do
Map.put(uri, :path, String.replace(uri.path, "/publickey", ""))
else
uri
end
URI.to_string(uri)
end
def fetch_public_key(conn) do

View File

@ -48,16 +48,14 @@ defmodule Pleroma.SignatureTest do
test "it returns error when not found user" do
assert capture_log(fn ->
assert Signature.fetch_public_key(make_fake_conn("test-ap_id")) ==
{:error, :error}
assert Signature.fetch_public_key(make_fake_conn("test-ap_id")) == {:error, :error}
end) =~ "[error] Could not decode user"
end
test "it returns error if public key is empty" do
user = insert(:user, %{info: %{source_data: %{"publicKey" => %{}}}})
assert Signature.fetch_public_key(make_fake_conn(user.ap_id)) ==
{:error, :error}
assert Signature.fetch_public_key(make_fake_conn(user.ap_id)) == {:error, :error}
end
end
@ -65,8 +63,7 @@ defmodule Pleroma.SignatureTest do
test "it returns key" do
ap_id = "https://mastodon.social/users/lambadalambda"
assert Signature.refetch_public_key(make_fake_conn(ap_id)) ==
{:ok, @rsa_public_key}
assert Signature.refetch_public_key(make_fake_conn(ap_id)) == {:ok, @rsa_public_key}
end
test "it returns error when not found user" do
@ -105,4 +102,16 @@ defmodule Pleroma.SignatureTest do
) == {:error, []}
end
end
describe "key_id_to_actor_id/1" do
test "it properly deduces the actor id for misskey" do
assert Signature.key_id_to_actor_id("https://example.com/users/1234/publickey") ==
"https://example.com/users/1234"
end
test "it properly deduces the actor id for mastodon and pleroma" do
assert Signature.key_id_to_actor_id("https://example.com/users/1234#main-key") ==
"https://example.com/users/1234"
end
end
end