2018-12-23 20:11:29 +00:00
|
|
|
# Pleroma: A lightweight social networking server
|
2023-01-01 11:11:47 +00:00
|
|
|
# Copyright © 2017-2023 Pleroma Authors <https://pleroma.social/>
|
2018-12-23 20:11:29 +00:00
|
|
|
# SPDX-License-Identifier: AGPL-3.0-only
|
|
|
|
|
2018-12-17 16:09:06 +00:00
|
|
|
defmodule Pleroma.Integration.MastodonWebsocketTest do
|
2020-12-21 11:21:40 +00:00
|
|
|
# Needs a streamer, needs to stay synchronous
|
2018-12-17 16:09:06 +00:00
|
|
|
use Pleroma.DataCase
|
|
|
|
|
2019-09-13 15:46:41 +00:00
|
|
|
import ExUnit.CaptureLog
|
2018-12-17 16:09:06 +00:00
|
|
|
import Pleroma.Factory
|
|
|
|
|
2019-03-05 02:52:23 +00:00
|
|
|
alias Pleroma.Integration.WebsocketClient
|
2018-12-17 16:09:06 +00:00
|
|
|
alias Pleroma.Web.CommonAPI
|
|
|
|
alias Pleroma.Web.OAuth
|
|
|
|
|
2020-05-07 09:13:32 +00:00
|
|
|
@moduletag needs_streamer: true, capture_log: true
|
|
|
|
|
2018-12-17 16:09:06 +00:00
|
|
|
@path Pleroma.Web.Endpoint.url()
|
|
|
|
|> URI.parse()
|
|
|
|
|> Map.put(:scheme, "ws")
|
|
|
|
|> Map.put(:path, "/api/v1/streaming")
|
|
|
|
|> URI.to_string()
|
|
|
|
|
|
|
|
def start_socket(qs \\ nil, headers \\ []) do
|
|
|
|
path =
|
|
|
|
case qs do
|
|
|
|
nil -> @path
|
|
|
|
qs -> @path <> qs
|
|
|
|
end
|
|
|
|
|
2022-09-02 22:35:40 +00:00
|
|
|
WebsocketClient.start_link(self(), path, headers)
|
2018-12-17 16:09:06 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
test "refuses invalid requests" do
|
2019-09-13 15:46:41 +00:00
|
|
|
capture_log(fn ->
|
2022-08-19 17:56:39 +00:00
|
|
|
assert {:error, %WebSockex.RequestError{code: 404}} = start_socket()
|
|
|
|
assert {:error, %WebSockex.RequestError{code: 404}} = start_socket("?stream=ncjdk")
|
2019-09-17 14:44:52 +00:00
|
|
|
Process.sleep(30)
|
2019-09-13 15:46:41 +00:00
|
|
|
end)
|
2018-12-17 16:09:06 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
test "requires authentication and a valid token for protected streams" do
|
2019-09-13 15:46:41 +00:00
|
|
|
capture_log(fn ->
|
2022-08-19 17:56:39 +00:00
|
|
|
assert {:error, %WebSockex.RequestError{code: 401}} =
|
|
|
|
start_socket("?stream=user&access_token=aaaaaaaaaaaa")
|
|
|
|
|
|
|
|
assert {:error, %WebSockex.RequestError{code: 401}} = start_socket("?stream=user")
|
2019-09-17 14:44:52 +00:00
|
|
|
Process.sleep(30)
|
2019-09-13 15:46:41 +00:00
|
|
|
end)
|
2018-12-17 16:09:06 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
test "allows public streams without authentication" do
|
|
|
|
assert {:ok, _} = start_socket("?stream=public")
|
|
|
|
assert {:ok, _} = start_socket("?stream=public:local")
|
2020-10-09 01:01:48 +00:00
|
|
|
assert {:ok, _} = start_socket("?stream=public:remote&instance=lain.com")
|
2018-12-17 16:09:06 +00:00
|
|
|
assert {:ok, _} = start_socket("?stream=hashtag&tag=lain")
|
|
|
|
end
|
|
|
|
|
|
|
|
test "receives well formatted events" do
|
|
|
|
user = insert(:user)
|
|
|
|
{:ok, _} = start_socket("?stream=public")
|
2020-05-12 19:59:26 +00:00
|
|
|
{:ok, activity} = CommonAPI.post(user, %{status: "nice echo chamber"})
|
2018-12-17 16:09:06 +00:00
|
|
|
|
|
|
|
assert_receive {:text, raw_json}, 1_000
|
|
|
|
assert {:ok, json} = Jason.decode(raw_json)
|
|
|
|
|
|
|
|
assert "update" == json["event"]
|
|
|
|
assert json["payload"]
|
|
|
|
assert {:ok, json} = Jason.decode(json["payload"])
|
|
|
|
|
|
|
|
view_json =
|
2019-09-09 14:49:02 +00:00
|
|
|
Pleroma.Web.MastodonAPI.StatusView.render("show.json", activity: activity, for: nil)
|
2018-12-17 16:09:06 +00:00
|
|
|
|> Jason.encode!()
|
|
|
|
|> Jason.decode!()
|
|
|
|
|
|
|
|
assert json == view_json
|
|
|
|
end
|
|
|
|
|
|
|
|
describe "with a valid user token" do
|
|
|
|
setup do
|
|
|
|
{:ok, app} =
|
|
|
|
Pleroma.Repo.insert(
|
|
|
|
OAuth.App.register_changeset(%OAuth.App{}, %{
|
|
|
|
client_name: "client",
|
2020-09-19 16:16:55 +00:00
|
|
|
scopes: ["read"],
|
2018-12-17 16:09:06 +00:00
|
|
|
redirect_uris: "url"
|
|
|
|
})
|
|
|
|
)
|
|
|
|
|
|
|
|
user = insert(:user)
|
|
|
|
|
|
|
|
{:ok, auth} = OAuth.Authorization.create_authorization(app, user)
|
|
|
|
|
|
|
|
{:ok, token} = OAuth.Token.exchange_token(app, auth)
|
|
|
|
|
2022-08-19 18:09:42 +00:00
|
|
|
%{app: app, user: user, token: token}
|
2018-12-17 16:09:06 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
test "accepts valid tokens", state do
|
|
|
|
assert {:ok, _} = start_socket("?stream=user&access_token=#{state.token.token}")
|
|
|
|
end
|
2019-06-16 10:33:25 +00:00
|
|
|
|
|
|
|
test "accepts the 'user' stream", %{token: token} = _state do
|
|
|
|
assert {:ok, _} = start_socket("?stream=user&access_token=#{token.token}")
|
2019-09-13 15:46:41 +00:00
|
|
|
|
2020-09-10 18:28:47 +00:00
|
|
|
capture_log(fn ->
|
2022-08-19 17:56:39 +00:00
|
|
|
assert {:error, %WebSockex.RequestError{code: 401}} = start_socket("?stream=user")
|
2020-09-10 18:28:47 +00:00
|
|
|
Process.sleep(30)
|
|
|
|
end)
|
2019-06-16 10:33:25 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
test "accepts the 'user:notification' stream", %{token: token} = _state do
|
|
|
|
assert {:ok, _} = start_socket("?stream=user:notification&access_token=#{token.token}")
|
2019-09-13 15:46:41 +00:00
|
|
|
|
2020-09-10 18:28:47 +00:00
|
|
|
capture_log(fn ->
|
2022-08-19 17:56:39 +00:00
|
|
|
assert {:error, %WebSockex.RequestError{code: 401}} =
|
|
|
|
start_socket("?stream=user:notification")
|
|
|
|
|
2020-09-10 18:28:47 +00:00
|
|
|
Process.sleep(30)
|
|
|
|
end)
|
2019-06-16 10:33:25 +00:00
|
|
|
end
|
2019-07-07 06:58:24 +00:00
|
|
|
|
|
|
|
test "accepts valid token on Sec-WebSocket-Protocol header", %{token: token} do
|
|
|
|
assert {:ok, _} = start_socket("?stream=user", [{"Sec-WebSocket-Protocol", token.token}])
|
|
|
|
|
2020-09-10 18:28:47 +00:00
|
|
|
capture_log(fn ->
|
2022-08-19 17:56:39 +00:00
|
|
|
assert {:error, %WebSockex.RequestError{code: 401}} =
|
2020-09-10 18:28:47 +00:00
|
|
|
start_socket("?stream=user", [{"Sec-WebSocket-Protocol", "I am a friend"}])
|
2019-09-17 14:44:52 +00:00
|
|
|
|
2020-09-10 18:28:47 +00:00
|
|
|
Process.sleep(30)
|
|
|
|
end)
|
2019-07-07 06:58:24 +00:00
|
|
|
end
|
2022-08-19 18:09:42 +00:00
|
|
|
|
|
|
|
test "disconnect when token is revoked", %{app: app, user: user, token: token} do
|
|
|
|
assert {:ok, _} = start_socket("?stream=user:notification&access_token=#{token.token}")
|
|
|
|
assert {:ok, _} = start_socket("?stream=user&access_token=#{token.token}")
|
|
|
|
|
|
|
|
{:ok, auth} = OAuth.Authorization.create_authorization(app, user)
|
|
|
|
|
|
|
|
{:ok, token2} = OAuth.Token.exchange_token(app, auth)
|
|
|
|
assert {:ok, _} = start_socket("?stream=user&access_token=#{token2.token}")
|
|
|
|
|
|
|
|
OAuth.Token.Strategy.Revoke.revoke(token)
|
|
|
|
|
|
|
|
assert_receive {:close, _}
|
|
|
|
assert_receive {:close, _}
|
|
|
|
refute_receive {:close, _}
|
|
|
|
end
|
2018-12-17 16:09:06 +00:00
|
|
|
end
|
|
|
|
end
|