cherrypick/packages/backend/test/unit/ap-request.ts

/*
 * SPDX-FileCopyrightText: syuilo and other misskey contributors
 * SPDX-License-Identifier: AGPL-3.0-only
 */

import * as assert from 'assert';
import httpSignature from '@peertube/http-signature';

import { genRsaKeyPair } from '@/misc/gen-key-pair.js';
import { ApRequestCreator } from '@/core/activitypub/ApRequestService.js';

export const buildParsedSignature = (signingString: string, signature: string, algorithm: string) => {
	return {
		scheme: 'Signature',
		params: {
			keyId: 'KeyID',	// dummy, not used for verify
			algorithm: algorithm,
			headers: ['(request-target)', 'date', 'host', 'digest'],	// dummy, not used for verify
			signature: signature,
		},
		signingString: signingString,
		algorithm: algorithm.toUpperCase(),
		keyId: 'KeyID',	// dummy, not used for verify
	};
};

describe('ap-request', () => {
	test('createSignedPost with verify', async () => {
		const keypair = await genRsaKeyPair();
		const key = { keyId: 'x', 'privateKeyPem': keypair.privateKey };
		const url = 'https://example.com/inbox';
		const activity = { a: 1 };
		const body = JSON.stringify(activity);
		const headers = {
			'User-Agent': 'UA',
		};

		const req = ApRequestCreator.createSignedPost({ key, url, body, additionalHeaders: headers });

		const parsed = buildParsedSignature(req.signingString, req.signature, 'rsa-sha256');

		const result = httpSignature.verifySignature(parsed, keypair.publicKey);
		assert.deepStrictEqual(result, true);
	});

	test('createSignedGet with verify', async () => {
		const keypair = await genRsaKeyPair();
		const key = { keyId: 'x', 'privateKeyPem': keypair.privateKey };
		const url = 'https://example.com/outbox';
		const headers = {
			'User-Agent': 'UA',
		};

		const req = ApRequestCreator.createSignedGet({ key, url, additionalHeaders: headers });

		const parsed = buildParsedSignature(req.signingString, req.signature, 'rsa-sha256');

		const result = httpSignature.verifySignature(parsed, keypair.publicKey);
		assert.deepStrictEqual(result, true);
	});
});
chore: 著作権とライセンスについての情報を各ファイルに追加する (#11348) * chore: Add the SPDX information to each file Add copyright and licensing information as defined in version 3.0 of the REUSE Specification. * tweak format --------- Co-authored-by: syuilo <Syuilotan@yahoo.co.jp> 2023-07-27 14:31:52 +09:00			`/*`
			`* SPDX-FileCopyrightText: syuilo and other misskey contributors`
			`* SPDX-License-Identifier: AGPL-3.0-only`
			`*/`

Refactor request (#7814) * status code * Test ap-request.ts https://github.com/mei23/crytest/blob/4397fc5e70536e4175fe56e974ca83b8047bef3a/test/ap-request.ts * tune 2021-10-16 17:16:24 +09:00			`import * as assert from 'assert';`
refactor: migrate to Yarn Berry (v3.2.1) (#8764) * Yarn berry * Add `.yarn` to dockerignore * Mention in CHANGELOG * Update Dockerfile * Proper upgrade to yarn * use `"packageManager"` * Replace `install-packages.js` with workspaces * Replace `install-packages.js` with workspaces * Typo * `corepack enable` for linting * Remove `packages//yarn.lock` Improve lint workflow * Update .github/workflows/lint.yml Co-authored-by: Acid Chicken (硫酸鶏) <root@acid-chicken.com> * Update .github/workflows/lint.yml Co-authored-by: Acid Chicken (硫酸鶏) <root@acid-chicken.com> * Add `eslint` * Regenerate yarn.lock * 🙏‍ * Update lint.yml :thinking: * Fix workflow! * yarn lint my beloved * corepack enable for mocha/e2e * Update CHANGELOG.md * fix the code that depends on node_modules * tbh * tbh * More yarn workspaces stuff * 🍀 * Change `browser-image-resizer` * :finnadie: * :goberserk: * :godmode: * Remove yarnrc for workspaces * 🙏 * Add proper packages for eslint * Skip extra install * New steps for test.yml too * uhh * Update .dockerignore * Update lint.yml * Update test.yml * Make client/backend lints seperate workflows * package.json names * pnpm = dont change paths * Fix changelog * :bowtie: * I don't know why github workflows hates me... * test * ????? * continue-on-error: true * Fix yarn.lock Co-authored-by: ishowta <ishowta@gmail.com> * add @rollup/pluginutils * add packageExtensions for chartjs_date-fns Co-authored-by: acid-chicken <root@acid-chicken.com> * npm run => yarn * wip * yarn node => node 依存関係の記載不足の解消がかなり多いため、yarn nodeは使わない * fix * fix http-signature * fix * fix * add packageExtensions * :v: * remove `yarn set version berry` * yarn install --immutable Co-authored-by: ishowta <ishowta@gmail.com> * https://github.com/misskey-dev/misskey/pull/8764#discussion_r885749892 * enable actions/setup-node's global cache * Update .gitignore Co-authored-by: iwata <ishowta@gmail.com> * revival gulp build https://github.com/misskey-dev/misskey/pull/8764/files/66ab7591bff9b35255219057e33399a06260aa31#r885899944 * fix lockfile * Update packages/backend/package.json Co-authored-by: iwata <ishowta@gmail.com> * remove packagemanager * `yarn run gulp` in `build` instead of just `gulp` * Update CHANGELOG.md * update lockfile * Add .yarn/cache to gitignore for packages * ? * move resolutions * :v: * update lockfie * update-lockfile * update yarn.lock * fix build * fix * fix * fix: add @tensorflow/tfjs * ダメ * modify lockfile * use yarnrc * update yarnlock * add jest-mock * update-lockfile * update lockfile * update lockfile * move jest-mock, update lockfile Co-authored-by: Acid Chicken (硫酸鶏) <root@acid-chicken.com> Co-authored-by: tamaina <tamaina@hotmail.co.jp> Co-authored-by: ishowta <ishowta@gmail.com> 2022-11-24 15:39:00 +09:00			`import httpSignature from '@peertube/http-signature';`
test(backend): restore ap-request tests (#9997) Co-authored-by: tamaina <tamaina@hotmail.co.jp> 2023-02-24 16:10:48 +09:00
			`import { genRsaKeyPair } from '@/misc/gen-key-pair.js';`
			`import { ApRequestCreator } from '@/core/activitypub/ApRequestService.js';`
Refactor request (#7814) * status code * Test ap-request.ts https://github.com/mei23/crytest/blob/4397fc5e70536e4175fe56e974ca83b8047bef3a/test/ap-request.ts * tune 2021-10-16 17:16:24 +09:00
			`export const buildParsedSignature = (signingString: string, signature: string, algorithm: string) => {`
			`return {`
			`scheme: 'Signature',`
			`params: {`
			`keyId: 'KeyID', // dummy, not used for verify`
			`algorithm: algorithm,`
test(backend): restore ap-request tests (#9997) Co-authored-by: tamaina <tamaina@hotmail.co.jp> 2023-02-24 16:10:48 +09:00			`headers: ['(request-target)', 'date', 'host', 'digest'], // dummy, not used for verify`
Refactor request (#7814) * status code * Test ap-request.ts https://github.com/mei23/crytest/blob/4397fc5e70536e4175fe56e974ca83b8047bef3a/test/ap-request.ts * tune 2021-10-16 17:16:24 +09:00			`signature: signature,`
			`},`
			`signingString: signingString,`
lint 2022-05-21 22:21:41 +09:00			`algorithm: algorithm.toUpperCase(),`
Refactor request (#7814) * status code * Test ap-request.ts https://github.com/mei23/crytest/blob/4397fc5e70536e4175fe56e974ca83b8047bef3a/test/ap-request.ts * tune 2021-10-16 17:16:24 +09:00			`keyId: 'KeyID', // dummy, not used for verify`
			`};`
			`};`

			`describe('ap-request', () => {`
refactor: use test 2023-02-02 18:18:25 +09:00			`test('createSignedPost with verify', async () => {`
Refactor request (#7814) * status code * Test ap-request.ts https://github.com/mei23/crytest/blob/4397fc5e70536e4175fe56e974ca83b8047bef3a/test/ap-request.ts * tune 2021-10-16 17:16:24 +09:00			`const keypair = await genRsaKeyPair();`
			`const key = { keyId: 'x', 'privateKeyPem': keypair.privateKey };`
			`const url = 'https://example.com/inbox';`
			`const activity = { a: 1 };`
			`const body = JSON.stringify(activity);`
			`const headers = {`
lint 2022-05-21 22:21:41 +09:00			`'User-Agent': 'UA',`
Refactor request (#7814) * status code * Test ap-request.ts https://github.com/mei23/crytest/blob/4397fc5e70536e4175fe56e974ca83b8047bef3a/test/ap-request.ts * tune 2021-10-16 17:16:24 +09:00			`};`

test(backend): restore ap-request tests (#9997) Co-authored-by: tamaina <tamaina@hotmail.co.jp> 2023-02-24 16:10:48 +09:00			`const req = ApRequestCreator.createSignedPost({ key, url, body, additionalHeaders: headers });`
Refactor request (#7814) * status code * Test ap-request.ts https://github.com/mei23/crytest/blob/4397fc5e70536e4175fe56e974ca83b8047bef3a/test/ap-request.ts * tune 2021-10-16 17:16:24 +09:00
			`const parsed = buildParsedSignature(req.signingString, req.signature, 'rsa-sha256');`

			`const result = httpSignature.verifySignature(parsed, keypair.publicKey);`
			`assert.deepStrictEqual(result, true);`
			`});`

refactor: use test 2023-02-02 18:18:25 +09:00			`test('createSignedGet with verify', async () => {`
Refactor request (#7814) * status code * Test ap-request.ts https://github.com/mei23/crytest/blob/4397fc5e70536e4175fe56e974ca83b8047bef3a/test/ap-request.ts * tune 2021-10-16 17:16:24 +09:00			`const keypair = await genRsaKeyPair();`
			`const key = { keyId: 'x', 'privateKeyPem': keypair.privateKey };`
			`const url = 'https://example.com/outbox';`
			`const headers = {`
lint 2022-05-21 22:21:41 +09:00			`'User-Agent': 'UA',`
Refactor request (#7814) * status code * Test ap-request.ts https://github.com/mei23/crytest/blob/4397fc5e70536e4175fe56e974ca83b8047bef3a/test/ap-request.ts * tune 2021-10-16 17:16:24 +09:00			`};`

test(backend): restore ap-request tests (#9997) Co-authored-by: tamaina <tamaina@hotmail.co.jp> 2023-02-24 16:10:48 +09:00			`const req = ApRequestCreator.createSignedGet({ key, url, additionalHeaders: headers });`
Refactor request (#7814) * status code * Test ap-request.ts https://github.com/mei23/crytest/blob/4397fc5e70536e4175fe56e974ca83b8047bef3a/test/ap-request.ts * tune 2021-10-16 17:16:24 +09:00
			`const parsed = buildParsedSignature(req.signingString, req.signature, 'rsa-sha256');`

			`const result = httpSignature.verifySignature(parsed, keypair.publicKey);`
			`assert.deepStrictEqual(result, true);`
			`});`
			`});`