@evanp/activitypub-bot 0.8.0

package/tests/botdatastorage.test.js

@@ -0,0 +1,87 @@
+import { describe, before, after, it } from 'node:test'
+import { BotDataStorage, NoSuchValueError } from '../lib/botdatastorage.js'
+import assert from 'node:assert'
+import { Sequelize } from 'sequelize'
+
+describe('BotDataStorage', async () => {
+  let connection = null
+  let storage = null
+  before(async () => {
+    connection = new Sequelize('sqlite::memory:', { logging: false })
+    await connection.authenticate()
+  })
+  after(async () => {
+    await connection.close()
+  })
+  it('can initialize', async () => {
+    storage = new BotDataStorage(connection)
+    await storage.initialize()
+  })
+  it('can set a value', async () => {
+    await storage.set('test', 'key1', 'value1')
+  })
+  it('can get a value', async () => {
+    const value = await storage.get('test', 'key1')
+    assert.equal(value, 'value1')
+  })
+  it('knows if a value exists', async () => {
+    const flag = await storage.has('test', 'key1')
+    assert.ok(flag)
+  })
+  it('knows if a value does not exist', async () => {
+    const flag = await storage.has('test', 'nonexistent1')
+    assert.ok(!flag)
+  })
+  it('raises an error on a non-existent value', async () => {
+    try {
+      await storage.get('test', 'nonexistent2')
+      assert.fail('Did not raise an exception getting a nonexistent key')
+    } catch (e) {
+      assert.ok(e instanceof NoSuchValueError)
+    }
+  })
+  it('can delete a value', async () => {
+    await storage.delete('test', 'key1')
+  })
+  it('knows if a value has been deleted', async () => {
+    const flag = await storage.has('test', 'key1')
+    assert.ok(!flag)
+  })
+  it('raises an error on a deleted value', async () => {
+    try {
+      await storage.get('test', 'key1')
+      assert.fail('Did not raise an exception getting a deleted key')
+    } catch (e) {
+      assert.ok(e instanceof NoSuchValueError)
+    }
+  })
+  it('stores different data at different keys for the same bot', async () => {
+    await storage.set('test', 'key2', 'value2')
+    await storage.set('test', 'key3', 'value3')
+    const value2 = await storage.get('test', 'key2')
+    const value3 = await storage.get('test', 'key3')
+    assert.notEqual(value2, value3)
+  })
+  it('stores different data at the same key for different bots', async () => {
+    await storage.set('test2', 'key4', 'value4')
+    await storage.set('test3', 'key4', 'value5')
+    const value4 = await storage.get('test2', 'key4')
+    const value5 = await storage.get('test3', 'key4')
+    assert.notEqual(value4, value5)
+  })
+  it('can store numbers', async () => {
+    await storage.set('test', 'numberkey1', 23)
+    const value = await storage.get('test', 'numberkey1')
+    assert.equal(value, 23)
+  })
+  it('can store arrays', async () => {
+    await storage.set('test', 'arraykey1', [1, 2, 3])
+    const value = await storage.get('test', 'arraykey1')
+    assert.deepEqual(value, [1, 2, 3])
+  })
+  it('can store objects', async () => {
+    await storage.set('test', 'objectkey1', { a: 1, b: 2, c: 3 })
+    const value = await storage.get('test', 'objectkey1')
+    assert.deepEqual(value, { a: 1, b: 2, c: 3 })
+  })
+})

package/tests/digester.test.js

@@ -0,0 +1,56 @@
+import { describe, it, before, after } from 'node:test'
+import assert from 'node:assert'
+import Logger from 'pino'
+import { Digester } from '../lib/digester.js'
+
+describe('Digester', () => {
+  let digester = null
+  let logger = null
+
+  before(() => {
+    logger = new Logger({
+      level: 'silent'
+    })
+  })
+
+  after(async () => {
+    logger = null
+  })
+
+  it('can initialize', async () => {
+    digester = new Digester(logger)
+    assert.ok(digester)
+  })
+
+  it('can digest a string', async () => {
+    const text = 'Hello, world!'
+    const digest = await digester.digest(text)
+    assert.ok(digest)
+    assert.equal(digest, 'sha-256=MV9b23bQeMQ7isAGTkoBZGErH853yGk0W/yUx1iU7dM=')
+  })
+
+  it('can compare two equal digests', async () => {
+    const text = 'Hello, world!'
+    const digest1 = await digester.digest(text)
+    const digest2 = await digester.digest(text)
+    const result = await digester.equals(digest1, digest2)
+    assert.ok(result)
+  })
+
+  it('can compare two different digests', async () => {
+    const text1 = 'Hello, world!'
+    const text2 = 'Hello, world!!'
+    const digest1 = await digester.digest(text1)
+    const digest2 = await digester.digest(text2)
+    const result = await digester.equals(digest1, digest2)
+    assert.ok(!result)
+  })
+
+  it('can compare two digests that differ only in case of the algorithm', async () => {
+    const text = 'Hello, world!'
+    const digest1 = await digester.digest(text)
+    const digest2 = digest1.replace('sha-256', 'SHA-256')
+    const result = await digester.equals(digest1, digest2)
+    assert.ok(result)
+  })
+})

package/tests/fixtures/bots.js

@@ -0,0 +1,15 @@
+import DoNothingBot from '../../lib/bots/donothing.js'
+import OKBot from '../../lib/bots/ok.js'
+
+export default {
+  ok: new OKBot('ok'),
+  null: new DoNothingBot('null'),
+  test0: new DoNothingBot('test0'),
+  test1: new DoNothingBot('test1'),
+  test2: new DoNothingBot('test2'),
+  test3: new DoNothingBot('test3'),
+  test4: new DoNothingBot('test4'),
+  test5: new DoNothingBot('test5'),
+  test6: new DoNothingBot('test6'),
+  test7: new DoNothingBot('test7')
+}

package/tests/httpsignature.test.js

@@ -0,0 +1,200 @@
+import { describe, before, after, it } from 'node:test'
+import assert from 'node:assert'
+import { Sequelize } from 'sequelize'
+import { KeyStorage } from '../lib/keystorage.js'
+import { nockSetup, nockSignature, nockKeyRotate, getPublicKey, getPrivateKey, nockFormat } from './utils/nock.js'
+import { HTTPSignature } from '../lib/httpsignature.js'
+import Logger from 'pino'
+import { Digester } from '../lib/digester.js'
+
+describe('HTTPSignature', async () => {
+  const domain = 'activitypubbot.example'
+  const origin = `https://${domain}`
+  let connection = null
+  let httpSignature = null
+  let logger = null
+  let digester = null
+  before(async () => {
+    logger = Logger({
+      level: 'silent'
+    })
+    connection = new Sequelize('sqlite::memory:', { logging: false })
+    await connection.authenticate()
+    const keyStorage = new KeyStorage(connection, logger)
+    await keyStorage.initialize()
+    nockSetup('social.example')
+    digester = new Digester(logger)
+  })
+
+  after(async () => {
+    await connection.close()
+    digester = null
+  })
+
+  it('can initialize', async () => {
+    httpSignature = new HTTPSignature(logger)
+    assert.ok(httpSignature)
+  })
+
+  it('can validate a signature', async () => {
+    const username = 'test'
+    const date = new Date().toUTCString()
+    const signature = await nockSignature({
+      url: `${origin}/user/ok/outbox`,
+      date,
+      username
+    })
+    const headers = {
+      date,
+      signature,
+      host: URL.parse(origin).host
+    }
+    const publicKeyPem = await getPublicKey(username)
+    const method = 'GET'
+    const path = '/user/ok/outbox'
+    const result = await httpSignature.validate(publicKeyPem, signature, method, path, headers)
+    assert.ok(result)
+  })
+
+  it('can validate a signature on an URL with parameters', async () => {
+    const username = 'test'
+    const lname = 'ok'
+    const date = new Date().toUTCString()
+    const signature = await nockSignature({
+      url: `${origin}/.well-known/webfinger?resource=acct:${lname}@${domain}`,
+      date,
+      username
+    })
+    const headers = {
+      date,
+      signature,
+      host: URL.parse(origin).host
+    }
+    const publicKeyPem = await getPublicKey(username)
+    const method = 'GET'
+    const path = `/.well-known/webfinger?resource=acct:${lname}@${domain}`
+    const result = await httpSignature.validate(publicKeyPem, signature, method, path, headers)
+    assert.ok(result)
+  })
+
+  it('can handle key rotation', async () => {
+    const username = 'rotate'
+    const date = new Date().toUTCString()
+    const signature = await nockSignature({
+      url: `${origin}/user/ok/outbox`,
+      date,
+      username
+    })
+    const headers = {
+      date,
+      signature,
+      host: URL.parse(origin).host
+    }
+    const publicKeyPem = await getPublicKey(username)
+    const method = 'GET'
+    const path = '/user/ok/outbox'
+    await httpSignature.validate(publicKeyPem, signature, method, path, headers)
+    await nockKeyRotate(username)
+    const signature2 = await nockSignature({
+      url: `${origin}/user/ok/outbox`,
+      date,
+      username
+    })
+    const headers2 = {
+      date,
+      signature,
+      host: URL.parse(origin).host
+    }
+    const publicKeyPem2 = await getPublicKey(username)
+    assert.notStrictEqual(publicKeyPem, publicKeyPem2)
+    const result2 = await httpSignature.validate(publicKeyPem2, signature2, method, path, headers2)
+    assert.ok(result2)
+  })
+
+  it('can sign a GET request', async () => {
+    const date = new Date().toUTCString()
+    const headers = {
+      Date: date,
+      Host: URL.parse(origin).host,
+      'X-Unused-Header': 'test',
+      Accept: 'application/activity+json',
+      'User-Agent': 'activitypubbot-test/0.0.1'
+    }
+    const privateKey = await getPrivateKey('test')
+    const method = 'GET'
+    const url = nockFormat({ username: 'test', obj: 'outbox' })
+    const keyId = nockFormat({ username: 'test', key: true })
+    const signature = await httpSignature.sign({ privateKey, keyId, url, method, headers })
+    assert.ok(signature)
+    assert.match(signature, /^keyId="https:\/\/social\.example\/user\/test\/publickey",headers="\(request-target\) host date user-agent accept",signature=".*",algorithm="rsa-sha256"$/)
+  })
+
+  it('can sign a POST request', async () => {
+    const body = JSON.stringify({
+      '@context': 'https://www.w3.org/ns/activitystreams',
+      type: 'Create',
+      actor: nockFormat({ username: 'test' }),
+      object: nockFormat({ username: 'test', obj: 'note', num: 1 })
+    })
+    const headers = {
+      date: new Date().toUTCString(),
+      host: URL.parse(origin).host,
+      digest: await digester.digest(body),
+      'content-type': 'application/activity+json',
+      'User-Agent': 'activitypubbot-test/0.0.1'
+    }
+    const privateKey = await getPrivateKey('test')
+    const method = 'POST'
+    const url = nockFormat({ username: 'test', obj: 'outbox' })
+    const keyId = nockFormat({ username: 'test', key: true })
+    const signature = await httpSignature.sign({ privateKey, keyId, url, method, headers })
+    assert.ok(signature)
+    assert.match(signature, /^keyId="https:\/\/social\.example\/user\/test\/publickey",headers="\(request-target\) host date user-agent content-type digest",signature=".*",algorithm="rsa-sha256"$/)
+  })
+
+  it('errors if required GET headers not present', async () => {
+    const date = new Date().toUTCString()
+    const headers = {
+      Date: date,
+      Host: URL.parse(origin).host,
+      'User-Agent': 'activitypubbot-test/0.0.1'
+    }
+    const privateKey = await getPrivateKey('test')
+    const method = 'GET'
+    const url = nockFormat({ username: 'test', obj: 'outbox' })
+    const keyId = nockFormat({ username: 'test', key: true })
+    try {
+      await httpSignature.sign({ privateKey, keyId, url, method, headers })
+      assert.fail('Expected error not thrown')
+    } catch (err) {
+      assert.equal(err.name, 'Error')
+      assert.equal(err.message, 'Missing header: accept')
+    }
+  })
+
+  it('errors if required POST headers not present', async () => {
+    const body = JSON.stringify({
+      '@context': 'https://www.w3.org/ns/activitystreams',
+      type: 'Create',
+      actor: nockFormat({ username: 'test' }),
+      object: nockFormat({ username: 'test', obj: 'note', num: 1 })
+    })
+    const headers = {
+      date: new Date().toUTCString(),
+      host: URL.parse(origin).host,
+      digest: await digester.digest(body),
+      'User-Agent': 'activitypubbot-test/0.0.1'
+    }
+    const privateKey = await getPrivateKey('test')
+    const method = 'POST'
+    const url = nockFormat({ username: 'test', obj: 'outbox' })
+    const keyId = nockFormat({ username: 'test', key: true })
+    try {
+      await httpSignature.sign({ privateKey, keyId, url, method, headers })
+      assert.fail('Expected error not thrown')
+    } catch (err) {
+      assert.equal(err.name, 'Error')
+      assert.equal(err.message, 'Missing header: content-type')
+    }
+  })
+})