@evanp/activitypub-bot 0.8.0

package/tests/objectcache.test.js

@@ -0,0 +1,133 @@
+import { describe, it } from 'node:test'
+import { ObjectCache } from '../lib/objectcache.js'
+import assert from 'node:assert/strict'
+import as2 from '../lib/activitystreams.js'
+
+describe('ObjectCache', async () => {
+  let cache = null
+  const longTTL = 3600 * 1000
+  const shortTTL = 300 * 1000
+  const maxItems = 1000
+  const makeObject = (num) =>
+    as2.import({
+      id: `https://example.com/${num}`,
+      name: `Object ${num}`,
+      type: 'Object',
+      attributedTo: `https://example.com/user${num}`,
+      to: 'https://www.w3.org/ns/activitystreams#Public'
+    })
+  const makeCollection = (num) =>
+    as2.import({
+      id: `https://example.com/collection${num}`,
+      type: 'Collection',
+      name: `Collection ${num}`,
+      totalItems: 1
+    })
+
+  const object1 = await makeObject(1)
+  const object2 = await makeObject(2)
+  const object3 = await makeObject(3)
+  const object4 = await makeObject(4)
+  const object5 = await makeObject(5)
+  const badid = 'https://example.com/badid'
+  const badcoll = 'https://example.com/badcoll'
+  const collection1 = await makeCollection(1)
+  const collection2 = await makeCollection(2)
+  const collection3 = await makeCollection(3)
+
+  it('should be a class', async () => {
+    assert.strictEqual(typeof ObjectCache, 'function')
+  })
+
+  it('can be instantiated', async () => {
+    cache = new ObjectCache({ longTTL, shortTTL, maxItems })
+    assert.strictEqual(typeof cache, 'object')
+  })
+
+  it('can be initialized', async () => {
+    try {
+      await cache.initialize()
+      assert.ok(true)
+    } catch (error) {
+      assert.fail(error)
+    }
+  })
+
+  it('returns undefined if not found', async () => {
+    try {
+      const value = await cache.get(badid)
+      assert.strictEqual(value, undefined)
+    } catch (error) {
+      assert.fail(error)
+    }
+  })
+
+  it('can save', async () => {
+    try {
+      await cache.save(object1)
+      const dupe = await cache.get(object1.id)
+      assert.strictEqual(dupe.id, object1.id)
+    } catch (error) {
+      assert.fail(error)
+    }
+  })
+
+  it('can saveReceived', async () => {
+    try {
+      await cache.saveReceived(object2)
+      const dupe = await cache.get(object2.id)
+      assert.strictEqual(dupe.id, object2.id)
+    } catch (error) {
+      assert.fail(error)
+    }
+  })
+
+  it('can clear', async () => {
+    try {
+      await cache.save(object3)
+      await cache.clear(object3)
+      const dupe = await cache.get(object3.id)
+      assert.strictEqual(dupe, undefined)
+    } catch (error) {
+      assert.fail(error)
+    }
+  })
+
+  it('fails membership for unknown collection', async () => {
+    try {
+      const flag = await cache.isMember(collection3, badid)
+      assert.strictEqual(flag, undefined)
+    } catch (error) {
+      assert.fail(error)
+    }
+  })
+
+  it('fails membership for unknown object', async () => {
+    try {
+      const flag = await cache.isMember(badcoll, object4)
+      assert.strictEqual(flag, undefined)
+    } catch (error) {
+      assert.fail(error)
+    }
+  })
+
+  it('can saveMembership', async () => {
+    try {
+      await cache.saveMembership(collection1, object4)
+      const flag = await cache.isMember(collection1, object4)
+      assert.ok(flag)
+    } catch (error) {
+      assert.fail(error)
+    }
+  })
+
+  it('can saveMembershipReceived', async () => {
+    try {
+      await cache.saveMembershipReceived(collection2, object5)
+      const flag = await cache.isMember(collection2, object5)
+      assert.ok(flag)
+    } catch (error) {
+      assert.fail(error)
+    }
+  })
+})

package/tests/objectstorage.test.js

@@ -0,0 +1,148 @@
+import { describe, it, before, after } from 'node:test'
+import as2 from '../lib/activitystreams.js'
+import assert from 'node:assert'
+import { ObjectStorage, NoSuchObjectError } from '../lib/objectstorage.js'
+import { Sequelize } from 'sequelize'
+
+describe('ObjectStorage', async () => {
+  let doc = null
+  let doc2 = null
+  let doc3 = null
+  let connection = null
+  let storage = null
+  before(async () => {
+    doc = await as2.import({
+      '@context': 'https://www.w3.org/ns/activitystreams',
+      id: 'https://social.example/users/test/note/1',
+      type: 'Note',
+      name: 'test',
+      content: 'test'
+    })
+    doc2 = await as2.import({
+      '@context': 'https://www.w3.org/ns/activitystreams',
+      id: 'https://social.example/users/test/note/2',
+      type: 'Note',
+      name: 'test',
+      content: 'test',
+      inReplyTo: doc.id
+    })
+    doc3 = await as2.import({
+      '@context': 'https://www.w3.org/ns/activitystreams',
+      id: 'https://social.example/users/test/note/3',
+      type: 'Note',
+      name: 'test',
+      content: 'test'
+    })
+    connection = new Sequelize('sqlite::memory:', { logging: false })
+    await connection.authenticate()
+  })
+  after(async () => {
+    await connection.close()
+  })
+  it('can initialize', async () => {
+    storage = new ObjectStorage(connection)
+    await storage.initialize()
+  })
+  it('can create a new object', async () => {
+    await storage.create(doc)
+  })
+  it('can read a created object', async () => {
+    await storage.read(doc.id)
+  })
+  it('can update a created object', async () => {
+    const doc2 = await as2.import({
+      '@context': 'https://www.w3.org/ns/activitystreams',
+      id: 'https://social.example/users/test/note/1',
+      type: 'Note',
+      name: 'test2',
+      content: 'test2'
+    })
+    await storage.update(doc2)
+    const read = await storage.read(doc2.id)
+    assert.equal(read.name.get('en'), 'test2')
+  })
+  it('can delete a created object', async () => {
+    await storage.delete(doc)
+    try {
+      await storage.read(doc.id)
+      assert.fail('should not be able to read deleted object')
+    } catch (err) {
+      assert.ok(err instanceof NoSuchObjectError)
+    }
+  })
+  it('can get a collection', async () => {
+    const collection = await storage.getCollection(doc.id, 'replies')
+    assert.equal(typeof (collection), 'object')
+    assert.equal(typeof (collection.id), 'string')
+    assert.equal(collection.id, `${doc.id}/replies`)
+    assert.equal(collection.type, 'https://www.w3.org/ns/activitystreams#OrderedCollection')
+    assert.equal(collection.totalItems, 0)
+    assert.equal(collection.first.id, `${doc.id}/replies/1`)
+    assert.equal(collection.last.id, `${doc.id}/replies/1`)
+  })
+  it('can get a collection page', async () => {
+    const page = await storage.getCollectionPage(doc.id, 'replies', 1)
+    assert.equal(typeof page, 'object')
+    assert.equal(page.id, `${doc.id}/replies/1`)
+    assert.equal(page.type, 'https://www.w3.org/ns/activitystreams#OrderedCollectionPage')
+    assert.equal(page.partOf.id, `${doc.id}/replies`)
+    assert.ok(!page.next)
+    assert.ok(!page.prev)
+    assert.ok(!page.items)
+  })
+  it('can add to a collection', async () => {
+    await storage.addToCollection(doc.id, 'replies', doc2)
+    const page = await storage.getCollectionPage(doc.id, 'replies', 1)
+    assert.ok(Array.from(page.items).find(item => item.id === doc2.id))
+  })
+  it('can check collection membership', async () => {
+    assert.strictEqual(true, await storage.isInCollection(doc.id, 'replies', doc2))
+    assert.strictEqual(false, await storage.isInCollection(doc.id, 'replies', doc3))
+  })
+  it('can remove from a collection', async () => {
+    await storage.removeFromCollection(doc.id, 'replies', doc2)
+    const page = await storage.getCollectionPage(doc.id, 'replies', 1)
+    assert.ok(!page.items)
+  })
+  it('can add many items to a collection', async () => {
+    for (let i = 3; i < 103; i++) {
+      const reply = await as2.import({
+        '@context': 'https://www.w3.org/ns/activitystreams',
+        id: `https://social.example/users/test/note/${i}`,
+        type: 'Note',
+        name: 'test',
+        content: 'test',
+        inReplyTo: doc.id
+      })
+      await storage.addToCollection(doc.id, 'replies', reply)
+    }
+    const collection = await storage.getCollection(doc.id, 'replies')
+    assert.equal(collection.totalItems, 100)
+    assert.equal(collection.first.id, `${doc.id}/replies/5`)
+    assert.equal(collection.last.id, `${doc.id}/replies/1`)
+    const page = await storage.getCollectionPage(doc.id, 'replies', 3)
+    assert.ok(page.next)
+    // assert.ok(page.prev)
+    assert.ok(page.items)
+    const items = Array.from(page.items)
+    assert.equal(items.length, 20)
+    for (let i = 0; i < items.length; i++) {
+      assert.ok(items[i])
+      for (let j = i + 1; j < items.length; j++) {
+        assert.ok(items[j])
+        assert.ok(
+          items[i].id > items[j].id,
+          `item ${i} (${items[i].id}) <= item ${j} (${items[j].id})`
+        )
+      }
+    }
+  })
+  it('can iterate over a collection', async () => {
+    const seen = new Set()
+    for await (const item of storage.items(doc.id, 'replies')) {
+      assert.ok(!(item.id in seen))
+      seen.add(item.id)
+    }
+    assert.strictEqual(seen.size, 100)
+  })
+})

package/tests/remotekeystorage.test.js

@@ -0,0 +1,76 @@
+import { describe, before, after, it } from 'node:test'
+import { RemoteKeyStorage } from '../lib/remotekeystorage.js'
+import assert from 'node:assert'
+import { Sequelize } from 'sequelize'
+import { KeyStorage } from '../lib/keystorage.js'
+import { UrlFormatter } from '../lib/urlformatter.js'
+import { ActivityPubClient } from '../lib/activitypubclient.js'
+import { nockSetup, nockFormat, getPublicKey, nockKeyRotate } from './utils/nock.js'
+import { HTTPSignature } from '../lib/httpsignature.js'
+import Logger from 'pino'
+import { Digester } from '../lib/digester.js'
+
+describe('RemoteKeyStorage', async () => {
+  const origin = 'https://activitypubbot.example'
+  let connection = null
+  let remoteKeyStorage = null
+  let client = null
+  let logger = null
+  before(async () => {
+    logger = Logger({
+      level: 'silent'
+    })
+    connection = new Sequelize('sqlite::memory:', { logging: false })
+    await connection.authenticate()
+    const keyStorage = new KeyStorage(connection, logger)
+    await keyStorage.initialize()
+    const formatter = new UrlFormatter(origin)
+    const digester = new Digester(logger)
+    const signer = new HTTPSignature(logger)
+    client = new ActivityPubClient(keyStorage, formatter, signer, digester, logger)
+    nockSetup('social.example')
+  })
+
+  after(async () => {
+    await connection.close()
+    logger = null
+  })
+
+  it('can initialize', async () => {
+    remoteKeyStorage = new RemoteKeyStorage(client, connection, logger)
+    assert.ok(remoteKeyStorage)
+    await remoteKeyStorage.initialize()
+    assert.ok(true)
+  })
+
+  it('can get a remote public key', async () => {
+    const username = 'test'
+    const domain = 'social.example'
+    const id = nockFormat({ username, key: true, domain })
+    const publicKey = await getPublicKey(username, domain)
+    const remote = await remoteKeyStorage.getPublicKey(id)
+    assert.equal(remote.publicKeyPem, publicKey)
+  })
+
+  it('can get the same remote public key twice', async () => {
+    const username = 'test'
+    const domain = 'social.example'
+    const id = nockFormat({ username, key: true, domain })
+    const publicKey = await getPublicKey(username, domain)
+    const remote = await remoteKeyStorage.getPublicKey(id)
+    assert.equal(remote.publicKeyPem, publicKey)
+  })
+
+  it('can get the right public key after key rotation', async () => {
+    const username = 'test'
+    const domain = 'social.example'
+    const id = nockFormat({ username, key: true, domain })
+    const publicKey = await getPublicKey(username, domain)
+    const remote = await remoteKeyStorage.getPublicKey(id)
+    assert.equal(remote.publicKeyPem, publicKey)
+    await nockKeyRotate(username)
+    const publicKey2 = await getPublicKey(username, domain)
+    const remote2 = await remoteKeyStorage.getPublicKey(id, false)
+    assert.equal(remote2.publicKeyPem, publicKey2)
+  })
+})

package/tests/routes.actor.test.js

@@ -0,0 +1,207 @@
+import { describe, it } from 'node:test'
+import assert from 'node:assert'
+import { makeApp } from '../lib/app.js'
+import request from 'supertest'
+import bots from './fixtures/bots.js'
+
+describe('actor routes', async () => {
+  const databaseUrl = 'sqlite::memory:'
+  const origin = 'https://activitypubbot.test'
+  const app = await makeApp(databaseUrl, origin, bots, 'silent')
+
+  describe('GET /user/{botid}', async () => {
+    let response = null
+    it('should work without an error', async () => {
+      response = await request(app).get('/user/ok')
+    })
+    it('should return 200 OK', async () => {
+      assert.strictEqual(response.status, 200)
+    })
+    it('should return AS2', async () => {
+      assert.strictEqual(response.type, 'application/activity+json')
+    })
+    it('should return an object', async () => {
+      assert.strictEqual(typeof response.body, 'object')
+    })
+    it('should return an object with an id', async () => {
+      assert.strictEqual(typeof response.body.id, 'string')
+    })
+    it('should return an object with an id matching the request', async () => {
+      assert.strictEqual(response.body.id, origin + '/user/ok')
+    })
+    it('should return an object with a type', async () => {
+      assert.strictEqual(typeof response.body.type, 'string')
+    })
+    it('should return an object with a type matching the request', async () => {
+      assert.strictEqual(response.body.type, 'Service')
+    })
+    it('should return an object with a preferredUsername', async () => {
+      assert.strictEqual(typeof response.body.preferredUsername, 'string')
+    })
+    it('should return an object with a preferredUsername matching the request', async () => {
+      assert.strictEqual(response.body.preferredUsername, 'ok')
+    })
+    it('should return an object with an inbox', async () => {
+      assert.strictEqual(typeof response.body.inbox, 'string')
+    })
+    it('should return an object with an outbox', async () => {
+      assert.strictEqual(typeof response.body.outbox, 'string')
+    })
+    it('should return an object with a followers', async () => {
+      assert.strictEqual(typeof response.body.followers, 'string')
+    })
+    it('should return an object with a following', async () => {
+      assert.strictEqual(typeof response.body.following, 'string')
+    })
+    it('should return an object with a liked', async () => {
+      assert.strictEqual(typeof response.body.liked, 'string')
+    })
+    it('should return an object with a to', async () => {
+      assert.strictEqual(typeof response.body.to, 'string')
+    })
+    it('should return an object with a to matching the request', async () => {
+      assert.strictEqual(response.body.to, 'as:Public')
+    })
+    it('should return an object with a summary', async () => {
+      assert.strictEqual(typeof response.body.summary, 'string')
+    })
+    it('should return an object with a summary matching the request', async () => {
+      assert.strictEqual(response.body.summary, 'A bot that says "OK" when mentioned.')
+    })
+    it('should return an object with a name', async () => {
+      assert.strictEqual(typeof response.body.name, 'string')
+    })
+    it('should return an object with a name matching the request', async () => {
+      assert.strictEqual(response.body.name, 'OK Bot')
+    })
+    it('should return an object with a publicKey', async () => {
+      assert.strictEqual(typeof response.body.publicKey, 'object')
+      assert.ok(response.body.publicKey)
+    })
+    it('should return an object with a publicKey matching the request', async () => {
+      assert.strictEqual(response.body.publicKey.id, origin + '/user/ok/publickey')
+    })
+    it('should return an object with a publicKey with an owner matching the request', async () => {
+      assert.strictEqual(response.body.publicKey.owner, origin + '/user/ok')
+    })
+    it('should return an object with a publicKey with a type', async () => {
+      assert.strictEqual(response.body.publicKey.type, 'CryptographicKey')
+    })
+    it('should return an object with a publicKey with a to', async () => {
+      assert.strictEqual(response.body.publicKey.to, 'as:Public')
+    })
+    it('should return an object with a publicKey with a publicKeyPem', async () => {
+      assert.strictEqual(typeof response.body.publicKey.publicKeyPem, 'string')
+    })
+    it('publicKeyPem should be an RSA PKCS-8 key', async () => {
+      assert.match(response.body.publicKey.publicKeyPem, /^-----BEGIN PUBLIC KEY-----\n/)
+      assert.match(response.body.publicKey.publicKeyPem, /\n-----END PUBLIC KEY-----\n$/)
+    })
+  })
+
+  describe('GET non-existent user', async () => {
+    let response = null
+    it('should work without an error', async () => {
+      response = await request(app).get('/user/dne')
+    })
+    it('should return 404 Not Found', async () => {
+      assert.strictEqual(response.status, 404)
+    })
+    it('should return Problem Details JSON', async () => {
+      assert.strictEqual(response.type, 'application/problem+json')
+    })
+    it('should return an object', async () => {
+      assert.strictEqual(typeof response.body, 'object')
+    })
+    it('should return an object with a type', async () => {
+      assert.strictEqual(typeof response.body.type, 'string')
+    })
+    it('should return an object with an type matching the request', async () => {
+      assert.strictEqual(response.body.type, 'about:blank')
+    })
+    it('should return an object with a title', async () => {
+      assert.strictEqual(typeof response.body.title, 'string')
+    })
+    it('should return an object with a title matching the request', async () => {
+      assert.strictEqual(response.body.title, 'Not Found')
+    })
+    it('should return an object with a status', async () => {
+      assert.strictEqual(typeof response.body.status, 'number')
+    })
+    it('should return an object with a status matching the request', async () => {
+      assert.strictEqual(response.body.status, 404)
+    })
+    it('should return an object with a detail', async () => {
+      assert.strictEqual(typeof response.body.detail, 'string')
+    })
+    it('should return an object with a detail matching the request', async () => {
+      assert.strictEqual(response.body.detail, 'User dne not found')
+    })
+  })
+  describe('GET /user/{dne}/publickey', async () => {
+    let response = null
+    it('should work without an error', async () => {
+      response = await request(app).get('/user/dne')
+    })
+    it('should return 404 Not Found', async () => {
+      assert.strictEqual(response.status, 404)
+    })
+    it('should return Problem Details JSON', async () => {
+      assert.strictEqual(response.type, 'application/problem+json')
+    })
+    it('should return the right object', async () => {
+      assert.strictEqual(typeof response.body, 'object')
+      assert.strictEqual(response.body.type, 'about:blank')
+      assert.strictEqual(response.body.title, 'Not Found')
+      assert.strictEqual(response.body.status, 404)
+      assert.strictEqual(response.body.detail, 'User dne not found')
+    })
+  })
+
+  describe('GET /user/{botid}/publickey', async () => {
+    let response = null
+    it('should work without an error', async () => {
+      response = await request(app).get('/user/ok/publickey')
+    })
+    it('should return 200 OK', async () => {
+      assert.strictEqual(response.status, 200)
+    })
+    it('should return AS2', async () => {
+      assert.strictEqual(response.type, 'application/activity+json')
+    })
+    it('should return an object', async () => {
+      assert.strictEqual(typeof response.body, 'object')
+    })
+    it('should return an object with an id', async () => {
+      assert.strictEqual(typeof response.body.id, 'string')
+    })
+    it('should return an object with the requested public key id', async () => {
+      assert.strictEqual(response.body.id, origin + '/user/ok/publickey')
+    })
+    it('should return an object with an owner', async () => {
+      assert.strictEqual(typeof response.body.owner, 'string')
+    })
+    it('should return an object with the bot as owner', async () => {
+      assert.strictEqual(response.body.owner, origin + '/user/ok')
+    })
+    it('should return an object with a publicKeyPem', async () => {
+      assert.strictEqual(typeof response.body.publicKeyPem, 'string')
+    })
+    it('publicKeyPem should be an RSA PKCS-8 key', async () => {
+      assert.match(response.body.publicKeyPem, /^-----BEGIN PUBLIC KEY-----\n/)
+      assert.match(response.body.publicKeyPem, /\n-----END PUBLIC KEY-----\n$/)
+    })
+    it('should return an object with a type', async () => {
+      assert.strictEqual(typeof response.body.type, 'string')
+    })
+    it('should return an object with a type matching the request', async () => {
+      assert.strictEqual(response.body.type, 'CryptographicKey')
+    })
+    it('should return an object with a to', async () => {
+      assert.strictEqual(typeof response.body.to, 'string')
+    })
+    it('should return an object with a to matching the request', async () => {
+      assert.strictEqual(response.body.to, 'as:Public')
+    })
+  })
+})