@fedify/fedify 2.2.0-dev.613 → 2.2.0-dev.622
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/{accept-D7sAxyNa.js → accept-Dd__NiUL.mjs} +10 -8
- package/dist/{assert-MZs1qjMx.js → assert-ddO5KLpe.mjs} +5 -9
- package/dist/{assert_equals-DSbWqCm3.js → assert_equals-Ew3jOFa3.mjs} +55 -69
- package/dist/{assert_instance_of-DHz7EHNU.js → assert_instance_of-C4Ri6VuN.mjs} +5 -9
- package/dist/{assert_not_equals-f3m3epl3.js → assert_not_equals--wG9hV7u.mjs} +6 -13
- package/dist/{assert_rejects-0h7I2Esa.js → assert_rejects-B-qJtC9Z.mjs} +6 -11
- package/dist/{assert_throws-rjdMBf31.js → assert_throws-4NwKEy2q.mjs} +5 -10
- package/dist/{builder-OscY92PK.js → builder-DcSpny3g.mjs} +32 -41
- package/dist/{chunk-CGaQZ11T.cjs → chunk-DDcVe30Y.cjs} +23 -24
- package/dist/{chunk-DJNbSFdH.js → chunk-nlSIicah.js} +8 -8
- package/dist/{client-BxMZiQaD.d.ts → client-AtlibPOU.d.ts} +1 -1
- package/dist/{client-CoCIaTNO.js → client-DEpOVgY1.mjs} +9 -13
- package/dist/{client-C97KOq3x.d.cts → client-z-8dc-e1.d.cts} +1 -1
- package/dist/{collection-CSzG2j1P.js → collection-BD6-SZ6O.mjs} +7 -12
- package/dist/compat/mod.cjs +5 -8
- package/dist/compat/mod.d.cts +78 -6
- package/dist/compat/mod.d.ts +78 -6
- package/dist/compat/mod.js +4 -8
- package/dist/compat/transformers.test.mjs +62 -0
- package/dist/{context-DyJjQQ_H.d.ts → context-BOiMZBu5.d.ts} +9 -18
- package/dist/{context-BcqA-0BL.d.cts → context-BhZVy7RB.d.cts} +9 -18
- package/dist/{context-Aqenou7c.js → context-Juj6bdHC.mjs} +7 -11
- package/dist/deno-D682wzlW.mjs +8 -0
- package/dist/{docloader-JiZmL7BP.js → docloader-CCWf4tNV.mjs} +8 -14
- package/dist/{esm-nLm00z9V.js → esm-DVILvP5e.mjs} +50 -89
- package/dist/federation/builder.test.d.mts +2 -0
- package/dist/federation/{builder.test.js → builder.test.mjs} +21 -44
- package/dist/federation/collection.test.d.mts +2 -0
- package/dist/federation/collection.test.mjs +21 -0
- package/dist/federation/handler.test.d.mts +2 -0
- package/dist/federation/{handler.test.js → handler.test.mjs} +69 -131
- package/dist/federation/idempotency.test.d.mts +2 -0
- package/dist/federation/{idempotency.test.js → idempotency.test.mjs} +31 -63
- package/dist/federation/inbox.test.d.mts +2 -0
- package/dist/federation/{inbox.test.js → inbox.test.mjs} +8 -12
- package/dist/federation/keycache.test.d.mts +2 -0
- package/dist/federation/{keycache.test.js → keycache.test.mjs} +13 -19
- package/dist/federation/kv.test.d.mts +2 -0
- package/dist/federation/{kv.test.js → kv.test.mjs} +11 -22
- package/dist/federation/middleware.test.d.mts +2 -0
- package/dist/federation/{middleware.test.js → middleware.test.mjs} +173 -262
- package/dist/federation/mod.cjs +327 -16
- package/dist/federation/mod.d.cts +3 -6
- package/dist/federation/mod.d.ts +3 -6
- package/dist/federation/mod.js +322 -13
- package/dist/federation/mq.test.d.mts +2 -0
- package/dist/federation/{mq.test.js → mq.test.mjs} +21 -35
- package/dist/federation/negotiation.test.d.mts +2 -0
- package/dist/federation/{negotiation.test.js → negotiation.test.mjs} +9 -16
- package/dist/federation/retry.test.d.mts +2 -0
- package/dist/federation/{retry.test.js → retry.test.mjs} +8 -11
- package/dist/federation/router.test.d.mts +2 -0
- package/dist/federation/{router.test.js → router.test.mjs} +11 -16
- package/dist/federation/send.test.d.mts +2 -0
- package/dist/federation/{send.test.js → send.test.mjs} +22 -30
- package/dist/federation/webfinger.test.d.mts +2 -0
- package/dist/federation/{webfinger.test.js → webfinger.test.mjs} +22 -56
- package/dist/{http-BnsR906R.cjs → http-BQccxQlj.cjs} +177 -302
- package/dist/{http-CKaqhjvP.js → http-CNsnyqrO.mjs} +23 -43
- package/dist/{http-BudnHZE2.d.cts → http-CrGuipxe.d.cts} +1 -6
- package/dist/{http-IFqEftoZ.js → http-DhwEMhtv.js} +53 -184
- package/dist/{http-Dax_FIBo.d.ts → http-aQzN9Ayi.d.ts} +1 -6
- package/dist/{inbox-Bd91CVJP.js → inbox-DegXbbbS.mjs} +18 -26
- package/dist/{key-DFLFXKER.js → key-vL60OvqM.mjs} +29 -37
- package/dist/{keycache-CpGWAUbj.js → keycache-CCSwkQcY.mjs} +5 -10
- package/dist/{keys-BFve7QQv.js → keys-BAK-tUlf.mjs} +5 -9
- package/dist/{kv-BL4nlICN.d.cts → kv-CbLNp3zQ.d.cts} +1 -1
- package/dist/{kv-DXEUEP6z.d.ts → kv-GFYnFoOl.d.ts} +1 -1
- package/dist/{kv-cache-Bw2F2ABq.js → kv-cache-B01V7s3h.mjs} +4 -8
- package/dist/{kv-cache-Drlz6O_Y.js → kv-cache-CTj3iCix.js} +6 -13
- package/dist/{kv-cache-BLXcQvyb.cjs → kv-cache-DxdXJNbj.cjs} +27 -34
- package/dist/{kv-QzKcOQgP.js → kv-tL2TOE9X.mjs} +6 -10
- package/dist/{ld-CGGXZJK0.js → ld-C3CO00YY.mjs} +17 -31
- package/dist/{middleware-DcpBikad.js → middleware-BmsVSOeS.js} +335 -382
- package/dist/middleware-C7shNcsp.cjs +4 -0
- package/dist/{middleware-B51dB75z.cjs → middleware-Cx0Ny6_7.cjs} +532 -587
- package/dist/middleware-DqVGYk56.mjs +5 -0
- package/dist/{middleware-B53r4pdM.js → middleware-Du-vh7I_.mjs} +282 -317
- package/dist/{mod-em2Il1eD.d.cts → mod-Bp_CzKd4.d.cts} +2 -2
- package/dist/{mod-DCbh1JQ5.d.ts → mod-CLgIXe9w.d.ts} +3 -3
- package/dist/{mod-jfnweK2w.d.cts → mod-CMEbIaNh.d.cts} +3 -3
- package/dist/{mod-D6MdymW7.d.ts → mod-DKOAow7a.d.ts} +2 -2
- package/dist/{mod-Coe7KEgX.d.cts → mod-DoJBjjnO.d.cts} +2 -2
- package/dist/{mod-D6dOd--H.d.ts → mod-DvxszxXC.d.ts} +2 -2
- package/dist/mod.cjs +29 -74
- package/dist/mod.d.cts +11 -14
- package/dist/mod.d.ts +11 -15
- package/dist/mod.js +17 -71
- package/dist/{negotiation-BlAuS_nr.js → negotiation-DnsfFF8I.mjs} +7 -11
- package/dist/nodeinfo/client.test.d.mts +2 -0
- package/dist/nodeinfo/{client.test.js → client.test.mjs} +22 -40
- package/dist/nodeinfo/handler.test.d.mts +2 -0
- package/dist/nodeinfo/{handler.test.js → handler.test.mjs} +13 -43
- package/dist/nodeinfo/mod.cjs +5 -8
- package/dist/nodeinfo/mod.d.cts +2 -3
- package/dist/nodeinfo/mod.d.ts +2 -3
- package/dist/nodeinfo/mod.js +4 -8
- package/dist/nodeinfo/types.test.d.mts +2 -0
- package/dist/nodeinfo/{types.test.js → types.test.mjs} +9 -16
- package/dist/otel/exporter.test.d.mts +2 -0
- package/dist/otel/{exporter.test.js → exporter.test.mjs} +124 -178
- package/dist/otel/mod.cjs +15 -20
- package/dist/otel/mod.d.cts +2 -2
- package/dist/otel/mod.d.ts +2 -2
- package/dist/otel/mod.js +8 -14
- package/dist/{owner-gd0Q9FuU.d.ts → owner-74ARJ5TL.d.ts} +1 -1
- package/dist/{owner-1AbPBOOZ.d.cts → owner-CptqhsOy.d.cts} +1 -1
- package/dist/{owner-Cye0yQB_.js → owner-DF320w6K.mjs} +11 -16
- package/dist/{proof-DdGGXVWM.js → proof-BCWk5oas.js} +32 -58
- package/dist/{proof-DV5lC_Bw.js → proof-IyDwwmzL.mjs} +21 -33
- package/dist/{proof-CN5iR1tW.cjs → proof-WhNxSv_N.cjs} +133 -157
- package/dist/{retry-mqLf4b-R.js → retry-B_E3V_Dx.mjs} +4 -7
- package/dist/{router-D9eI0s4b.js → router-CrMLXoOr.mjs} +4 -8
- package/dist/runtime/mod.cjs +11 -13
- package/dist/runtime/mod.d.cts +6 -2
- package/dist/runtime/mod.d.ts +0 -1
- package/dist/runtime/mod.js +4 -7
- package/dist/{send-C2a_3YAF.js → send-CJQubr5t.mjs} +8 -13
- package/dist/sig/accept.test.d.mts +2 -0
- package/dist/sig/{accept.test.js → accept.test.mjs} +35 -70
- package/dist/sig/http.test.d.mts +2 -0
- package/dist/sig/{http.test.js → http.test.mjs} +166 -280
- package/dist/sig/key.test.d.mts +2 -0
- package/dist/sig/{key.test.js → key.test.mjs} +11 -18
- package/dist/sig/ld.test.d.mts +2 -0
- package/dist/sig/{ld.test.js → ld.test.mjs} +22 -35
- package/dist/sig/mod.cjs +6 -9
- package/dist/sig/mod.d.cts +3 -3
- package/dist/sig/mod.d.ts +3 -3
- package/dist/sig/mod.js +5 -9
- package/dist/sig/owner.test.d.mts +2 -0
- package/dist/sig/{owner.test.js → owner.test.mjs} +19 -34
- package/dist/sig/proof.test.d.mts +2 -0
- package/dist/sig/{proof.test.js → proof.test.mjs} +16 -27
- package/dist/{std__assert-X-_kMxKM.js → std__assert-Duiq_YC9.mjs} +12 -24
- package/dist/testing/{mod.d.ts → mod.d.mts} +26 -90
- package/dist/testing/mod.mjs +6 -0
- package/dist/{transformers-3g8GZwkZ.cjs → transformers-NeAONrAq.cjs} +20 -25
- package/dist/{transformers-C3FLHUd6.js → transformers-ve6e2xcg.js} +3 -7
- package/dist/{types-CPz01LGH.js → types-DCP0WLdt.mjs} +4 -7
- package/dist/{types-Cd_hszr_.cjs → types-KC4QAoxe.cjs} +29 -34
- package/dist/{types-C93Ob9cU.js → types-hvL8ElAs.js} +8 -13
- package/dist/utils/docloader.test.d.mts +2 -0
- package/dist/utils/{docloader.test.js → docloader.test.mjs} +14 -25
- package/dist/utils/kv-cache.test.d.mts +2 -0
- package/dist/utils/{kv-cache.test.js → kv-cache.test.mjs} +25 -40
- package/dist/utils/mod.cjs +5 -9
- package/dist/utils/mod.d.cts +1 -3
- package/dist/utils/mod.d.ts +1 -3
- package/dist/utils/mod.js +4 -9
- package/dist/vocab/cjs.test.d.mts +2 -0
- package/dist/vocab/cjs.test.mjs +14 -0
- package/dist/vocab/mod.cjs +10 -12
- package/dist/vocab/mod.js +3 -5
- package/package.json +8 -8
- package/dist/compat/transformers.test.d.ts +0 -3
- package/dist/compat/transformers.test.js +0 -88
- package/dist/compat-Bb4NuTUO.js +0 -4
- package/dist/compat-DmDDELst.cjs +0 -4
- package/dist/deno-CnMqla6T.js +0 -121
- package/dist/federation/builder.test.d.ts +0 -3
- package/dist/federation/collection.test.d.ts +0 -3
- package/dist/federation/collection.test.js +0 -32
- package/dist/federation/handler.test.d.ts +0 -3
- package/dist/federation/idempotency.test.d.ts +0 -3
- package/dist/federation/inbox.test.d.ts +0 -3
- package/dist/federation/keycache.test.d.ts +0 -3
- package/dist/federation/kv.test.d.ts +0 -3
- package/dist/federation/middleware.test.d.ts +0 -3
- package/dist/federation/mq.test.d.ts +0 -3
- package/dist/federation/negotiation.test.d.ts +0 -3
- package/dist/federation/retry.test.d.ts +0 -3
- package/dist/federation/router.test.d.ts +0 -3
- package/dist/federation/send.test.d.ts +0 -3
- package/dist/federation/webfinger.test.d.ts +0 -3
- package/dist/federation-Bp3HI26G.cjs +0 -350
- package/dist/federation-DaMfqRm4.js +0 -332
- package/dist/middleware-B0kNQMO0.js +0 -27
- package/dist/middleware-BYQL9cdV.js +0 -12
- package/dist/middleware-DfNqksSs.cjs +0 -12
- package/dist/mod-B7QkWzrL.d.cts +0 -80
- package/dist/mod-Bh8mqlYw.d.cts +0 -9
- package/dist/mod-D6HodEq7.d.ts +0 -7
- package/dist/mod-SMHOMNpZ.d.ts +0 -82
- package/dist/mod-gq_Xfdz8.d.cts +0 -1
- package/dist/nodeinfo/client.test.d.ts +0 -3
- package/dist/nodeinfo/handler.test.d.ts +0 -3
- package/dist/nodeinfo/types.test.d.ts +0 -3
- package/dist/nodeinfo-DoESQxq5.js +0 -4
- package/dist/nodeinfo-DuMYTpbZ.cjs +0 -4
- package/dist/otel/exporter.test.d.ts +0 -3
- package/dist/runtime-c2Njxsry.cjs +0 -17
- package/dist/runtime-poamPCMb.js +0 -13
- package/dist/sig/accept.test.d.ts +0 -3
- package/dist/sig/http.test.d.ts +0 -3
- package/dist/sig/key.test.d.ts +0 -3
- package/dist/sig/ld.test.d.ts +0 -3
- package/dist/sig/owner.test.d.ts +0 -3
- package/dist/sig/proof.test.d.ts +0 -3
- package/dist/sig-BNhspNOf.js +0 -4
- package/dist/sig-vX39WyWI.cjs +0 -4
- package/dist/testing/mod.js +0 -10
- package/dist/utils/docloader.test.d.ts +0 -3
- package/dist/utils/kv-cache.test.d.ts +0 -3
- package/dist/utils-BQ9KqEK9.cjs +0 -4
- package/dist/utils-Dn5OPdSW.js +0 -4
- /package/dist/{mod-AGjRfPjT.d.ts → compat/transformers.test.d.mts} +0 -0
|
@@ -1,47 +1,23 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
import
|
|
7
|
-
import { assert } from "../assert-
|
|
8
|
-
import "../
|
|
9
|
-
import {
|
|
10
|
-
import "../
|
|
11
|
-
import {
|
|
12
|
-
import "../
|
|
13
|
-
import "../
|
|
14
|
-
import "../types-CPz01LGH.js";
|
|
15
|
-
import { parseAcceptSignature } from "../accept-D7sAxyNa.js";
|
|
16
|
-
import "../key-DFLFXKER.js";
|
|
17
|
-
import { signRequest } from "../http-CKaqhjvP.js";
|
|
18
|
-
import "../ld-CGGXZJK0.js";
|
|
19
|
-
import "../owner-Cye0yQB_.js";
|
|
20
|
-
import "../proof-DV5lC_Bw.js";
|
|
21
|
-
import "../docloader-JiZmL7BP.js";
|
|
22
|
-
import "../kv-cache-Bw2F2ABq.js";
|
|
23
|
-
import { InboxListenerSet } from "../inbox-Bd91CVJP.js";
|
|
24
|
-
import "../builder-OscY92PK.js";
|
|
25
|
-
import "../collection-CSzG2j1P.js";
|
|
26
|
-
import "../keycache-CpGWAUbj.js";
|
|
27
|
-
import "../negotiation-BlAuS_nr.js";
|
|
28
|
-
import "../retry-mqLf4b-R.js";
|
|
29
|
-
import "../send-C2a_3YAF.js";
|
|
30
|
-
import "../std__assert-X-_kMxKM.js";
|
|
31
|
-
import "../assert_rejects-0h7I2Esa.js";
|
|
32
|
-
import "../assert_throws-rjdMBf31.js";
|
|
33
|
-
import "../assert_not_equals-f3m3epl3.js";
|
|
34
|
-
import { createInboxContext, createRequestContext } from "../context-Aqenou7c.js";
|
|
35
|
-
import { rsaPrivateKey3, rsaPublicKey2, rsaPublicKey3 } from "../keys-BFve7QQv.js";
|
|
1
|
+
import { Temporal } from "@js-temporal/polyfill";
|
|
2
|
+
import "urlpattern-polyfill";
|
|
3
|
+
globalThis.addEventListener = () => {};
|
|
4
|
+
import { n as createRequestContext, t as createInboxContext } from "../context-Juj6bdHC.mjs";
|
|
5
|
+
import { t as assertEquals } from "../assert_equals-Ew3jOFa3.mjs";
|
|
6
|
+
import "../std__assert-Duiq_YC9.mjs";
|
|
7
|
+
import { t as assert } from "../assert-ddO5KLpe.mjs";
|
|
8
|
+
import { r as parseAcceptSignature } from "../accept-Dd__NiUL.mjs";
|
|
9
|
+
import { s as signRequest } from "../http-CNsnyqrO.mjs";
|
|
10
|
+
import { a as rsaPrivateKey3, c as rsaPublicKey3, s as rsaPublicKey2 } from "../keys-BAK-tUlf.mjs";
|
|
11
|
+
import { t as MemoryKvStore } from "../kv-tL2TOE9X.mjs";
|
|
12
|
+
import { a as createFederation, c as handleCollection, d as handleObject, f as respondWithObject, l as handleCustomCollection, p as respondWithObjectIfAcceptable, s as handleActor, u as handleInbox } from "../middleware-Du-vh7I_.mjs";
|
|
13
|
+
import { t as InboxListenerSet } from "../inbox-DegXbbbS.mjs";
|
|
36
14
|
import { createTestTracerProvider, mockDocumentLoader, test } from "@fedify/fixture";
|
|
37
15
|
import { Create, Note, Person } from "@fedify/vocab";
|
|
38
16
|
import { FetchError } from "@fedify/vocab-runtime";
|
|
39
|
-
|
|
40
17
|
//#region src/federation/handler.test.ts
|
|
41
18
|
test("handleActor()", async () => {
|
|
42
|
-
const federation = createFederation({ kv: new MemoryKvStore() });
|
|
43
19
|
let context = createRequestContext({
|
|
44
|
-
federation,
|
|
20
|
+
federation: createFederation({ kv: new MemoryKvStore() }),
|
|
45
21
|
data: void 0,
|
|
46
22
|
url: new URL("https://example.com/"),
|
|
47
23
|
getActorUri(identifier) {
|
|
@@ -231,9 +207,8 @@ test("handleActor()", async () => {
|
|
|
231
207
|
assertEquals(onUnauthorizedCalled, null);
|
|
232
208
|
});
|
|
233
209
|
test("handleObject()", async () => {
|
|
234
|
-
const federation = createFederation({ kv: new MemoryKvStore() });
|
|
235
210
|
let context = createRequestContext({
|
|
236
|
-
federation,
|
|
211
|
+
federation: createFederation({ kv: new MemoryKvStore() }),
|
|
237
212
|
data: void 0,
|
|
238
213
|
url: new URL("https://example.com/"),
|
|
239
214
|
getObjectUri(_cls, values) {
|
|
@@ -444,9 +419,8 @@ test("handleObject()", async () => {
|
|
|
444
419
|
assertEquals(onUnauthorizedCalled, null);
|
|
445
420
|
});
|
|
446
421
|
test("handleCollection()", async () => {
|
|
447
|
-
const federation = createFederation({ kv: new MemoryKvStore() });
|
|
448
422
|
let context = createRequestContext({
|
|
449
|
-
federation,
|
|
423
|
+
federation: createFederation({ kv: new MemoryKvStore() }),
|
|
450
424
|
data: void 0,
|
|
451
425
|
url: new URL("https://example.com/"),
|
|
452
426
|
getActorUri(identifier) {
|
|
@@ -1045,7 +1019,7 @@ test("handleInbox()", async () => {
|
|
|
1045
1019
|
});
|
|
1046
1020
|
assertEquals(onNotFoundCalled, null);
|
|
1047
1021
|
assertEquals(response.status, 202);
|
|
1048
|
-
const
|
|
1022
|
+
const signedInvalidRequest = await signRequest(new Request("https://example.com/", {
|
|
1049
1023
|
method: "POST",
|
|
1050
1024
|
body: JSON.stringify({
|
|
1051
1025
|
"@context": [
|
|
@@ -1060,8 +1034,7 @@ test("handleInbox()", async () => {
|
|
|
1060
1034
|
},
|
|
1061
1035
|
actor: "https://example.com/users/alice"
|
|
1062
1036
|
})
|
|
1063
|
-
});
|
|
1064
|
-
const signedInvalidRequest = await signRequest(invalidRequest, rsaPrivateKey3, rsaPublicKey3.id);
|
|
1037
|
+
}), rsaPrivateKey3, rsaPublicKey3.id);
|
|
1065
1038
|
const signedInvalidContext = createRequestContext({
|
|
1066
1039
|
federation,
|
|
1067
1040
|
request: signedInvalidRequest,
|
|
@@ -1217,9 +1190,8 @@ test("respondWithObjectIfAcceptable", async () => {
|
|
|
1217
1190
|
assertEquals(response, null);
|
|
1218
1191
|
});
|
|
1219
1192
|
test("handleCustomCollection()", async () => {
|
|
1220
|
-
const federation = createFederation({ kv: new MemoryKvStore() });
|
|
1221
1193
|
let context = createRequestContext({
|
|
1222
|
-
federation,
|
|
1194
|
+
federation: createFederation({ kv: new MemoryKvStore() }),
|
|
1223
1195
|
data: void 0,
|
|
1224
1196
|
url: new URL("https://example.com/")
|
|
1225
1197
|
});
|
|
@@ -1516,12 +1488,11 @@ test("handleInbox() records OpenTelemetry span events", async () => {
|
|
|
1516
1488
|
content: "Hello, world!"
|
|
1517
1489
|
})
|
|
1518
1490
|
});
|
|
1519
|
-
const
|
|
1491
|
+
const signed = await signRequest(new Request("https://example.com/users/someone/inbox", {
|
|
1520
1492
|
method: "POST",
|
|
1521
1493
|
headers: { "Content-Type": "application/activity+json" },
|
|
1522
1494
|
body: JSON.stringify(await activity.toJsonLd())
|
|
1523
|
-
});
|
|
1524
|
-
const signed = await signRequest(request, rsaPrivateKey3, new URL("https://example.com/users/someone#main-key"));
|
|
1495
|
+
}), rsaPrivateKey3, new URL("https://example.com/users/someone#main-key"));
|
|
1525
1496
|
const context = createRequestContext({
|
|
1526
1497
|
federation,
|
|
1527
1498
|
request: signed,
|
|
@@ -1544,10 +1515,10 @@ test("handleInbox() records OpenTelemetry span events", async () => {
|
|
|
1544
1515
|
};
|
|
1545
1516
|
const listeners = new InboxListenerSet();
|
|
1546
1517
|
let receivedActivity = null;
|
|
1547
|
-
listeners.add(Create, (_ctx, activity
|
|
1548
|
-
receivedActivity = activity
|
|
1518
|
+
listeners.add(Create, (_ctx, activity) => {
|
|
1519
|
+
receivedActivity = activity;
|
|
1549
1520
|
});
|
|
1550
|
-
|
|
1521
|
+
assertEquals((await handleInbox(signed, {
|
|
1551
1522
|
recipient: "someone",
|
|
1552
1523
|
context,
|
|
1553
1524
|
inboxContextFactory(_activity) {
|
|
@@ -1569,8 +1540,7 @@ test("handleInbox() records OpenTelemetry span events", async () => {
|
|
|
1569
1540
|
signatureTimeWindow: false,
|
|
1570
1541
|
skipSignatureVerification: true,
|
|
1571
1542
|
tracerProvider
|
|
1572
|
-
});
|
|
1573
|
-
assertEquals(response.status, 202);
|
|
1543
|
+
})).status, 202);
|
|
1574
1544
|
assert(receivedActivity != null);
|
|
1575
1545
|
const spans = exporter.getSpans("activitypub.inbox");
|
|
1576
1546
|
assertEquals(spans.length, 1);
|
|
@@ -1604,12 +1574,11 @@ test("handleInbox() records unverified HTTP signature details", async () => {
|
|
|
1604
1574
|
content: "Hello, world!"
|
|
1605
1575
|
})
|
|
1606
1576
|
});
|
|
1607
|
-
const
|
|
1577
|
+
const signed = await signRequest(new Request("https://example.com/users/someone/inbox", {
|
|
1608
1578
|
method: "POST",
|
|
1609
1579
|
headers: { "Content-Type": "application/activity+json" },
|
|
1610
1580
|
body: JSON.stringify(await activity.toJsonLd())
|
|
1611
|
-
});
|
|
1612
|
-
const signed = await signRequest(request, rsaPrivateKey3, keyId);
|
|
1581
|
+
}), rsaPrivateKey3, keyId);
|
|
1613
1582
|
const documentLoader = (url) => {
|
|
1614
1583
|
if (url === keyId.href) throw new FetchError(keyId, `HTTP 410: ${keyId.href}`, new Response(null, { status: 410 }));
|
|
1615
1584
|
return mockDocumentLoader(url);
|
|
@@ -1634,7 +1603,7 @@ test("handleInbox() records unverified HTTP signature details", async () => {
|
|
|
1634
1603
|
publicKey: rsaPublicKey2
|
|
1635
1604
|
});
|
|
1636
1605
|
};
|
|
1637
|
-
|
|
1606
|
+
assertEquals((await handleInbox(signed, {
|
|
1638
1607
|
recipient: "someone",
|
|
1639
1608
|
context,
|
|
1640
1609
|
inboxContextFactory(_activity) {
|
|
@@ -1659,8 +1628,7 @@ test("handleInbox() records unverified HTTP signature details", async () => {
|
|
|
1659
1628
|
signatureTimeWindow: false,
|
|
1660
1629
|
skipSignatureVerification: false,
|
|
1661
1630
|
tracerProvider
|
|
1662
|
-
});
|
|
1663
|
-
assertEquals(response.status, 202);
|
|
1631
|
+
})).status, 202);
|
|
1664
1632
|
const verifySpans = exporter.getSpans("http_signatures.verify");
|
|
1665
1633
|
assertEquals(verifySpans.length, 1);
|
|
1666
1634
|
assertEquals(verifySpans[0].attributes["http_signatures.failure_reason"], "keyFetchError");
|
|
@@ -1686,9 +1654,8 @@ test("handleInbox() challenge policy enabled + unsigned request", async () => {
|
|
|
1686
1654
|
method: "POST",
|
|
1687
1655
|
body: JSON.stringify(await activity.toJsonLd())
|
|
1688
1656
|
});
|
|
1689
|
-
const federation = createFederation({ kv: new MemoryKvStore() });
|
|
1690
1657
|
const context = createRequestContext({
|
|
1691
|
-
federation,
|
|
1658
|
+
federation: createFederation({ kv: new MemoryKvStore() }),
|
|
1692
1659
|
request: unsignedRequest,
|
|
1693
1660
|
url: new URL(unsignedRequest.url),
|
|
1694
1661
|
data: void 0
|
|
@@ -1697,7 +1664,6 @@ test("handleInbox() challenge policy enabled + unsigned request", async () => {
|
|
|
1697
1664
|
if (identifier !== "someone") return null;
|
|
1698
1665
|
return new Person({ name: "Someone" });
|
|
1699
1666
|
};
|
|
1700
|
-
const kv = new MemoryKvStore();
|
|
1701
1667
|
const response = await handleInbox(unsignedRequest, {
|
|
1702
1668
|
recipient: "someone",
|
|
1703
1669
|
context,
|
|
@@ -1708,7 +1674,7 @@ test("handleInbox() challenge policy enabled + unsigned request", async () => {
|
|
|
1708
1674
|
recipient: "someone"
|
|
1709
1675
|
});
|
|
1710
1676
|
},
|
|
1711
|
-
kv,
|
|
1677
|
+
kv: new MemoryKvStore(),
|
|
1712
1678
|
kvPrefixes: {
|
|
1713
1679
|
activityIdempotence: ["_fedify", "activityIdempotence"],
|
|
1714
1680
|
publicKey: ["_fedify", "publicKey"],
|
|
@@ -1740,11 +1706,10 @@ test("handleInbox() challenge policy enabled + invalid signature", async () => {
|
|
|
1740
1706
|
content: "Hello!"
|
|
1741
1707
|
})
|
|
1742
1708
|
});
|
|
1743
|
-
const
|
|
1709
|
+
const signedRequest = await signRequest(new Request("https://example.com/", {
|
|
1744
1710
|
method: "POST",
|
|
1745
1711
|
body: JSON.stringify(await activity.toJsonLd())
|
|
1746
|
-
});
|
|
1747
|
-
const signedRequest = await signRequest(originalRequest, rsaPrivateKey3, rsaPublicKey3.id);
|
|
1712
|
+
}), rsaPrivateKey3, rsaPublicKey3.id);
|
|
1748
1713
|
const jsonLd = await activity.toJsonLd();
|
|
1749
1714
|
const tamperedBody = JSON.stringify({
|
|
1750
1715
|
...jsonLd,
|
|
@@ -1755,9 +1720,8 @@ test("handleInbox() challenge policy enabled + invalid signature", async () => {
|
|
|
1755
1720
|
headers: signedRequest.headers,
|
|
1756
1721
|
body: tamperedBody
|
|
1757
1722
|
});
|
|
1758
|
-
const federation = createFederation({ kv: new MemoryKvStore() });
|
|
1759
1723
|
const context = createRequestContext({
|
|
1760
|
-
federation,
|
|
1724
|
+
federation: createFederation({ kv: new MemoryKvStore() }),
|
|
1761
1725
|
request: tamperedRequest,
|
|
1762
1726
|
url: new URL(tamperedRequest.url),
|
|
1763
1727
|
data: void 0,
|
|
@@ -1767,7 +1731,6 @@ test("handleInbox() challenge policy enabled + invalid signature", async () => {
|
|
|
1767
1731
|
if (identifier !== "someone") return null;
|
|
1768
1732
|
return new Person({ name: "Someone" });
|
|
1769
1733
|
};
|
|
1770
|
-
const kv = new MemoryKvStore();
|
|
1771
1734
|
const response = await handleInbox(tamperedRequest, {
|
|
1772
1735
|
recipient: "someone",
|
|
1773
1736
|
context,
|
|
@@ -1778,7 +1741,7 @@ test("handleInbox() challenge policy enabled + invalid signature", async () => {
|
|
|
1778
1741
|
recipient: "someone"
|
|
1779
1742
|
});
|
|
1780
1743
|
},
|
|
1781
|
-
kv,
|
|
1744
|
+
kv: new MemoryKvStore(),
|
|
1782
1745
|
kvPrefixes: {
|
|
1783
1746
|
activityIdempotence: ["_fedify", "activityIdempotence"],
|
|
1784
1747
|
publicKey: ["_fedify", "publicKey"],
|
|
@@ -1791,8 +1754,7 @@ test("handleInbox() challenge policy enabled + invalid signature", async () => {
|
|
|
1791
1754
|
inboxChallengePolicy: { enabled: true }
|
|
1792
1755
|
});
|
|
1793
1756
|
assertEquals(response.status, 401);
|
|
1794
|
-
|
|
1795
|
-
assert(acceptSig != null, "Accept-Signature header must be present");
|
|
1757
|
+
assert(response.headers.get("Accept-Signature") != null, "Accept-Signature header must be present");
|
|
1796
1758
|
assertEquals(response.headers.get("Cache-Control"), "no-store");
|
|
1797
1759
|
});
|
|
1798
1760
|
test("handleInbox() challenge policy enabled + valid signature", async () => {
|
|
@@ -1821,7 +1783,6 @@ test("handleInbox() challenge policy enabled + valid signature", async () => {
|
|
|
1821
1783
|
if (identifier !== "someone") return null;
|
|
1822
1784
|
return new Person({ name: "Someone" });
|
|
1823
1785
|
};
|
|
1824
|
-
const kv = new MemoryKvStore();
|
|
1825
1786
|
const response = await handleInbox(signedRequest, {
|
|
1826
1787
|
recipient: "someone",
|
|
1827
1788
|
context,
|
|
@@ -1832,7 +1793,7 @@ test("handleInbox() challenge policy enabled + valid signature", async () => {
|
|
|
1832
1793
|
recipient: "someone"
|
|
1833
1794
|
});
|
|
1834
1795
|
},
|
|
1835
|
-
kv,
|
|
1796
|
+
kv: new MemoryKvStore(),
|
|
1836
1797
|
kvPrefixes: {
|
|
1837
1798
|
activityIdempotence: ["_fedify", "activityIdempotence"],
|
|
1838
1799
|
publicKey: ["_fedify", "publicKey"],
|
|
@@ -1861,9 +1822,8 @@ test("handleInbox() challenge policy disabled + unsigned request", async () => {
|
|
|
1861
1822
|
method: "POST",
|
|
1862
1823
|
body: JSON.stringify(await activity.toJsonLd())
|
|
1863
1824
|
});
|
|
1864
|
-
const federation = createFederation({ kv: new MemoryKvStore() });
|
|
1865
1825
|
const context = createRequestContext({
|
|
1866
|
-
federation,
|
|
1826
|
+
federation: createFederation({ kv: new MemoryKvStore() }),
|
|
1867
1827
|
request: unsignedRequest,
|
|
1868
1828
|
url: new URL(unsignedRequest.url),
|
|
1869
1829
|
data: void 0
|
|
@@ -1872,7 +1832,6 @@ test("handleInbox() challenge policy disabled + unsigned request", async () => {
|
|
|
1872
1832
|
if (identifier !== "someone") return null;
|
|
1873
1833
|
return new Person({ name: "Someone" });
|
|
1874
1834
|
};
|
|
1875
|
-
const kv = new MemoryKvStore();
|
|
1876
1835
|
const response = await handleInbox(unsignedRequest, {
|
|
1877
1836
|
recipient: "someone",
|
|
1878
1837
|
context,
|
|
@@ -1883,7 +1842,7 @@ test("handleInbox() challenge policy disabled + unsigned request", async () => {
|
|
|
1883
1842
|
recipient: "someone"
|
|
1884
1843
|
});
|
|
1885
1844
|
},
|
|
1886
|
-
kv,
|
|
1845
|
+
kv: new MemoryKvStore(),
|
|
1887
1846
|
kvPrefixes: {
|
|
1888
1847
|
activityIdempotence: ["_fedify", "activityIdempotence"],
|
|
1889
1848
|
publicKey: ["_fedify", "publicKey"],
|
|
@@ -1911,9 +1870,8 @@ test("handleInbox() actor/key mismatch → plain 401 (no challenge)", async () =
|
|
|
1911
1870
|
method: "POST",
|
|
1912
1871
|
body: JSON.stringify(await maliciousActivity.toJsonLd())
|
|
1913
1872
|
}), rsaPrivateKey3, rsaPublicKey3.id);
|
|
1914
|
-
const federation = createFederation({ kv: new MemoryKvStore() });
|
|
1915
1873
|
const context = createRequestContext({
|
|
1916
|
-
federation,
|
|
1874
|
+
federation: createFederation({ kv: new MemoryKvStore() }),
|
|
1917
1875
|
request: maliciousRequest,
|
|
1918
1876
|
url: new URL(maliciousRequest.url),
|
|
1919
1877
|
data: void 0,
|
|
@@ -1923,7 +1881,6 @@ test("handleInbox() actor/key mismatch → plain 401 (no challenge)", async () =
|
|
|
1923
1881
|
if (identifier !== "someone") return null;
|
|
1924
1882
|
return new Person({ name: "Someone" });
|
|
1925
1883
|
};
|
|
1926
|
-
const kv = new MemoryKvStore();
|
|
1927
1884
|
const response = await handleInbox(maliciousRequest, {
|
|
1928
1885
|
recipient: "someone",
|
|
1929
1886
|
context,
|
|
@@ -1934,7 +1891,7 @@ test("handleInbox() actor/key mismatch → plain 401 (no challenge)", async () =
|
|
|
1934
1891
|
recipient: "someone"
|
|
1935
1892
|
});
|
|
1936
1893
|
},
|
|
1937
|
-
kv,
|
|
1894
|
+
kv: new MemoryKvStore(),
|
|
1938
1895
|
kvPrefixes: {
|
|
1939
1896
|
activityIdempotence: ["_fedify", "activityIdempotence"],
|
|
1940
1897
|
publicKey: ["_fedify", "publicKey"],
|
|
@@ -1964,9 +1921,8 @@ test("handleInbox() nonce issuance in challenge", async () => {
|
|
|
1964
1921
|
method: "POST",
|
|
1965
1922
|
body: JSON.stringify(await activity.toJsonLd())
|
|
1966
1923
|
});
|
|
1967
|
-
const federation = createFederation({ kv: new MemoryKvStore() });
|
|
1968
1924
|
const context = createRequestContext({
|
|
1969
|
-
federation,
|
|
1925
|
+
federation: createFederation({ kv: new MemoryKvStore() }),
|
|
1970
1926
|
request: unsignedRequest,
|
|
1971
1927
|
url: new URL(unsignedRequest.url),
|
|
1972
1928
|
data: void 0
|
|
@@ -2014,8 +1970,7 @@ test("handleInbox() nonce issuance in challenge", async () => {
|
|
|
2014
1970
|
"acceptSignatureNonce",
|
|
2015
1971
|
parsed[0].parameters.nonce
|
|
2016
1972
|
];
|
|
2017
|
-
|
|
2018
|
-
assertEquals(stored, true, "Nonce must be stored in KV store");
|
|
1973
|
+
assertEquals(await kv.get(nonceKey), true, "Nonce must be stored in KV store");
|
|
2019
1974
|
});
|
|
2020
1975
|
test("handleInbox() nonce consumption on valid signed request", async () => {
|
|
2021
1976
|
const activity = new Create({
|
|
@@ -2042,9 +1997,8 @@ test("handleInbox() nonce consumption on valid signed request", async () => {
|
|
|
2042
1997
|
spec: "rfc9421",
|
|
2043
1998
|
rfc9421: { nonce }
|
|
2044
1999
|
});
|
|
2045
|
-
const federation = createFederation({ kv: new MemoryKvStore() });
|
|
2046
2000
|
const context = createRequestContext({
|
|
2047
|
-
federation,
|
|
2001
|
+
federation: createFederation({ kv: new MemoryKvStore() }),
|
|
2048
2002
|
request: signedRequest,
|
|
2049
2003
|
url: new URL(signedRequest.url),
|
|
2050
2004
|
data: void 0,
|
|
@@ -2054,7 +2008,7 @@ test("handleInbox() nonce consumption on valid signed request", async () => {
|
|
|
2054
2008
|
if (identifier !== "someone") return null;
|
|
2055
2009
|
return new Person({ name: "Someone" });
|
|
2056
2010
|
};
|
|
2057
|
-
|
|
2011
|
+
assertEquals((await handleInbox(signedRequest, {
|
|
2058
2012
|
recipient: "someone",
|
|
2059
2013
|
context,
|
|
2060
2014
|
inboxContextFactory(_activity) {
|
|
@@ -2079,14 +2033,12 @@ test("handleInbox() nonce consumption on valid signed request", async () => {
|
|
|
2079
2033
|
requestNonce: true,
|
|
2080
2034
|
nonceTtlSeconds: 300
|
|
2081
2035
|
}
|
|
2082
|
-
});
|
|
2083
|
-
assertEquals(
|
|
2084
|
-
const stored = await kv.get([
|
|
2036
|
+
})).status, 202);
|
|
2037
|
+
assertEquals(await kv.get([
|
|
2085
2038
|
"_fedify",
|
|
2086
2039
|
"acceptSignatureNonce",
|
|
2087
2040
|
nonce
|
|
2088
|
-
]);
|
|
2089
|
-
assertEquals(stored, void 0, "Nonce must be consumed after use");
|
|
2041
|
+
]), void 0, "Nonce must be consumed after use");
|
|
2090
2042
|
});
|
|
2091
2043
|
test("handleInbox() nonce replay prevention", async () => {
|
|
2092
2044
|
const activity = new Create({
|
|
@@ -2108,9 +2060,8 @@ test("handleInbox() nonce replay prevention", async () => {
|
|
|
2108
2060
|
spec: "rfc9421",
|
|
2109
2061
|
rfc9421: { nonce }
|
|
2110
2062
|
});
|
|
2111
|
-
const federation = createFederation({ kv: new MemoryKvStore() });
|
|
2112
2063
|
const context = createRequestContext({
|
|
2113
|
-
federation,
|
|
2064
|
+
federation: createFederation({ kv: new MemoryKvStore() }),
|
|
2114
2065
|
request: signedRequest,
|
|
2115
2066
|
url: new URL(signedRequest.url),
|
|
2116
2067
|
data: void 0,
|
|
@@ -2189,9 +2140,8 @@ test("handleInbox() nonce bypass: valid sig without nonce + invalid sig with non
|
|
|
2189
2140
|
headers: tamperedHeaders,
|
|
2190
2141
|
body: await signedRequest.clone().arrayBuffer()
|
|
2191
2142
|
});
|
|
2192
|
-
const federation = createFederation({ kv: new MemoryKvStore() });
|
|
2193
2143
|
const context = createRequestContext({
|
|
2194
|
-
federation,
|
|
2144
|
+
federation: createFederation({ kv: new MemoryKvStore() }),
|
|
2195
2145
|
request: tamperedRequest,
|
|
2196
2146
|
url: new URL(tamperedRequest.url),
|
|
2197
2147
|
data: void 0,
|
|
@@ -2201,7 +2151,7 @@ test("handleInbox() nonce bypass: valid sig without nonce + invalid sig with non
|
|
|
2201
2151
|
if (identifier !== "someone") return null;
|
|
2202
2152
|
return new Person({ name: "Someone" });
|
|
2203
2153
|
};
|
|
2204
|
-
|
|
2154
|
+
assertEquals((await handleInbox(tamperedRequest, {
|
|
2205
2155
|
recipient: "someone",
|
|
2206
2156
|
context,
|
|
2207
2157
|
inboxContextFactory(_activity) {
|
|
@@ -2226,14 +2176,12 @@ test("handleInbox() nonce bypass: valid sig without nonce + invalid sig with non
|
|
|
2226
2176
|
requestNonce: true,
|
|
2227
2177
|
nonceTtlSeconds: 300
|
|
2228
2178
|
}
|
|
2229
|
-
});
|
|
2230
|
-
assertEquals(
|
|
2231
|
-
const stored = await kv.get([
|
|
2179
|
+
})).status, 401, "Request with nonce only in a non-verified signature must be rejected (nonce verification must be bound to the verified signature label)");
|
|
2180
|
+
assertEquals(await kv.get([
|
|
2232
2181
|
"_fedify",
|
|
2233
2182
|
"acceptSignatureNonce",
|
|
2234
2183
|
storedNonce
|
|
2235
|
-
]);
|
|
2236
|
-
assertEquals(stored, true, "Nonce must not be consumed when it comes from a non-verified signature");
|
|
2184
|
+
]), true, "Nonce must not be consumed when it comes from a non-verified signature");
|
|
2237
2185
|
});
|
|
2238
2186
|
test("handleInbox() actor/key mismatch does not consume nonce", async () => {
|
|
2239
2187
|
const maliciousActivity = new Create({
|
|
@@ -2260,9 +2208,8 @@ test("handleInbox() actor/key mismatch does not consume nonce", async () => {
|
|
|
2260
2208
|
spec: "rfc9421",
|
|
2261
2209
|
rfc9421: { nonce }
|
|
2262
2210
|
});
|
|
2263
|
-
const federation = createFederation({ kv: new MemoryKvStore() });
|
|
2264
2211
|
const context = createRequestContext({
|
|
2265
|
-
federation,
|
|
2212
|
+
federation: createFederation({ kv: new MemoryKvStore() }),
|
|
2266
2213
|
request: maliciousRequest,
|
|
2267
2214
|
url: new URL(maliciousRequest.url),
|
|
2268
2215
|
data: void 0,
|
|
@@ -2300,12 +2247,11 @@ test("handleInbox() actor/key mismatch does not consume nonce", async () => {
|
|
|
2300
2247
|
});
|
|
2301
2248
|
assertEquals(response.status, 401);
|
|
2302
2249
|
assertEquals(await response.text(), "The signer and the actor do not match.");
|
|
2303
|
-
|
|
2250
|
+
assertEquals(await kv.get([
|
|
2304
2251
|
"_fedify",
|
|
2305
2252
|
"acceptSignatureNonce",
|
|
2306
2253
|
nonce
|
|
2307
|
-
]);
|
|
2308
|
-
assertEquals(stored, true, "Nonce must not be consumed when actor/key ownership check fails");
|
|
2254
|
+
]), true, "Nonce must not be consumed when actor/key ownership check fails");
|
|
2309
2255
|
});
|
|
2310
2256
|
test("handleInbox() challenge policy enabled + unverifiedActivityHandler returns undefined", async () => {
|
|
2311
2257
|
const activity = new Create({
|
|
@@ -2317,11 +2263,10 @@ test("handleInbox() challenge policy enabled + unverifiedActivityHandler returns
|
|
|
2317
2263
|
content: "Hello!"
|
|
2318
2264
|
})
|
|
2319
2265
|
});
|
|
2320
|
-
const
|
|
2266
|
+
const signedRequest = await signRequest(new Request("https://example.com/", {
|
|
2321
2267
|
method: "POST",
|
|
2322
2268
|
body: JSON.stringify(await activity.toJsonLd())
|
|
2323
|
-
});
|
|
2324
|
-
const signedRequest = await signRequest(originalRequest, rsaPrivateKey3, rsaPublicKey3.id);
|
|
2269
|
+
}), rsaPrivateKey3, rsaPublicKey3.id);
|
|
2325
2270
|
const jsonLd = await activity.toJsonLd();
|
|
2326
2271
|
const tamperedBody = JSON.stringify({
|
|
2327
2272
|
...jsonLd,
|
|
@@ -2332,9 +2277,8 @@ test("handleInbox() challenge policy enabled + unverifiedActivityHandler returns
|
|
|
2332
2277
|
headers: signedRequest.headers,
|
|
2333
2278
|
body: tamperedBody
|
|
2334
2279
|
});
|
|
2335
|
-
const federation = createFederation({ kv: new MemoryKvStore() });
|
|
2336
2280
|
const context = createRequestContext({
|
|
2337
|
-
federation,
|
|
2281
|
+
federation: createFederation({ kv: new MemoryKvStore() }),
|
|
2338
2282
|
request: tamperedRequest,
|
|
2339
2283
|
url: new URL(tamperedRequest.url),
|
|
2340
2284
|
data: void 0,
|
|
@@ -2344,7 +2288,6 @@ test("handleInbox() challenge policy enabled + unverifiedActivityHandler returns
|
|
|
2344
2288
|
if (identifier !== "someone") return null;
|
|
2345
2289
|
return new Person({ name: "Someone" });
|
|
2346
2290
|
};
|
|
2347
|
-
const kv = new MemoryKvStore();
|
|
2348
2291
|
const response = await handleInbox(tamperedRequest, {
|
|
2349
2292
|
recipient: "someone",
|
|
2350
2293
|
context,
|
|
@@ -2355,7 +2298,7 @@ test("handleInbox() challenge policy enabled + unverifiedActivityHandler returns
|
|
|
2355
2298
|
recipient: "someone"
|
|
2356
2299
|
});
|
|
2357
2300
|
},
|
|
2358
|
-
kv,
|
|
2301
|
+
kv: new MemoryKvStore(),
|
|
2359
2302
|
kvPrefixes: {
|
|
2360
2303
|
activityIdempotence: ["_fedify", "activityIdempotence"],
|
|
2361
2304
|
publicKey: ["_fedify", "publicKey"],
|
|
@@ -2371,8 +2314,7 @@ test("handleInbox() challenge policy enabled + unverifiedActivityHandler returns
|
|
|
2371
2314
|
assertEquals(response.status, 401);
|
|
2372
2315
|
const acceptSig = response.headers.get("Accept-Signature");
|
|
2373
2316
|
assert(acceptSig != null, "Accept-Signature header must be present when unverifiedActivityHandler returns undefined and challenge policy is enabled");
|
|
2374
|
-
|
|
2375
|
-
assert(parsed.length > 0, "Accept-Signature must have at least one entry");
|
|
2317
|
+
assert(parseAcceptSignature(acceptSig).length > 0, "Accept-Signature must have at least one entry");
|
|
2376
2318
|
assertEquals(response.headers.get("Cache-Control"), "no-store", "Cache-Control: no-store must be set for challenge-response");
|
|
2377
2319
|
assertEquals(response.headers.get("Vary"), "Accept, Signature", "Vary header must include Accept and Signature");
|
|
2378
2320
|
});
|
|
@@ -2386,11 +2328,10 @@ test("handleInbox() challenge policy enabled + unverifiedActivityHandler throws
|
|
|
2386
2328
|
content: "Hello!"
|
|
2387
2329
|
})
|
|
2388
2330
|
});
|
|
2389
|
-
const
|
|
2331
|
+
const signedRequest = await signRequest(new Request("https://example.com/", {
|
|
2390
2332
|
method: "POST",
|
|
2391
2333
|
body: JSON.stringify(await activity.toJsonLd())
|
|
2392
|
-
});
|
|
2393
|
-
const signedRequest = await signRequest(originalRequest, rsaPrivateKey3, rsaPublicKey3.id);
|
|
2334
|
+
}), rsaPrivateKey3, rsaPublicKey3.id);
|
|
2394
2335
|
const jsonLd = await activity.toJsonLd();
|
|
2395
2336
|
const tamperedBody = JSON.stringify({
|
|
2396
2337
|
...jsonLd,
|
|
@@ -2401,9 +2342,8 @@ test("handleInbox() challenge policy enabled + unverifiedActivityHandler throws
|
|
|
2401
2342
|
headers: signedRequest.headers,
|
|
2402
2343
|
body: tamperedBody
|
|
2403
2344
|
});
|
|
2404
|
-
const federation = createFederation({ kv: new MemoryKvStore() });
|
|
2405
2345
|
const context = createRequestContext({
|
|
2406
|
-
federation,
|
|
2346
|
+
federation: createFederation({ kv: new MemoryKvStore() }),
|
|
2407
2347
|
request: tamperedRequest,
|
|
2408
2348
|
url: new URL(tamperedRequest.url),
|
|
2409
2349
|
data: void 0,
|
|
@@ -2413,7 +2353,6 @@ test("handleInbox() challenge policy enabled + unverifiedActivityHandler throws
|
|
|
2413
2353
|
if (identifier !== "someone") return null;
|
|
2414
2354
|
return new Person({ name: "Someone" });
|
|
2415
2355
|
};
|
|
2416
|
-
const kv = new MemoryKvStore();
|
|
2417
2356
|
const response = await handleInbox(tamperedRequest, {
|
|
2418
2357
|
recipient: "someone",
|
|
2419
2358
|
context,
|
|
@@ -2424,7 +2363,7 @@ test("handleInbox() challenge policy enabled + unverifiedActivityHandler throws
|
|
|
2424
2363
|
recipient: "someone"
|
|
2425
2364
|
});
|
|
2426
2365
|
},
|
|
2427
|
-
kv,
|
|
2366
|
+
kv: new MemoryKvStore(),
|
|
2428
2367
|
kvPrefixes: {
|
|
2429
2368
|
activityIdempotence: ["_fedify", "activityIdempotence"],
|
|
2430
2369
|
publicKey: ["_fedify", "publicKey"],
|
|
@@ -2442,10 +2381,9 @@ test("handleInbox() challenge policy enabled + unverifiedActivityHandler throws
|
|
|
2442
2381
|
assertEquals(response.status, 401);
|
|
2443
2382
|
const acceptSig = response.headers.get("Accept-Signature");
|
|
2444
2383
|
assert(acceptSig != null, "Accept-Signature header must be present when unverifiedActivityHandler throws and challenge policy is enabled");
|
|
2445
|
-
|
|
2446
|
-
assert(parsed.length > 0, "Accept-Signature must have at least one entry");
|
|
2384
|
+
assert(parseAcceptSignature(acceptSig).length > 0, "Accept-Signature must have at least one entry");
|
|
2447
2385
|
assertEquals(response.headers.get("Cache-Control"), "no-store", "Cache-Control: no-store must be set for challenge-response");
|
|
2448
2386
|
assertEquals(response.headers.get("Vary"), "Accept, Signature", "Vary header must include Accept and Signature");
|
|
2449
2387
|
});
|
|
2450
|
-
|
|
2451
|
-
|
|
2388
|
+
//#endregion
|
|
2389
|
+
export {};
|