javascript-solid-server 0.0.2 → 0.0.5

package/test/pod.test.js

@@ -0,0 +1,119 @@
+/**
+ * Pod lifecycle tests
+ */
+
+import { describe, it, before, after } from 'node:test';
+import assert from 'node:assert';
+import {
+  startTestServer,
+  stopTestServer,
+  request,
+  createTestPod,
+  assertStatus,
+  assertHeader,
+  assertHeaderContains
+} from './helpers.js';
+
+describe('Pod Lifecycle', () => {
+  before(async () => {
+    await startTestServer();
+  });
+
+  after(async () => {
+    await stopTestServer();
+  });
+
+  describe('POST /.pods', () => {
+    it('should create a new pod', async () => {
+      const res = await request('/.pods', {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/json' },
+        body: JSON.stringify({ name: 'alice' })
+      });
+
+      assertStatus(res, 201);
+      assertHeader(res, 'Location');
+
+      const data = await res.json();
+      assert.strictEqual(data.name, 'alice');
+      assert.ok(data.webId.endsWith('/alice/#me'));
+      assert.ok(data.podUri.endsWith('/alice/'));
+    });
+
+    it('should reject duplicate pod names', async () => {
+      // First create
+      await request('/.pods', {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/json' },
+        body: JSON.stringify({ name: 'bob' })
+      });
+
+      // Duplicate attempt
+      const res = await request('/.pods', {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/json' },
+        body: JSON.stringify({ name: 'bob' })
+      });
+
+      assertStatus(res, 409);
+    });
+
+    it('should reject invalid pod names', async () => {
+      const res = await request('/.pods', {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/json' },
+        body: JSON.stringify({ name: '../evil' })
+      });
+
+      assertStatus(res, 400);
+    });
+
+    it('should reject empty pod name', async () => {
+      const res = await request('/.pods', {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/json' },
+        body: JSON.stringify({})
+      });
+
+      assertStatus(res, 400);
+    });
+  });
+
+  describe('Pod Structure', () => {
+    it('should create standard folders', async () => {
+      await createTestPod('carol');
+
+      // Check inbox exists (needs auth - inbox only allows public append, not read)
+      const inbox = await request('/carol/inbox/', { auth: 'carol' });
+      assertStatus(inbox, 200);
+
+      // Check public exists (public read via root ACL default)
+      const pub = await request('/carol/public/');
+      assertStatus(pub, 200);
+
+      // Check private exists (needs auth)
+      const priv = await request('/carol/private/', { auth: 'carol' });
+      assertStatus(priv, 200);
+
+      // Check settings exists (needs auth)
+      const settings = await request('/carol/settings/', { auth: 'carol' });
+      assertStatus(settings, 200);
+    });
+
+    it('should create settings files', async () => {
+      await createTestPod('dan');
+
+      // Check prefs (needs auth - settings is private)
+      const prefs = await request('/dan/settings/prefs', { auth: 'dan' });
+      assertStatus(prefs, 200);
+
+      // Check public type index (needs auth)
+      const pubIndex = await request('/dan/settings/publicTypeIndex', { auth: 'dan' });
+      assertStatus(pubIndex, 200);
+
+      // Check private type index (needs auth)
+      const privIndex = await request('/dan/settings/privateTypeIndex', { auth: 'dan' });
+      assertStatus(privIndex, 200);
+    });
+  });
+});

package/test/wac.test.js

@@ -0,0 +1,189 @@
+/**
+ * WAC (Web Access Control) tests
+ */
+
+import { describe, it, before, after } from 'node:test';
+import assert from 'node:assert';
+import {
+  startTestServer,
+  stopTestServer,
+  request,
+  createTestPod,
+  assertStatus,
+  assertHeader,
+  getBaseUrl
+} from './helpers.js';
+import { parseAcl, AccessMode, generateOwnerAcl, serializeAcl } from '../src/wac/parser.js';
+import { checkAccess, getRequiredMode } from '../src/wac/checker.js';
+
+describe('WAC Parser', () => {
+  describe('parseAcl', () => {
+    it('should parse a simple ACL', () => {
+      const acl = {
+        '@context': { 'acl': 'http://www.w3.org/ns/auth/acl#' },
+        '@graph': [{
+          '@id': '#owner',
+          '@type': 'acl:Authorization',
+          'acl:agent': { '@id': 'https://alice.example/#me' },
+          'acl:accessTo': { '@id': 'https://alice.example/resource' },
+          'acl:mode': [{ '@id': 'acl:Read' }, { '@id': 'acl:Write' }]
+        }]
+      };
+
+      const auths = parseAcl(JSON.stringify(acl), 'https://alice.example/.acl');
+
+      assert.strictEqual(auths.length, 1);
+      assert.ok(auths[0].agents.includes('https://alice.example/#me'));
+      assert.ok(auths[0].modes.includes(AccessMode.READ));
+      assert.ok(auths[0].modes.includes(AccessMode.WRITE));
+    });
+
+    it('should parse public access', () => {
+      const acl = {
+        '@context': { 'acl': 'http://www.w3.org/ns/auth/acl#', 'foaf': 'http://xmlns.com/foaf/0.1/' },
+        '@graph': [{
+          '@id': '#public',
+          '@type': 'acl:Authorization',
+          'acl:agentClass': { '@id': 'foaf:Agent' },
+          'acl:accessTo': { '@id': 'https://alice.example/public/' },
+          'acl:mode': [{ '@id': 'acl:Read' }]
+        }]
+      };
+
+      const auths = parseAcl(JSON.stringify(acl), 'https://alice.example/public/.acl');
+
+      assert.strictEqual(auths.length, 1);
+      assert.ok(auths[0].agentClasses.includes('foaf:Agent'));
+      assert.ok(auths[0].modes.includes(AccessMode.READ));
+    });
+
+    it('should parse default authorizations for containers', () => {
+      const acl = {
+        '@context': { 'acl': 'http://www.w3.org/ns/auth/acl#' },
+        '@graph': [{
+          '@id': '#default',
+          '@type': 'acl:Authorization',
+          'acl:agent': { '@id': 'https://alice.example/#me' },
+          'acl:default': { '@id': 'https://alice.example/folder/' },
+          'acl:mode': [{ '@id': 'acl:Read' }]
+        }]
+      };
+
+      const auths = parseAcl(JSON.stringify(acl), 'https://alice.example/folder/.acl');
+
+      assert.strictEqual(auths.length, 1);
+      assert.ok(auths[0].default.includes('https://alice.example/folder/'));
+    });
+
+    it('should handle invalid JSON gracefully', () => {
+      const auths = parseAcl('not valid json', 'https://example.com/.acl');
+      assert.strictEqual(auths.length, 0);
+    });
+  });
+
+  describe('generateOwnerAcl', () => {
+    it('should generate owner ACL with public read', () => {
+      const acl = generateOwnerAcl('https://alice.example/', 'https://alice.example/#me', true);
+
+      assert.ok(acl['@graph'].length >= 2);
+
+      // Find owner auth
+      const ownerAuth = acl['@graph'].find(a => a['@id'] === '#owner');
+      assert.ok(ownerAuth);
+      assert.strictEqual(ownerAuth['acl:agent']['@id'], 'https://alice.example/#me');
+
+      // Find public auth
+      const publicAuth = acl['@graph'].find(a => a['@id'] === '#public');
+      assert.ok(publicAuth);
+    });
+  });
+});
+
+describe('WAC Checker', () => {
+  describe('getRequiredMode', () => {
+    it('should return READ for GET', () => {
+      assert.strictEqual(getRequiredMode('GET'), AccessMode.READ);
+    });
+
+    it('should return READ for HEAD', () => {
+      assert.strictEqual(getRequiredMode('HEAD'), AccessMode.READ);
+    });
+
+    it('should return APPEND for POST', () => {
+      assert.strictEqual(getRequiredMode('POST'), AccessMode.APPEND);
+    });
+
+    it('should return WRITE for PUT', () => {
+      assert.strictEqual(getRequiredMode('PUT'), AccessMode.WRITE);
+    });
+
+    it('should return WRITE for DELETE', () => {
+      assert.strictEqual(getRequiredMode('DELETE'), AccessMode.WRITE);
+    });
+  });
+});
+
+describe('WAC Integration', () => {
+  let baseUrl;
+
+  before(async () => {
+    const result = await startTestServer();
+    baseUrl = result.baseUrl;
+    await createTestPod('wactest');
+  });
+
+  after(async () => {
+    await stopTestServer();
+  });
+
+  describe('ACL Files', () => {
+    it('should create root .acl on pod creation', async () => {
+      const res = await request('/wactest/.acl');
+
+      assertStatus(res, 200);
+      const content = await res.json();
+      assert.ok(content['@graph'], 'Should be JSON-LD');
+    });
+
+    it('should create private folder .acl', async () => {
+      const res = await request('/wactest/private/.acl');
+
+      assertStatus(res, 200);
+      const content = await res.json();
+      assert.ok(content['@graph']);
+
+      // Should only have owner, no public
+      const hasPublic = content['@graph'].some(a =>
+        a['acl:agentClass'] && a['acl:agentClass']['@id'] === 'foaf:Agent'
+      );
+      assert.ok(!hasPublic, 'Private folder should not have public access');
+    });
+
+    it('should create inbox .acl with public append', async () => {
+      const res = await request('/wactest/inbox/.acl');
+
+      assertStatus(res, 200);
+      const content = await res.json();
+
+      // Should have public append
+      const publicAuth = content['@graph'].find(a =>
+        a['acl:agentClass'] && a['acl:agentClass']['@id'] === 'foaf:Agent'
+      );
+      assert.ok(publicAuth, 'Inbox should have public access');
+
+      const modes = publicAuth['acl:mode'].map(m => m['@id']);
+      assert.ok(modes.includes('acl:Append'), 'Public should have Append');
+      assert.ok(!modes.includes('acl:Read'), 'Public should not have Read');
+    });
+  });
+
+  describe('WAC-Allow Header', () => {
+    it('should return WAC-Allow header for public container', async () => {
+      const res = await request('/wactest/public/');
+
+      assertHeader(res, 'WAC-Allow');
+      const wacAllow = res.headers.get('WAC-Allow');
+      assert.ok(wacAllow.includes('public='), 'Should have public permissions');
+    });
+  });
+});

package/test/webid.test.js

@@ -0,0 +1,152 @@
+/**
+ * WebID Profile tests
+ */
+
+import { describe, it, before, after } from 'node:test';
+import assert from 'node:assert';
+import {
+  startTestServer,
+  stopTestServer,
+  request,
+  createTestPod,
+  assertStatus,
+  assertHeader,
+  assertHeaderContains,
+  extractJsonLdFromHtml
+} from './helpers.js';
+
+describe('WebID Profile', () => {
+  let baseUrl;
+  let podInfo;
+
+  before(async () => {
+    const result = await startTestServer();
+    baseUrl = result.baseUrl;
+    podInfo = await createTestPod('webidtest');
+  });
+
+  after(async () => {
+    await stopTestServer();
+  });
+
+  describe('Profile Document', () => {
+    it('should serve profile as HTML at pod root', async () => {
+      const res = await request('/webidtest/');
+
+      assertStatus(res, 200);
+      assertHeaderContains(res, 'Content-Type', 'text/html');
+    });
+
+    it('should contain JSON-LD structured data', async () => {
+      const res = await request('/webidtest/');
+      const html = await res.text();
+
+      const jsonLd = extractJsonLdFromHtml(html);
+      assert.ok(jsonLd['@context'], 'Should have @context');
+      assert.ok(jsonLd['@graph'], 'Should have @graph');
+    });
+
+    it('should have correct WebID URI', async () => {
+      const res = await request('/webidtest/');
+      const html = await res.text();
+      const jsonLd = extractJsonLdFromHtml(html);
+
+      // Find the Person in the graph
+      const person = jsonLd['@graph'].find(node =>
+        Array.isArray(node['@type'])
+          ? node['@type'].includes('foaf:Person')
+          : node['@type'] === 'foaf:Person'
+      );
+
+      assert.ok(person, 'Should have a foaf:Person');
+      assert.ok(person['@id'].endsWith('/webidtest/#me'), 'WebID should end with /#me');
+    });
+
+    it('should have foaf:name', async () => {
+      const res = await request('/webidtest/');
+      const html = await res.text();
+      const jsonLd = extractJsonLdFromHtml(html);
+
+      const person = jsonLd['@graph'].find(node =>
+        Array.isArray(node['@type'])
+          ? node['@type'].includes('foaf:Person')
+          : node['@type'] === 'foaf:Person'
+      );
+
+      assert.strictEqual(person['foaf:name'], 'webidtest');
+    });
+
+    it('should have solid:oidcIssuer', async () => {
+      const res = await request('/webidtest/');
+      const html = await res.text();
+      const jsonLd = extractJsonLdFromHtml(html);
+
+      const person = jsonLd['@graph'].find(node =>
+        Array.isArray(node['@type'])
+          ? node['@type'].includes('foaf:Person')
+          : node['@type'] === 'foaf:Person'
+      );
+
+      assert.ok(person['oidcIssuer'], 'Should have oidcIssuer');
+    });
+
+    it('should have pim:storage pointing to pod', async () => {
+      const res = await request('/webidtest/');
+      const html = await res.text();
+      const jsonLd = extractJsonLdFromHtml(html);
+
+      const person = jsonLd['@graph'].find(node =>
+        Array.isArray(node['@type'])
+          ? node['@type'].includes('foaf:Person')
+          : node['@type'] === 'foaf:Person'
+      );
+
+      assert.ok(person['storage'].endsWith('/webidtest/'), 'Storage should point to pod');
+    });
+
+    it('should have ldp:inbox', async () => {
+      const res = await request('/webidtest/');
+      const html = await res.text();
+      const jsonLd = extractJsonLdFromHtml(html);
+
+      const person = jsonLd['@graph'].find(node =>
+        Array.isArray(node['@type'])
+          ? node['@type'].includes('foaf:Person')
+          : node['@type'] === 'foaf:Person'
+      );
+
+      assert.ok(person['inbox'].endsWith('/webidtest/inbox/'), 'Should have inbox');
+    });
+
+    it('should have PersonalProfileDocument', async () => {
+      const res = await request('/webidtest/');
+      const html = await res.text();
+      const jsonLd = extractJsonLdFromHtml(html);
+
+      const doc = jsonLd['@graph'].find(node =>
+        node['@type'] === 'foaf:PersonalProfileDocument'
+      );
+
+      assert.ok(doc, 'Should have PersonalProfileDocument');
+      assert.ok(doc['foaf:maker'], 'Should have foaf:maker');
+      assert.ok(doc['foaf:primaryTopic'], 'Should have foaf:primaryTopic');
+    });
+  });
+
+  describe('WebID Resolution', () => {
+    it('should return LDP headers', async () => {
+      const res = await request('/webidtest/');
+
+      assertHeaderContains(res, 'Link', 'ldp#Resource');
+      assertHeader(res, 'WAC-Allow');
+    });
+
+    it('should return CORS headers', async () => {
+      const res = await request('/webidtest/', {
+        headers: { 'Origin': 'https://example.com' }
+      });
+
+      assertHeader(res, 'Access-Control-Allow-Origin');
+    });
+  });
+});

package/benchmark-report-2025-03-31T14-25-24.234Z.json

@@ -1,44 +0,0 @@
-{
-  "timestamp": "2025-03-31T14:25:24.234Z",
-  "server": "http://nostr.social:3000",
-  "testDuration": 30000,
-  "averageResponseTimes": {
-    "register": 49.28774029878249,
-    "login": 49.07647125548627,
-    "read": 145.50252931779679,
-    "write": 143.20483738812226,
-    "delete": 145.5004399698014
-  },
-  "throughputResults": [
-    {
-      "concurrentUsers": 1,
-      "operations": 300,
-      "duration": 629.3636230230331,
-      "throughput": 476.67197312581374
-    },
-    {
-      "concurrentUsers": 5,
-      "operations": 1500,
-      "duration": 3072.7389999628067,
-      "throughput": 488.16381736885444
-    },
-    {
-      "concurrentUsers": 10,
-      "operations": 3000,
-      "duration": 6042.516402959824,
-      "throughput": 496.4818959416479
-    },
-    {
-      "concurrentUsers": 50,
-      "operations": 14000,
-      "duration": 30000,
-      "throughput": 466.6666666666667
-    },
-    {
-      "concurrentUsers": 100,
-      "operations": 13900,
-      "duration": 30000,
-      "throughput": 463.3333333333333
-    }
-  ]
-}