2023-02-22 11:55:31 +11:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
2016-02-25 10:17:01 +11:00
|
|
|
require 'rails_helper'
|
|
|
|
|
2024-03-13 19:39:26 +11:00
|
|
|
RSpec.describe ResolveAccountService do
|
2017-08-13 08:44:41 +10:00
|
|
|
subject { described_class.new }
|
2016-03-05 22:50:59 +11:00
|
|
|
|
2017-04-20 01:28:35 +10:00
|
|
|
before do
|
2023-02-19 09:38:14 +11:00
|
|
|
stub_request(:get, 'https://example.com/.well-known/host-meta').to_return(status: 404)
|
|
|
|
stub_request(:get, 'https://quitter.no/avatar/7477-300-20160211190340.png').to_return(request_fixture('avatar.txt'))
|
|
|
|
stub_request(:get, 'https://ap.example.com/.well-known/webfinger?resource=acct:foo@ap.example.com').to_return(request_fixture('activitypub-webfinger.txt'))
|
|
|
|
stub_request(:get, 'https://ap.example.com/users/foo').to_return(request_fixture('activitypub-actor.txt'))
|
|
|
|
stub_request(:get, 'https://ap.example.com/users/foo.atom').to_return(request_fixture('activitypub-feed.txt'))
|
2023-05-04 13:47:52 +10:00
|
|
|
stub_request(:get, %r{https://ap\.example\.com/users/foo/\w+}).to_return(status: 404)
|
2020-11-08 10:28:39 +11:00
|
|
|
stub_request(:get, 'https://example.com/.well-known/webfinger?resource=acct:hoge@example.com').to_return(status: 410)
|
2017-04-20 01:28:35 +10:00
|
|
|
end
|
|
|
|
|
2023-05-04 13:49:08 +10:00
|
|
|
context 'when using skip_webfinger' do
|
2021-02-24 16:32:13 +11:00
|
|
|
context 'when account is known' do
|
|
|
|
let!(:remote_account) { Fabricate(:account, username: 'foo', domain: 'ap.example.com', protocol: 'activitypub') }
|
|
|
|
|
|
|
|
context 'when domain is banned' do
|
2023-12-22 01:23:53 +11:00
|
|
|
before { Fabricate(:domain_block, domain: 'ap.example.com', severity: :suspend) }
|
2021-02-24 16:32:13 +11:00
|
|
|
|
2024-10-05 00:11:15 +10:00
|
|
|
it 'does not return an account or make a webfinger query' do
|
|
|
|
expect(subject.call('foo@ap.example.com', skip_webfinger: true))
|
|
|
|
.to be_nil
|
|
|
|
expect(webfinger_discovery_request)
|
|
|
|
.to_not have_been_made
|
2021-02-24 16:32:13 +11:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when domain is not banned' do
|
2024-10-05 00:11:15 +10:00
|
|
|
it 'returns the expected account and does not make a webfinger query' do
|
|
|
|
expect(subject.call('foo@ap.example.com', skip_webfinger: true))
|
|
|
|
.to eq remote_account
|
|
|
|
expect(webfinger_discovery_request)
|
|
|
|
.to_not have_been_made
|
2021-02-24 16:32:13 +11:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when account is not known' do
|
2024-10-05 00:11:15 +10:00
|
|
|
it 'does not return an account and does not make webfinger query' do
|
|
|
|
expect(subject.call('foo@ap.example.com', skip_webfinger: true))
|
|
|
|
.to be_nil
|
|
|
|
expect(webfinger_discovery_request)
|
|
|
|
.to_not have_been_made
|
2021-02-24 16:32:13 +11:00
|
|
|
end
|
2024-10-05 00:11:15 +10:00
|
|
|
end
|
2021-02-24 16:32:13 +11:00
|
|
|
|
2024-10-05 00:11:15 +10:00
|
|
|
def webfinger_discovery_request
|
|
|
|
a_request(
|
|
|
|
:get,
|
|
|
|
'https://ap.example.com/.well-known/webfinger?resource=acct:foo@ap.example.com'
|
|
|
|
)
|
2021-02-24 16:32:13 +11:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2020-11-20 05:52:06 +11:00
|
|
|
context 'when there is an LRDD endpoint but no resolvable account' do
|
|
|
|
before do
|
2023-02-19 09:38:14 +11:00
|
|
|
stub_request(:get, 'https://quitter.no/.well-known/host-meta').to_return(request_fixture('.host-meta.txt'))
|
|
|
|
stub_request(:get, 'https://quitter.no/.well-known/webfinger?resource=acct:catsrgr8@quitter.no').to_return(status: 404)
|
2020-11-20 05:52:06 +11:00
|
|
|
end
|
|
|
|
|
|
|
|
it 'returns nil' do
|
|
|
|
expect(subject.call('catsrgr8@quitter.no')).to be_nil
|
|
|
|
end
|
2017-04-20 01:28:35 +10:00
|
|
|
end
|
|
|
|
|
2020-11-20 05:52:06 +11:00
|
|
|
context 'when there is no LRDD endpoint nor resolvable account' do
|
|
|
|
before do
|
2023-02-19 09:38:14 +11:00
|
|
|
stub_request(:get, 'https://example.com/.well-known/webfinger?resource=acct:catsrgr8@example.com').to_return(status: 404)
|
2020-11-20 05:52:06 +11:00
|
|
|
end
|
|
|
|
|
|
|
|
it 'returns nil' do
|
|
|
|
expect(subject.call('catsrgr8@example.com')).to be_nil
|
|
|
|
end
|
2017-04-20 01:28:35 +10:00
|
|
|
end
|
|
|
|
|
2020-11-08 10:28:39 +11:00
|
|
|
context 'when webfinger returns http gone' do
|
2023-05-04 13:49:08 +10:00
|
|
|
context 'with a previously known account' do
|
2020-11-08 10:28:39 +11:00
|
|
|
before do
|
|
|
|
Fabricate(:account, username: 'hoge', domain: 'example.com', last_webfingered_at: nil)
|
|
|
|
allow(AccountDeletionWorker).to receive(:perform_async)
|
|
|
|
end
|
|
|
|
|
2024-10-05 00:11:15 +10:00
|
|
|
it 'returns nil and queues deletion worker' do
|
|
|
|
expect(subject.call('hoge@example.com'))
|
|
|
|
.to be_nil
|
|
|
|
expect(AccountDeletionWorker)
|
|
|
|
.to have_received(:perform_async)
|
2020-11-08 10:28:39 +11:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2023-05-04 13:49:08 +10:00
|
|
|
context 'with a previously unknown account' do
|
2020-11-08 10:28:39 +11:00
|
|
|
it 'returns nil' do
|
|
|
|
expect(subject.call('hoge@example.com')).to be_nil
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2020-11-20 05:52:06 +11:00
|
|
|
context 'with a legitimate webfinger redirection' do
|
|
|
|
before do
|
2020-12-19 09:26:26 +11:00
|
|
|
webfinger = { subject: 'acct:foo@ap.example.com', links: [{ rel: 'self', href: 'https://ap.example.com/users/foo', type: 'application/activity+json' }] }
|
|
|
|
stub_request(:get, 'https://redirected.example.com/.well-known/webfinger?resource=acct:Foo@redirected.example.com').to_return(body: Oj.dump(webfinger), headers: { 'Content-Type': 'application/jrd+json' })
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'returns new remote account' do
|
|
|
|
account = subject.call('Foo@redirected.example.com')
|
|
|
|
|
2024-10-05 00:11:15 +10:00
|
|
|
expect(account)
|
|
|
|
.to have_attributes(
|
|
|
|
activitypub?: true,
|
|
|
|
acct: 'foo@ap.example.com',
|
|
|
|
inbox_url: 'https://ap.example.com/users/foo/inbox'
|
|
|
|
)
|
2020-12-19 09:26:26 +11:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'with a misconfigured redirection' do
|
|
|
|
before do
|
|
|
|
webfinger = { subject: 'acct:Foo@redirected.example.com', links: [{ rel: 'self', href: 'https://ap.example.com/users/foo', type: 'application/activity+json' }] }
|
2020-11-20 05:52:06 +11:00
|
|
|
stub_request(:get, 'https://redirected.example.com/.well-known/webfinger?resource=acct:Foo@redirected.example.com').to_return(body: Oj.dump(webfinger), headers: { 'Content-Type': 'application/jrd+json' })
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'returns new remote account' do
|
|
|
|
account = subject.call('Foo@redirected.example.com')
|
|
|
|
|
2024-10-05 00:11:15 +10:00
|
|
|
expect(account)
|
|
|
|
.to have_attributes(
|
|
|
|
activitypub?: true,
|
|
|
|
acct: 'foo@ap.example.com',
|
|
|
|
inbox_url: 'https://ap.example.com/users/foo/inbox'
|
|
|
|
)
|
2020-11-20 05:52:06 +11:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'with too many webfinger redirections' do
|
|
|
|
before do
|
2020-12-19 09:26:26 +11:00
|
|
|
webfinger = { subject: 'acct:foo@evil.example.com', links: [{ rel: 'self', href: 'https://ap.example.com/users/foo', type: 'application/activity+json' }] }
|
2020-11-20 05:52:06 +11:00
|
|
|
stub_request(:get, 'https://redirected.example.com/.well-known/webfinger?resource=acct:Foo@redirected.example.com').to_return(body: Oj.dump(webfinger), headers: { 'Content-Type': 'application/jrd+json' })
|
2020-12-19 09:26:26 +11:00
|
|
|
webfinger2 = { subject: 'acct:foo@ap.example.com', links: [{ rel: 'self', href: 'https://ap.example.com/users/foo', type: 'application/activity+json' }] }
|
2020-11-20 05:52:06 +11:00
|
|
|
stub_request(:get, 'https://evil.example.com/.well-known/webfinger?resource=acct:foo@evil.example.com').to_return(body: Oj.dump(webfinger2), headers: { 'Content-Type': 'application/jrd+json' })
|
|
|
|
end
|
|
|
|
|
2022-09-21 07:30:26 +10:00
|
|
|
it 'does not return a new remote account' do
|
|
|
|
expect(subject.call('Foo@redirected.example.com')).to be_nil
|
2020-11-20 05:52:06 +11:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2023-11-29 05:37:54 +11:00
|
|
|
context 'with webfinger response subject missing a host value' do
|
|
|
|
let(:body) { Oj.dump({ subject: 'user@' }) }
|
|
|
|
let(:url) { 'https://host.example/.well-known/webfinger?resource=acct:user@host.example' }
|
|
|
|
|
|
|
|
before do
|
|
|
|
stub_request(:get, url).to_return(status: 200, body: body)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'returns nil with incomplete subject in response' do
|
|
|
|
expect(subject.call('user@host.example')).to be_nil
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2017-08-13 08:44:41 +10:00
|
|
|
context 'with an ActivityPub account' do
|
2017-09-17 19:54:23 +10:00
|
|
|
it 'returns new remote account' do
|
|
|
|
account = subject.call('foo@ap.example.com')
|
|
|
|
|
2024-10-05 00:11:15 +10:00
|
|
|
expect(account)
|
|
|
|
.to have_attributes(
|
|
|
|
activitypub?: true,
|
|
|
|
domain: 'ap.example.com',
|
|
|
|
inbox_url: 'https://ap.example.com/users/foo/inbox'
|
|
|
|
)
|
2017-09-17 19:54:23 +10:00
|
|
|
end
|
|
|
|
|
2018-05-02 20:40:24 +10:00
|
|
|
context 'with multiple types' do
|
|
|
|
before do
|
2023-02-19 09:38:14 +11:00
|
|
|
stub_request(:get, 'https://ap.example.com/users/foo').to_return(request_fixture('activitypub-actor-individual.txt'))
|
2018-05-02 20:40:24 +10:00
|
|
|
end
|
|
|
|
|
|
|
|
it 'returns new remote account' do
|
|
|
|
account = subject.call('foo@ap.example.com')
|
|
|
|
|
2024-10-05 00:11:15 +10:00
|
|
|
expect(account)
|
|
|
|
.to have_attributes(
|
|
|
|
activitypub?: true,
|
|
|
|
domain: 'ap.example.com',
|
|
|
|
inbox_url: 'https://ap.example.com/users/foo/inbox',
|
|
|
|
actor_type: 'Person'
|
|
|
|
)
|
2018-05-02 20:40:24 +10:00
|
|
|
end
|
|
|
|
end
|
2017-05-04 04:40:14 +10:00
|
|
|
end
|
2017-07-19 22:44:04 +10:00
|
|
|
|
2020-12-19 09:26:26 +11:00
|
|
|
context 'with an already-known actor changing acct: URI' do
|
|
|
|
let!(:duplicate) { Fabricate(:account, username: 'foo', domain: 'old.example.com', uri: 'https://ap.example.com/users/foo') }
|
|
|
|
let!(:status) { Fabricate(:status, account: duplicate, text: 'foo') }
|
|
|
|
|
2024-10-05 00:11:15 +10:00
|
|
|
it 'returns new remote account and merges accounts', :inline_jobs do
|
2020-12-19 09:26:26 +11:00
|
|
|
account = subject.call('foo@ap.example.com')
|
|
|
|
|
2024-10-05 00:11:15 +10:00
|
|
|
expect(account)
|
|
|
|
.to have_attributes(
|
|
|
|
activitypub?: true,
|
|
|
|
domain: 'ap.example.com',
|
|
|
|
inbox_url: 'https://ap.example.com/users/foo/inbox',
|
|
|
|
uri: 'https://ap.example.com/users/foo'
|
|
|
|
)
|
2020-12-19 09:26:26 +11:00
|
|
|
|
2024-10-05 00:11:15 +10:00
|
|
|
expect(status.reload.account_id)
|
|
|
|
.to eq account.id
|
|
|
|
expect(Account.where(uri: account.uri).count)
|
|
|
|
.to eq 1
|
2020-12-19 09:26:26 +11:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'with an already-known acct: URI changing ActivityPub id' do
|
|
|
|
let!(:old_account) { Fabricate(:account, username: 'foo', domain: 'ap.example.com', uri: 'https://old.example.com/users/foo', last_webfingered_at: nil) }
|
2023-02-18 08:56:20 +11:00
|
|
|
let!(:status) { Fabricate(:status, account: old_account, text: 'foo') }
|
2020-12-19 09:26:26 +11:00
|
|
|
|
|
|
|
it 'returns new remote account' do
|
|
|
|
account = subject.call('foo@ap.example.com')
|
|
|
|
|
2024-10-05 00:11:15 +10:00
|
|
|
expect(account)
|
|
|
|
.to have_attributes(
|
|
|
|
activitypub?: true,
|
|
|
|
domain: 'ap.example.com',
|
|
|
|
inbox_url: 'https://ap.example.com/users/foo/inbox',
|
|
|
|
uri: 'https://ap.example.com/users/foo'
|
|
|
|
)
|
|
|
|
expect(status.reload.account)
|
|
|
|
.to eq(account)
|
2020-12-19 09:26:26 +11:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2017-07-19 22:44:04 +10:00
|
|
|
it 'processes one remote account at a time using locks' do
|
|
|
|
fail_occurred = false
|
2019-07-07 07:26:16 +10:00
|
|
|
return_values = Concurrent::Array.new
|
2017-07-19 22:44:04 +10:00
|
|
|
|
2024-02-08 01:53:29 +11:00
|
|
|
multi_threaded_execution(5) do
|
|
|
|
begin
|
|
|
|
return_values << described_class.new.call('foo@ap.example.com')
|
|
|
|
rescue ActiveRecord::RecordNotUnique
|
|
|
|
fail_occurred = true
|
|
|
|
ensure
|
2024-09-03 00:19:55 +10:00
|
|
|
RedisConnection.pool.checkin if Thread.current[:redis]
|
2017-07-19 22:44:04 +10:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
expect(fail_occurred).to be false
|
|
|
|
expect(return_values).to_not include(nil)
|
|
|
|
end
|
2016-02-25 10:17:01 +11:00
|
|
|
end
|