2023-04-07 03:56:46 +02:00
|
|
|
import * as assert from "assert";
|
|
|
|
import httpSignature from "@peertube/http-signature";
|
|
|
|
import { genRsaKeyPair } from "../src/misc/gen-key-pair.js";
|
|
|
|
import {
|
2023-10-20 02:10:30 +02:00
|
|
|
createSignedPost,
|
2023-10-22 10:33:40 +02:00
|
|
|
createSignedGet,
|
2023-04-07 03:56:46 +02:00
|
|
|
} from "../src/remote/activitypub/ap-request.js";
|
2021-10-16 10:16:24 +02:00
|
|
|
|
2023-04-07 03:56:46 +02:00
|
|
|
export const buildParsedSignature = (
|
|
|
|
signingString: string,
|
|
|
|
signature: string,
|
|
|
|
algorithm: string,
|
|
|
|
) => {
|
2021-10-16 10:16:24 +02:00
|
|
|
return {
|
2023-04-07 03:56:46 +02:00
|
|
|
scheme: "Signature",
|
2021-10-16 10:16:24 +02:00
|
|
|
params: {
|
2023-04-07 03:56:46 +02:00
|
|
|
keyId: "KeyID", // dummy, not used for verify
|
2021-10-16 10:16:24 +02:00
|
|
|
algorithm: algorithm,
|
2023-04-07 03:56:46 +02:00
|
|
|
headers: ["(request-target)", "date", "host", "digest"], // dummy, not used for verify
|
2021-10-16 10:16:24 +02:00
|
|
|
signature: signature,
|
|
|
|
},
|
|
|
|
signingString: signingString,
|
2022-05-21 15:21:41 +02:00
|
|
|
algorithm: algorithm.toUpperCase(),
|
2023-04-07 03:56:46 +02:00
|
|
|
keyId: "KeyID", // dummy, not used for verify
|
2021-10-16 10:16:24 +02:00
|
|
|
};
|
|
|
|
};
|
|
|
|
|
2023-04-07 03:56:46 +02:00
|
|
|
describe("ap-request", () => {
|
|
|
|
it("createSignedPost with verify", async () => {
|
2021-10-16 10:16:24 +02:00
|
|
|
const keypair = await genRsaKeyPair();
|
2023-04-07 03:56:46 +02:00
|
|
|
const key = { keyId: "x", privateKeyPem: keypair.privateKey };
|
|
|
|
const url = "https://example.com/inbox";
|
2021-10-16 10:16:24 +02:00
|
|
|
const activity = { a: 1 };
|
|
|
|
const body = JSON.stringify(activity);
|
|
|
|
const headers = {
|
2023-04-07 03:56:46 +02:00
|
|
|
"User-Agent": "UA",
|
2021-10-16 10:16:24 +02:00
|
|
|
};
|
|
|
|
|
2023-04-07 03:56:46 +02:00
|
|
|
const req = createSignedPost({
|
|
|
|
key,
|
|
|
|
url,
|
|
|
|
body,
|
|
|
|
additionalHeaders: headers,
|
|
|
|
});
|
2021-10-16 10:16:24 +02:00
|
|
|
|
2023-04-07 03:56:46 +02:00
|
|
|
const parsed = buildParsedSignature(
|
|
|
|
req.signingString,
|
|
|
|
req.signature,
|
|
|
|
"rsa-sha256",
|
|
|
|
);
|
2021-10-16 10:16:24 +02:00
|
|
|
|
|
|
|
const result = httpSignature.verifySignature(parsed, keypair.publicKey);
|
|
|
|
assert.deepStrictEqual(result, true);
|
|
|
|
});
|
|
|
|
|
2023-04-07 03:56:46 +02:00
|
|
|
it("createSignedGet with verify", async () => {
|
2021-10-16 10:16:24 +02:00
|
|
|
const keypair = await genRsaKeyPair();
|
2023-04-07 03:56:46 +02:00
|
|
|
const key = { keyId: "x", privateKeyPem: keypair.privateKey };
|
|
|
|
const url = "https://example.com/outbox";
|
2021-10-16 10:16:24 +02:00
|
|
|
const headers = {
|
2023-04-07 03:56:46 +02:00
|
|
|
"User-Agent": "UA",
|
2021-10-16 10:16:24 +02:00
|
|
|
};
|
|
|
|
|
|
|
|
const req = createSignedGet({ key, url, additionalHeaders: headers });
|
|
|
|
|
2023-04-07 03:56:46 +02:00
|
|
|
const parsed = buildParsedSignature(
|
|
|
|
req.signingString,
|
|
|
|
req.signature,
|
|
|
|
"rsa-sha256",
|
|
|
|
);
|
2021-10-16 10:16:24 +02:00
|
|
|
|
|
|
|
const result = httpSignature.verifySignature(parsed, keypair.publicKey);
|
|
|
|
assert.deepStrictEqual(result, true);
|
|
|
|
});
|
|
|
|
});
|