hj/pleroma
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Verify HTTP signatures only when request accepts "activity+json" type

Browse source
This commit is contained in:
Egor Kislitsyn 2019-12-19 20:17:18 +07:00
commit 775212121c
No known key found for this signature in database
GPG key ID: 1B49CB15B71E7805
2 changed files with 12 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

4
test/plugs/http_signature_plug_test.exs
View file

@ -7,6 +7,7 @@ defmodule Pleroma.Web.Plugs.HTTPSignaturePlugTest do
alias Pleroma.Web.Plugs.HTTPSignaturePlug
import Plug.Conn
import Phoenix.Controller, only: [put_format: 2]
import Mock
test "it call HTTPSignatures to check validity if the actor sighed it" do
@ -20,6 +21,7 @@ defmodule Pleroma.Web.Plugs.HTTPSignaturePlugTest do
"signature",
"keyId=\"http://mastodon.example.org/users/admin#main-key"
)
|> put_format("activity+json")
|> HTTPSignaturePlug.call(%{})
assert conn.assigns.valid_signature == true
@ -37,7 +39,7 @@ defmodule Pleroma.Web.Plugs.HTTPSignaturePlugTest do
end)
params = %{"actor" => "http://mastodon.example.org/users/admin"}
conn = build_conn(:get, "/doesntmattter", params)
conn = build_conn(:get, "/doesntmattter", params) |> put_format("activity+json")
[conn: conn]
end