Require HTTP signatures (if enabled) for routes used by both C2S and S2S AP API
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
This commit is contained in:
marcin mikołajczak
parent
8250a9764e
commit
ad953143bb
4 changed files with 60 additions and 4 deletions
|
|
@ -1323,6 +1323,11 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
|
|||
end
|
||||
|
||||
describe "GET /users/:nickname/outbox" do
|
||||
setup do
|
||||
Mox.stub_with(Pleroma.StaticStubbedConfigMock, Pleroma.Config)
|
||||
:ok
|
||||
end
|
||||
|
||||
test "it paginates correctly", %{conn: conn} do
|
||||
user = insert(:user)
|
||||
conn = assign(conn, :user, user)
|
||||
|
|
@ -1462,6 +1467,35 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
|
|||
assert [answer_outbox] = outbox_get["orderedItems"]
|
||||
assert answer_outbox["id"] == activity.data["id"]
|
||||
end
|
||||
|
||||
test "it works with authorized fetch forced when authenticated" do
|
||||
clear_config([:activitypub, :authorized_fetch_mode], true)
|
||||
|
||||
user = insert(:user)
|
||||
outbox_endpoint = user.ap_id <> "/outbox"
|
||||
|
||||
conn =
|
||||
build_conn()
|
||||
|> assign(:user, user)
|
||||
|> put_req_header("accept", "application/activity+json")
|
||||
|> get(outbox_endpoint)
|
||||
|
||||
assert json_response(conn, 200)
|
||||
end
|
||||
|
||||
test "it fails with authorized fetch forced when unauthenticated", %{conn: conn} do
|
||||
clear_config([:activitypub, :authorized_fetch_mode], true)
|
||||
|
||||
user = insert(:user)
|
||||
outbox_endpoint = user.ap_id <> "/outbox"
|
||||
|
||||
conn =
|
||||
conn
|
||||
|> put_req_header("accept", "application/activity+json")
|
||||
|> get(outbox_endpoint)
|
||||
|
||||
assert response(conn, 401)
|
||||
end
|
||||
end
|
||||
|
||||
describe "POST /users/:nickname/outbox (C2S)" do
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue