akkoma/test/pleroma/web/web_finger/web_finger_controller_test.exs
Erin Shepherd 464db9ea0b Don't list old accounts as aliases in WebFinger
Per the XRD specification:

> 2.4. Element <Alias>
>
> The <Alias> element contains a URI value that is an additional
> identifier for the resource described by the XRD. This value
> MUST be an absolute URI. The <Alias> element does not identify
> additional resources the XRD is describing, **but rather provides
> additional identifiers for the same resource.**

(http://docs.oasis-open.org/xri/xrd/v1.0/os/xrd-1.0-os.html#element.alias, emphasis mine)

In other words, the alias list is expected to link to things which are
not just semantically the same, but exactly the same. Old user accounts
don't do that

This change should not pose a compatibility issue: Mastodon does not
list old accounts here (See e1fcb02867/app/serializers/webfinger_serializer.rb (L12))

The use of as:alsoKnownAs is also not quite semantically right here
(see https://www.w3.org/TR/did-core/#dfn-alsoknownas, which defines
it to be used to refer to identifiers which are interchangable) but
that's what DID get for reusing a property definition that Mastodon
already squatted long before they got to it
2024-04-01 13:34:58 +02:00

138 lines
4 KiB
Elixir

# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.WebFinger.WebFingerControllerTest do
use Pleroma.Web.ConnCase, async: false
import ExUnit.CaptureLog
import Pleroma.Factory
import Tesla.Mock
import Pleroma.Test.Matchers.XML
setup do
mock(fn env -> apply(HttpRequestMock, :request, [env]) end)
:ok
end
setup_all do: clear_config([:instance, :federating], true)
test "GET host-meta" do
response =
build_conn()
|> get("/.well-known/host-meta")
assert response.status == 200
assert_xml_equals(
response.resp_body,
~s(<?xml version="1.0" encoding="UTF-8"?><XRD xmlns="http://docs.oasis-open.org/ns/xri/xrd-1.0"><Link rel="lrdd" template="#{Pleroma.Web.Endpoint.url()}/.well-known/webfinger?resource={uri}" type="application/xrd+xml" /></XRD>)
)
end
test "Webfinger JRD" do
user =
insert(:user,
ap_id: "https://hyrule.world/users/zelda",
also_known_as: ["https://mushroom.kingdom/users/toad"]
)
response =
build_conn()
|> put_req_header("accept", "application/jrd+json")
|> get("/.well-known/webfinger?resource=acct:#{user.nickname}@localhost")
|> json_response(200)
assert response["subject"] == "acct:#{user.nickname}@localhost"
assert response["aliases"] == [
"https://hyrule.world/users/zelda"
]
end
test "reach user on tld, while pleroma is runned on subdomain" do
Pleroma.Web.Endpoint.config_change(
[{Pleroma.Web.Endpoint, url: [host: "sub.example.com"]}],
[]
)
clear_config([Pleroma.Web.Endpoint, :url, :host], "sub.example.com")
clear_config([Pleroma.Web.WebFinger, :domain], "example.com")
user = insert(:user, ap_id: "https://sub.example.com/users/bobby", nickname: "bobby")
response =
build_conn()
|> put_req_header("accept", "application/jrd+json")
|> get("/.well-known/webfinger?resource=acct:#{user.nickname}@example.com")
|> json_response(200)
assert response["subject"] == "acct:#{user.nickname}@example.com"
assert response["aliases"] == ["https://sub.example.com/users/#{user.nickname}"]
on_exit(fn ->
Pleroma.Web.Endpoint.config_change(
[{Pleroma.Web.Endpoint, url: [host: "localhost"]}],
[]
)
end)
end
test "it returns 404 when user isn't found (JSON)" do
result =
build_conn()
|> put_req_header("accept", "application/jrd+json")
|> get("/.well-known/webfinger?resource=acct:jimm@localhost")
|> json_response(404)
assert result == "Couldn't find user"
end
test "Webfinger XML" do
user =
insert(:user,
ap_id: "https://hyrule.world/users/zelda",
also_known_as: ["https://mushroom.kingdom/users/toad"]
)
response =
build_conn()
|> put_req_header("accept", "application/xrd+xml")
|> get("/.well-known/webfinger?resource=acct:#{user.nickname}@localhost")
|> response(200)
assert response =~ "<Alias>https://hyrule.world/users/zelda</Alias>"
end
test "it returns 404 when user isn't found (XML)" do
result =
build_conn()
|> put_req_header("accept", "application/xrd+xml")
|> get("/.well-known/webfinger?resource=acct:jimm@localhost")
|> response(404)
assert result == "Couldn't find user"
end
test "Sends a 404 when invalid format" do
user = insert(:user)
assert capture_log(fn ->
assert_raise Phoenix.NotAcceptableError, fn ->
build_conn()
|> put_req_header("accept", "text/html")
|> get("/.well-known/webfinger?resource=acct:#{user.nickname}@localhost")
end
end) =~ "no supported media type in accept header"
end
test "Sends a 400 when resource param is missing" do
response =
build_conn()
|> put_req_header("accept", "application/xrd+xml,application/jrd+json")
|> get("/.well-known/webfinger")
assert response(response, 400)
end
end