aboutsummaryrefslogtreecommitdiff
path: root/spec/services/resolve_account_service_spec.rb
diff options
context:
space:
mode:
Diffstat (limited to 'spec/services/resolve_account_service_spec.rb')
-rw-r--r--spec/services/resolve_account_service_spec.rb127
1 files changed, 120 insertions, 7 deletions
diff --git a/spec/services/resolve_account_service_spec.rb b/spec/services/resolve_account_service_spec.rb
index cea942e39..a604e90b5 100644
--- a/spec/services/resolve_account_service_spec.rb
+++ b/spec/services/resolve_account_service_spec.rb
@@ -4,23 +4,101 @@ RSpec.describe ResolveAccountService, type: :service do
subject { described_class.new }
before do
- stub_request(:get, "https://quitter.no/.well-known/host-meta").to_return(request_fixture('.host-meta.txt'))
- stub_request(:get, "https://example.com/.well-known/webfinger?resource=acct:catsrgr8@example.com").to_return(status: 404)
stub_request(:get, "https://example.com/.well-known/host-meta").to_return(status: 404)
stub_request(:get, "https://quitter.no/avatar/7477-300-20160211190340.png").to_return(request_fixture('avatar.txt'))
- stub_request(:get, "https://quitter.no/.well-known/webfinger?resource=acct:catsrgr8@quitter.no").to_return(status: 404)
stub_request(:get, "https://ap.example.com/.well-known/webfinger?resource=acct:foo@ap.example.com").to_return(request_fixture('activitypub-webfinger.txt'))
stub_request(:get, "https://ap.example.com/users/foo").to_return(request_fixture('activitypub-actor.txt'))
stub_request(:get, "https://ap.example.com/users/foo.atom").to_return(request_fixture('activitypub-feed.txt'))
stub_request(:get, %r{https://ap.example.com/users/foo/\w+}).to_return(status: 404)
+ stub_request(:get, 'https://example.com/.well-known/webfinger?resource=acct:hoge@example.com').to_return(status: 410)
end
- it 'raises error if no such user can be resolved via webfinger' do
- expect(subject.call('catsrgr8@quitter.no')).to be_nil
+ context 'when there is an LRDD endpoint but no resolvable account' do
+ before do
+ stub_request(:get, "https://quitter.no/.well-known/host-meta").to_return(request_fixture('.host-meta.txt'))
+ stub_request(:get, "https://quitter.no/.well-known/webfinger?resource=acct:catsrgr8@quitter.no").to_return(status: 404)
+ end
+
+ it 'returns nil' do
+ expect(subject.call('catsrgr8@quitter.no')).to be_nil
+ end
+ end
+
+ context 'when there is no LRDD endpoint nor resolvable account' do
+ before do
+ stub_request(:get, "https://example.com/.well-known/webfinger?resource=acct:catsrgr8@example.com").to_return(status: 404)
+ end
+
+ it 'returns nil' do
+ expect(subject.call('catsrgr8@example.com')).to be_nil
+ end
+ end
+
+ context 'when webfinger returns http gone' do
+ context 'for a previously known account' do
+ before do
+ Fabricate(:account, username: 'hoge', domain: 'example.com', last_webfingered_at: nil)
+ allow(AccountDeletionWorker).to receive(:perform_async)
+ end
+
+ it 'returns nil' do
+ expect(subject.call('hoge@example.com')).to be_nil
+ end
+
+ it 'queues account deletion worker' do
+ subject.call('hoge@example.com')
+ expect(AccountDeletionWorker).to have_received(:perform_async)
+ end
+ end
+
+ context 'for a previously unknown account' do
+ it 'returns nil' do
+ expect(subject.call('hoge@example.com')).to be_nil
+ end
+ end
+ end
+
+ context 'with a legitimate webfinger redirection' do
+ before do
+ webfinger = { subject: 'acct:foo@ap.example.com', links: [{ rel: 'self', href: 'https://ap.example.com/users/foo', type: 'application/activity+json' }] }
+ stub_request(:get, 'https://redirected.example.com/.well-known/webfinger?resource=acct:Foo@redirected.example.com').to_return(body: Oj.dump(webfinger), headers: { 'Content-Type': 'application/jrd+json' })
+ end
+
+ it 'returns new remote account' do
+ account = subject.call('Foo@redirected.example.com')
+
+ expect(account.activitypub?).to eq true
+ expect(account.acct).to eq 'foo@ap.example.com'
+ expect(account.inbox_url).to eq 'https://ap.example.com/users/foo/inbox'
+ end
+ end
+
+ context 'with a misconfigured redirection' do
+ before do
+ webfinger = { subject: 'acct:Foo@redirected.example.com', links: [{ rel: 'self', href: 'https://ap.example.com/users/foo', type: 'application/activity+json' }] }
+ stub_request(:get, 'https://redirected.example.com/.well-known/webfinger?resource=acct:Foo@redirected.example.com').to_return(body: Oj.dump(webfinger), headers: { 'Content-Type': 'application/jrd+json' })
+ end
+
+ it 'returns new remote account' do
+ account = subject.call('Foo@redirected.example.com')
+
+ expect(account.activitypub?).to eq true
+ expect(account.acct).to eq 'foo@ap.example.com'
+ expect(account.inbox_url).to eq 'https://ap.example.com/users/foo/inbox'
+ end
end
- it 'raises error if the domain does not have webfinger' do
- expect(subject.call('catsrgr8@example.com')).to be_nil
+ context 'with too many webfinger redirections' do
+ before do
+ webfinger = { subject: 'acct:foo@evil.example.com', links: [{ rel: 'self', href: 'https://ap.example.com/users/foo', type: 'application/activity+json' }] }
+ stub_request(:get, 'https://redirected.example.com/.well-known/webfinger?resource=acct:Foo@redirected.example.com').to_return(body: Oj.dump(webfinger), headers: { 'Content-Type': 'application/jrd+json' })
+ webfinger2 = { subject: 'acct:foo@ap.example.com', links: [{ rel: 'self', href: 'https://ap.example.com/users/foo', type: 'application/activity+json' }] }
+ stub_request(:get, 'https://evil.example.com/.well-known/webfinger?resource=acct:foo@evil.example.com').to_return(body: Oj.dump(webfinger2), headers: { 'Content-Type': 'application/jrd+json' })
+ end
+
+ it 'returns new remote account' do
+ expect { subject.call('Foo@redirected.example.com') }.to raise_error Webfinger::RedirectError
+ end
end
context 'with an ActivityPub account' do
@@ -48,6 +126,41 @@ RSpec.describe ResolveAccountService, type: :service do
end
end
+ context 'with an already-known actor changing acct: URI' do
+ let!(:duplicate) { Fabricate(:account, username: 'foo', domain: 'old.example.com', uri: 'https://ap.example.com/users/foo') }
+ let!(:status) { Fabricate(:status, account: duplicate, text: 'foo') }
+
+ it 'returns new remote account' do
+ account = subject.call('foo@ap.example.com')
+
+ expect(account.activitypub?).to eq true
+ expect(account.domain).to eq 'ap.example.com'
+ expect(account.inbox_url).to eq 'https://ap.example.com/users/foo/inbox'
+ expect(account.uri).to eq 'https://ap.example.com/users/foo'
+ end
+
+ it 'merges accounts' do
+ account = subject.call('foo@ap.example.com')
+
+ expect(status.reload.account_id).to eq account.id
+ expect(Account.where(uri: account.uri).count).to eq 1
+ end
+ end
+
+ context 'with an already-known acct: URI changing ActivityPub id' do
+ let!(:old_account) { Fabricate(:account, username: 'foo', domain: 'ap.example.com', uri: 'https://old.example.com/users/foo', last_webfingered_at: nil) }
+ let!(:status) { Fabricate(:status, account: old_account, text: 'foo') }
+
+ it 'returns new remote account' do
+ account = subject.call('foo@ap.example.com')
+
+ expect(account.activitypub?).to eq true
+ expect(account.domain).to eq 'ap.example.com'
+ expect(account.inbox_url).to eq 'https://ap.example.com/users/foo/inbox'
+ expect(account.uri).to eq 'https://ap.example.com/users/foo'
+ end
+ end
+
it 'processes one remote account at a time using locks' do
wait_for_start = true
fail_occurred = false
generated by cgit v1.2.3-70-g09d2 (git 2.50.0) at 2025-08-11 01:44:24 +0000