Pubsub confirmation worker spec (#2974)
* Add specs for valid challenge response from pubsub confirmation worker * Refactor the pubsub confirmation workerpull/2864/head^2
parent
a231f915a0
commit
08949cca41
|
@ -6,31 +6,85 @@ class Pubsubhubbub::ConfirmationWorker
|
||||||
|
|
||||||
sidekiq_options queue: 'push', retry: false
|
sidekiq_options queue: 'push', retry: false
|
||||||
|
|
||||||
|
attr_reader :subscription, :mode, :secret, :lease_seconds
|
||||||
|
|
||||||
def perform(subscription_id, mode, secret = nil, lease_seconds = nil)
|
def perform(subscription_id, mode, secret = nil, lease_seconds = nil)
|
||||||
subscription = Subscription.find(subscription_id)
|
@subscription = Subscription.find(subscription_id)
|
||||||
challenge = SecureRandom.hex
|
@mode = mode
|
||||||
|
@secret = secret
|
||||||
|
@lease_seconds = lease_seconds
|
||||||
|
process_confirmation
|
||||||
|
end
|
||||||
|
|
||||||
subscription.secret = secret
|
private
|
||||||
subscription.lease_seconds = lease_seconds
|
|
||||||
subscription.confirmed = true
|
|
||||||
|
|
||||||
response = HTTP.headers(user_agent: 'Mastodon/PubSubHubbub')
|
def process_confirmation
|
||||||
.timeout(:per_operation, write: 20, connect: 20, read: 50)
|
prepare_subscription
|
||||||
.get(subscription.callback_url, params: {
|
|
||||||
'hub.topic' => account_url(subscription.account, format: :atom),
|
|
||||||
'hub.mode' => mode,
|
|
||||||
'hub.challenge' => challenge,
|
|
||||||
'hub.lease_seconds' => subscription.lease_seconds,
|
|
||||||
})
|
|
||||||
|
|
||||||
body = response.body.to_s
|
confirm_callback
|
||||||
|
logger.debug "Confirming PuSH subscription for #{subscription.callback_url} with challenge #{challenge}: #{callback_response_body}"
|
||||||
|
|
||||||
logger.debug "Confirming PuSH subscription for #{subscription.callback_url} with challenge #{challenge}: #{body}"
|
update_subscription
|
||||||
|
end
|
||||||
|
|
||||||
if mode == 'subscribe' && body == challenge
|
def update_subscription
|
||||||
|
if successful_subscribe?
|
||||||
subscription.save!
|
subscription.save!
|
||||||
elsif (mode == 'unsubscribe' && body == challenge) || !subscription.confirmed?
|
elsif successful_unsubscribe?
|
||||||
subscription.destroy!
|
subscription.destroy!
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def successful_subscribe?
|
||||||
|
subscribing? && response_matches_challenge?
|
||||||
|
end
|
||||||
|
|
||||||
|
def successful_unsubscribe?
|
||||||
|
(unsubscribing? && response_matches_challenge?) || !subscription.confirmed?
|
||||||
|
end
|
||||||
|
|
||||||
|
def response_matches_challenge?
|
||||||
|
callback_response_body == challenge
|
||||||
|
end
|
||||||
|
|
||||||
|
def subscribing?
|
||||||
|
mode == 'subscribe'
|
||||||
|
end
|
||||||
|
|
||||||
|
def unsubscribing?
|
||||||
|
mode == 'unsubscribe'
|
||||||
|
end
|
||||||
|
|
||||||
|
def confirm_callback
|
||||||
|
@_confirm_callback ||= callback_get_with_params
|
||||||
|
end
|
||||||
|
|
||||||
|
def callback_get_with_params
|
||||||
|
HTTP.headers(user_agent: 'Mastodon/PubSubHubbub')
|
||||||
|
.timeout(:per_operation, write: 20, connect: 20, read: 50)
|
||||||
|
.get(subscription.callback_url, params: callback_params)
|
||||||
|
end
|
||||||
|
|
||||||
|
def callback_response_body
|
||||||
|
confirm_callback.body.to_s
|
||||||
|
end
|
||||||
|
|
||||||
|
def callback_params
|
||||||
|
{
|
||||||
|
'hub.topic' => account_url(subscription.account, format: :atom),
|
||||||
|
'hub.mode' => mode,
|
||||||
|
'hub.challenge' => challenge,
|
||||||
|
'hub.lease_seconds' => subscription.lease_seconds,
|
||||||
|
}
|
||||||
|
end
|
||||||
|
|
||||||
|
def prepare_subscription
|
||||||
|
subscription.secret = secret
|
||||||
|
subscription.lease_seconds = lease_seconds
|
||||||
|
subscription.confirmed = true
|
||||||
|
end
|
||||||
|
|
||||||
|
def challenge
|
||||||
|
@_challenge ||= SecureRandom.hex
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -0,0 +1,88 @@
|
||||||
|
# frozen_string_literal: true
|
||||||
|
|
||||||
|
require 'rails_helper'
|
||||||
|
|
||||||
|
describe Pubsubhubbub::ConfirmationWorker do
|
||||||
|
include RoutingHelper
|
||||||
|
|
||||||
|
subject { described_class.new }
|
||||||
|
|
||||||
|
let!(:alice) { Fabricate(:account, username: 'alice') }
|
||||||
|
let!(:subscription) { Fabricate(:subscription, account_id: alice.id, callback_url: 'http://example.com/api', confirmed: false, expires_at: 3.days.from_now, secret: nil) }
|
||||||
|
|
||||||
|
describe 'perform' do
|
||||||
|
describe 'with subscribe mode' do
|
||||||
|
it 'confirms and updates subscription when challenge matches' do
|
||||||
|
stub_random_value
|
||||||
|
stub_request(:get, url_for_mode('subscribe'))
|
||||||
|
.with(headers: http_headers)
|
||||||
|
.to_return(status: 200, body: challenge_value, headers: {})
|
||||||
|
|
||||||
|
seconds = 10.days.seconds.to_i
|
||||||
|
subject.perform(subscription.id, 'subscribe', 'asdf', seconds)
|
||||||
|
|
||||||
|
subscription.reload
|
||||||
|
expect(subscription.secret).to eq 'asdf'
|
||||||
|
expect(subscription.confirmed).to eq true
|
||||||
|
expect(subscription.expires_at).to be_within(5).of(10.days.from_now)
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'does not update subscription when challenge does not match' do
|
||||||
|
stub_random_value
|
||||||
|
stub_request(:get, url_for_mode('subscribe'))
|
||||||
|
.with(headers: http_headers)
|
||||||
|
.to_return(status: 200, body: 'wrong value', headers: {})
|
||||||
|
|
||||||
|
seconds = 10.days.seconds.to_i
|
||||||
|
subject.perform(subscription.id, 'subscribe', 'asdf', seconds)
|
||||||
|
|
||||||
|
subscription.reload
|
||||||
|
expect(subscription.secret).to be_blank
|
||||||
|
expect(subscription.confirmed).to eq false
|
||||||
|
expect(subscription.expires_at).to be_within(5).of(3.days.from_now)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
describe 'with unsubscribe mode' do
|
||||||
|
it 'confirms and destroys subscription when challenge matches' do
|
||||||
|
stub_random_value
|
||||||
|
stub_request(:get, url_for_mode('unsubscribe'))
|
||||||
|
.with(headers: http_headers)
|
||||||
|
.to_return(status: 200, body: challenge_value, headers: {})
|
||||||
|
|
||||||
|
seconds = 10.days.seconds.to_i
|
||||||
|
subject.perform(subscription.id, 'unsubscribe', 'asdf', seconds)
|
||||||
|
|
||||||
|
expect { subscription.reload }.to raise_error(ActiveRecord::RecordNotFound)
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'does not destroy subscription when challenge does not match' do
|
||||||
|
stub_random_value
|
||||||
|
stub_request(:get, url_for_mode('unsubscribe'))
|
||||||
|
.with(headers: http_headers)
|
||||||
|
.to_return(status: 200, body: 'wrong value', headers: {})
|
||||||
|
|
||||||
|
seconds = 10.days.seconds.to_i
|
||||||
|
subject.perform(subscription.id, 'unsubscribe', 'asdf', seconds)
|
||||||
|
|
||||||
|
expect { subscription.reload }.not_to raise_error
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
def url_for_mode(mode)
|
||||||
|
"http://example.com/api?hub.challenge=#{challenge_value}&hub.lease_seconds=863999&hub.mode=#{mode}&hub.topic=https://#{Rails.configuration.x.local_domain}/users/alice.atom"
|
||||||
|
end
|
||||||
|
|
||||||
|
def stub_random_value
|
||||||
|
allow(SecureRandom).to receive(:hex).and_return(challenge_value)
|
||||||
|
end
|
||||||
|
|
||||||
|
def challenge_value
|
||||||
|
'1a2s3d4f'
|
||||||
|
end
|
||||||
|
|
||||||
|
def http_headers
|
||||||
|
{ 'Connection' => 'close', 'Host' => 'example.com', 'User-Agent' => 'Mastodon/PubSubHubbub' }
|
||||||
|
end
|
||||||
|
end
|
Loading…
Reference in New Issue