dereferencer_spec.rb 2.4 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273
  1. require 'rails_helper'
  2. RSpec.describe ActivityPub::Dereferencer do
  3. describe '#object' do
  4. let(:object) { { '@context': 'https://www.w3.org/ns/activitystreams', id: 'https://example.com/foo', type: 'Note', content: 'Hoge' } }
  5. let(:permitted_origin) { 'https://example.com' }
  6. let(:signature_account) { nil }
  7. let(:uri) { nil }
  8. subject { described_class.new(uri, permitted_origin: permitted_origin, signature_account: signature_account).object }
  9. before do
  10. stub_request(:get, 'https://example.com/foo').to_return(body: Oj.dump(object), headers: { 'Content-Type' => 'application/activity+json' })
  11. end
  12. context 'with a URI' do
  13. let(:uri) { 'https://example.com/foo' }
  14. it 'returns object' do
  15. expect(subject.with_indifferent_access).to eq object.with_indifferent_access
  16. end
  17. context 'with signature account' do
  18. let(:signature_account) { Fabricate(:account) }
  19. it 'makes signed request' do
  20. subject
  21. expect(a_request(:get, 'https://example.com/foo').with { |req| req.headers['Signature'].present? }).to have_been_made
  22. end
  23. end
  24. context 'with different origin' do
  25. let(:uri) { 'https://other-example.com/foo' }
  26. it 'does not make request' do
  27. subject
  28. expect(a_request(:get, 'https://other-example.com/foo')).to_not have_been_made
  29. end
  30. end
  31. end
  32. context 'with a bearcap' do
  33. let(:uri) { 'bear:?t=hoge&u=https://example.com/foo' }
  34. it 'makes request with Authorization header' do
  35. subject
  36. expect(a_request(:get, 'https://example.com/foo').with(headers: { 'Authorization' => 'Bearer hoge' })).to have_been_made
  37. end
  38. it 'returns object' do
  39. expect(subject.with_indifferent_access).to eq object.with_indifferent_access
  40. end
  41. context 'with signature account' do
  42. let(:signature_account) { Fabricate(:account) }
  43. it 'makes signed request' do
  44. subject
  45. expect(a_request(:get, 'https://example.com/foo').with { |req| req.headers['Signature'].present? && req.headers['Authorization'] == 'Bearer hoge' }).to have_been_made
  46. end
  47. end
  48. context 'with different origin' do
  49. let(:uri) { 'bear:?t=hoge&u=https://other-example.com/foo' }
  50. it 'does not make request' do
  51. subject
  52. expect(a_request(:get, 'https://other-example.com/foo')).to_not have_been_made
  53. end
  54. end
  55. end
  56. end
  57. end