me/glitchier-soc
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Pubsub confirmation worker spec (#2974)

Browse source 
* Add specs for valid challenge response from pubsub confirmation worker

* Refactor the pubsub confirmation worker
This commit is contained in:
Matt Jankowski 2017-05-10 18:19:37 -04:00 committed by Eugen Rochko
parent a231f915a0
commit 08949cca41
2 changed files with 159 additions and 17 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

88
app/workers/pubsubhubbub/confirmation_worker.rb
View file

@ -6,31 +6,85 @@ class Pubsubhubbub::ConfirmationWorker
sidekiq_options queue: 'push', retry: false sidekiq_options queue: 'push', retry: false
attr_reader :subscription, :mode, :secret, :lease_seconds
def perform(subscription_id, mode, secret = nil, lease_seconds = nil) def perform(subscription_id, mode, secret = nil, lease_seconds = nil)
subscription = Subscription.find(subscription_id) @subscription = Subscription.find(subscription_id)
challenge = SecureRandom.hex @mode = mode
@secret = secret
@lease_seconds = lease_seconds
process_confirmation
end
subscription.secret = secret private
subscription.lease_seconds = lease_seconds
subscription.confirmed = true
response = HTTP.headers(user_agent: 'Mastodon/PubSubHubbub') def process_confirmation
.timeout(:per_operation, write: 20, connect: 20, read: 50) prepare_subscription
.get(subscription.callback_url, params: {
'hub.topic' => account_url(subscription.account, format: :atom),
'hub.mode' => mode,
'hub.challenge' => challenge,
'hub.lease_seconds' => subscription.lease_seconds,
})
body = response.body.to_s confirm_callback
logger.debug "Confirming PuSH subscription for #{subscription.callback_url} with challenge #{challenge}: #{callback_response_body}"
logger.debug "Confirming PuSH subscription for #{subscription.callback_url} with challenge #{challenge}: #{body}" update_subscription
end
if mode == 'subscribe' && body == challenge def update_subscription
if successful_subscribe?
subscription.save! subscription.save!
elsif (mode == 'unsubscribe' && body == challenge) || !subscription.confirmed? elsif successful_unsubscribe?
subscription.destroy! subscription.destroy!
end end
end end
def successful_subscribe?
subscribing? && response_matches_challenge?
end
def successful_unsubscribe?
(unsubscribing? && response_matches_challenge?) || !subscription.confirmed?
end
def response_matches_challenge?
callback_response_body == challenge
end
def subscribing?
mode == 'subscribe'
end
def unsubscribing?
mode == 'unsubscribe'
end
def confirm_callback
@_confirm_callback ||= callback_get_with_params
end
def callback_get_with_params
HTTP.headers(user_agent: 'Mastodon/PubSubHubbub')
.timeout(:per_operation, write: 20, connect: 20, read: 50)
.get(subscription.callback_url, params: callback_params)
end
def callback_response_body
confirm_callback.body.to_s
end
def callback_params
{
'hub.topic' => account_url(subscription.account, format: :atom),
'hub.mode' => mode,
'hub.challenge' => challenge,
'hub.lease_seconds' => subscription.lease_seconds,
}
end
def prepare_subscription
subscription.secret = secret
subscription.lease_seconds = lease_seconds
subscription.confirmed = true
end
def challenge
@_challenge ||= SecureRandom.hex
end
end end

88
spec/workers/pubsubhubbub/confirmation_worker_spec.rb Normal file
View file

@ -0,0 +1,88 @@
# frozen_string_literal: true
require 'rails_helper'
describe Pubsubhubbub::ConfirmationWorker do
include RoutingHelper
subject { described_class.new }
let!(:alice) { Fabricate(:account, username: 'alice') }
let!(:subscription) { Fabricate(:subscription, account_id: alice.id, callback_url: 'http://example.com/api', confirmed: false, expires_at: 3.days.from_now, secret: nil) }
describe 'perform' do
describe 'with subscribe mode' do
it 'confirms and updates subscription when challenge matches' do
stub_random_value
stub_request(:get, url_for_mode('subscribe'))
.with(headers: http_headers)
.to_return(status: 200, body: challenge_value, headers: {})
seconds = 10.days.seconds.to_i
subject.perform(subscription.id, 'subscribe', 'asdf', seconds)
subscription.reload
expect(subscription.secret).to eq 'asdf'
expect(subscription.confirmed).to eq true
expect(subscription.expires_at).to be_within(5).of(10.days.from_now)
end
it 'does not update subscription when challenge does not match' do
stub_random_value
stub_request(:get, url_for_mode('subscribe'))
.with(headers: http_headers)
.to_return(status: 200, body: 'wrong value', headers: {})
seconds = 10.days.seconds.to_i
subject.perform(subscription.id, 'subscribe', 'asdf', seconds)
subscription.reload
expect(subscription.secret).to be_blank
expect(subscription.confirmed).to eq false
expect(subscription.expires_at).to be_within(5).of(3.days.from_now)
end
end
describe 'with unsubscribe mode' do
it 'confirms and destroys subscription when challenge matches' do
stub_random_value
stub_request(:get, url_for_mode('unsubscribe'))
.with(headers: http_headers)
.to_return(status: 200, body: challenge_value, headers: {})
seconds = 10.days.seconds.to_i
subject.perform(subscription.id, 'unsubscribe', 'asdf', seconds)
expect { subscription.reload }.to raise_error(ActiveRecord::RecordNotFound)
end
it 'does not destroy subscription when challenge does not match' do
stub_random_value
stub_request(:get, url_for_mode('unsubscribe'))
.with(headers: http_headers)
.to_return(status: 200, body: 'wrong value', headers: {})
seconds = 10.days.seconds.to_i
subject.perform(subscription.id, 'unsubscribe', 'asdf', seconds)
expect { subscription.reload }.not_to raise_error
end
end
end
def url_for_mode(mode)
"http://example.com/api?hub.challenge=#{challenge_value}&hub.lease_seconds=863999&hub.mode=#{mode}&hub.topic=https://#{Rails.configuration.x.local_domain}/users/alice.atom"
end
def stub_random_value
allow(SecureRandom).to receive(:hex).and_return(challenge_value)
end
def challenge_value
'1a2s3d4f'
end
def http_headers
{ 'Connection' => 'close', 'Host' => 'example.com', 'User-Agent' => 'Mastodon/PubSubHubbub' }
end
end