Ocelot-Social/backend/src/activitypub/security/httpSignature.spec.js

import { generateRsaKeyPair, createSignature, verifySignature } from '.'
import crypto from 'crypto'
import request from 'request'
jest.mock('request')

let privateKey
let publicKey
let headers
const passphrase = 'a7dsf78sadg87ad87sfagsadg78'

describe('activityPub/security', () => {
  beforeEach(() => {
    const pair = generateRsaKeyPair({ passphrase })
    privateKey = pair.privateKey
    publicKey = pair.publicKey
    headers = {
      'Date': '2019-03-08T14:35:45.759Z',
      'Host': 'democracy-app.de',
      'Content-Type': 'application/json'
    }
  })

  describe('createSignature', () => {
    describe('returned http signature', () => {
      let signatureB64
      let httpSignature

      beforeEach(() => {
        const signer = crypto.createSign('rsa-sha256')
        signer.update('(request-target): post /activitypub/users/max/inbox\ndate: 2019-03-08T14:35:45.759Z\nhost: democracy-app.de\ncontent-type: application/json')
        signatureB64 = signer.sign({ key: privateKey, passphrase }, 'base64')
        httpSignature = createSignature({ privateKey, keyId: 'https://human-connection.org/activitypub/users/lea#main-key', url: 'https://democracy-app.de/activitypub/users/max/inbox', headers, passphrase })
      })

      it('contains keyId', () => {
        expect(httpSignature).toContain('keyId="https://human-connection.org/activitypub/users/lea#main-key"')
      })

      it('contains default algorithm "rsa-sha256"', () => {
        expect(httpSignature).toContain('algorithm="rsa-sha256"')
      })

      it('contains headers', () => {
        expect(httpSignature).toContain('headers="(request-target) date host content-type"')
      })

      it('contains signature', () => {
        expect(httpSignature).toContain('signature="' + signatureB64 + '"')
      })
    })
  })

  describe('verifySignature', () => {
    let httpSignature

    beforeEach(() => {
      httpSignature = createSignature({ privateKey, keyId: 'http://localhost:4001/activitypub/users/test-user#main-key', url: 'https://democracy-app.de/activitypub/users/max/inbox', headers, passphrase })
      const body = {
        'publicKey': {
          'id': 'https://localhost:4001/activitypub/users/test-user#main-key',
          'owner': 'https://localhost:4001/activitypub/users/test-user',
          'publicKeyPem': publicKey
        }
      }

      const mockedRequest = jest.fn((_, callback) => callback(null, null, JSON.stringify(body)))
      request.mockImplementation(mockedRequest)
    })

    it('resolves false', async () => {
      await expect(verifySignature('https://democracy-app.de/activitypub/users/max/inbox', headers)).resolves.toEqual(false)
    })

    describe('valid signature', () => {
      beforeEach(() => {
        headers.Signature = httpSignature
      })

      it('resolves true', async () => {
        await expect(verifySignature('https://democracy-app.de/activitypub/users/max/inbox', headers)).resolves.toEqual(true)
      })
    })
  })
})