def test_actor(self, _, mock_get, __):
mock_get.return_value = requests_response("""
<body>
<a class="h-card u-url" rel="me" href="/about-me">Mrs. ☕ Foo</a>
</body>
""", url='https://foo.com/', content_type=common.CONTENT_TYPE_HTML)
got = self.client.get('/foo.com')
mock_get.assert_called_once_with('http://foo.com/', headers=common.HEADERS,
stream=True, timeout=util.HTTP_TIMEOUT)
self.assertEqual(200, got.status_code)
type = got.headers['Content-Type']
self.assertTrue(type.startswith(common.CONTENT_TYPE_AS2), type)
self.assertEqual({
'@context': [
'https://www.w3.org/ns/activitystreams',
'https://w3id.org/security/v1',
],
'type' : 'Person',
'name': 'Mrs. ☕ Foo',
'summary': '',
'preferredUsername': '******',
'id': 'http://localhost/foo.com',
'url': 'http://localhost/r/https://foo.com/about-me',
'inbox': 'http://localhost/foo.com/inbox',
'outbox': 'http://localhost/foo.com/outbox',
'following': 'http://localhost/foo.com/following',
'followers': 'http://localhost/foo.com/followers',
'publicKey': {
'id': 'foo.com',
'publicKeyPem': MagicKey.get_by_id('foo.com').public_pem().decode(),
},
}, got.json)
def test_actor_handler(self, _, mock_get, __):
mock_get.return_value = requests_response("""
<body>
<a class="h-card u-url" rel="me" href="/about-me">Mrs. ☕ Foo</a>
</body>
""",
url='https://foo.com/')
got = app.get_response('/foo.com')
mock_get.assert_called_once_with('http://foo.com/',
headers=common.HEADERS,
timeout=util.HTTP_TIMEOUT)
self.assertEquals(200, got.status_int)
self.assertEquals(common.CONTENT_TYPE_AS2, got.headers['Content-Type'])
self.assertEquals(
{
'@context': 'https://www.w3.org/ns/activitystreams',
'type': 'Person',
'name': 'Mrs. ☕ Foo',
'summary': '',
'preferredUsername': '******',
'id': 'http://localhost/foo.com',
'url': 'http://localhost/r/https://foo.com/about-me',
'inbox': 'http://localhost/foo.com/inbox',
'outbox': 'http://localhost/foo.com/outbox',
'following': 'http://localhost/foo.com/following',
'followers': 'http://localhost/foo.com/followers',
'publicKey': {
'id': 'foo.com',
'publicKeyPem': MagicKey.get_by_id('foo.com').public_pem(),
},
}, json.loads(got.body))
def redir(to):
"""301 redirect to the embedded fully qualified URL.
e.g. redirects /r/https://foo.com/bar?baz to https://foo.com/bar?baz
"""
if request.args:
to += '?' + urllib.parse.urlencode(request.args)
# some browsers collapse repeated /s in the path down to a single slash.
# if that happened to this URL, expand it back to two /s.
to = re.sub(r'^(https?:/)([^/])', r'\1/\2', to)
if not to.startswith('http://') and not to.startswith('https://'):
error(f'Expected fully qualified URL; got {to}')
# check that we've seen this domain before so we're not an open redirect
domains = set(
(util.domain_from_link(to), urllib.parse.urlparse(to).hostname))
for domain in domains:
if domain and MagicKey.get_by_id(domain):
logging.info(f'Found MagicKey for domain {domain}')
break
else:
logging.info(f'No user found for any of {domains}; returning 404')
abort(404)
# poor man's conneg, only handle single Accept values, not multiple with
# priorities.
if request.headers.get('Accept') in (common.CONTENT_TYPE_AS2,
common.CONTENT_TYPE_AS2_LD):
return convert_to_as2(to)
# redirect
logging.info(f'redirecting to {to}')
return redirect(to, code=301)