From 7de0ee7aba86cffeaeffded7e0699214fb64364e Mon Sep 17 00:00:00 2001 From: Eugen Rochko Date: Fri, 26 Nov 2021 05:58:18 +0100 Subject: Remove Keybase integration (#17045) --- spec/controllers/api/proofs_controller_spec.rb | 93 ----------- .../settings/identity_proofs_controller_spec.rb | 186 --------------------- .../keybase_proof_config_controller_spec.rb | 15 -- .../account_identity_proof_fabricator.rb | 8 - spec/lib/proof_provider/keybase/verifier_spec.rb | 82 --------- .../activitypub/process_account_service_spec.rb | 45 ----- 6 files changed, 429 deletions(-) delete mode 100644 spec/controllers/api/proofs_controller_spec.rb delete mode 100644 spec/controllers/settings/identity_proofs_controller_spec.rb delete mode 100644 spec/controllers/well_known/keybase_proof_config_controller_spec.rb delete mode 100644 spec/fabricators/account_identity_proof_fabricator.rb delete mode 100644 spec/lib/proof_provider/keybase/verifier_spec.rb (limited to 'spec') diff --git a/spec/controllers/api/proofs_controller_spec.rb b/spec/controllers/api/proofs_controller_spec.rb deleted file mode 100644 index 2fe615005..000000000 --- a/spec/controllers/api/proofs_controller_spec.rb +++ /dev/null @@ -1,93 +0,0 @@ -require 'rails_helper' - -describe Api::ProofsController do - let(:alice) { Fabricate(:account, username: 'alice') } - - before do - stub_request(:get, 'https://keybase.io/_/api/1.0/sig/proof_valid.json?domain=cb6e6126.ngrok.io&kb_username=crypto_alice&sig_hash=111111111111111111111111111111111111111111111111111111111111111111&username=alice').to_return(status: 200, body: '{"proof_valid":true,"proof_live":false}') - stub_request(:get, 'https://keybase.io/_/api/1.0/sig/proof_live.json?domain=cb6e6126.ngrok.io&kb_username=crypto_alice&sig_hash=111111111111111111111111111111111111111111111111111111111111111111&username=alice').to_return(status: 200, body: '{"proof_valid":true,"proof_live":true}') - stub_request(:get, 'https://keybase.io/_/api/1.0/sig/proof_valid.json?domain=cb6e6126.ngrok.io&kb_username=hidden_alice&sig_hash=222222222222222222222222222222222222222222222222222222222222222222&username=alice').to_return(status: 200, body: '{"proof_valid":true,"proof_live":true}') - stub_request(:get, 'https://keybase.io/_/api/1.0/sig/proof_live.json?domain=cb6e6126.ngrok.io&kb_username=hidden_alice&sig_hash=222222222222222222222222222222222222222222222222222222222222222222&username=alice').to_return(status: 200, body: '{"proof_valid":true,"proof_live":true}') - end - - describe 'GET #index' do - describe 'with a non-existent username' do - it '404s' do - get :index, params: { username: 'nonexistent', provider: 'keybase' } - - expect(response).to have_http_status(:not_found) - end - end - - describe 'with a user that has no proofs' do - it 'is an empty list of signatures' do - get :index, params: { username: alice.username, provider: 'keybase' } - - expect(body_as_json[:signatures]).to eq [] - end - end - - describe 'with a user that has a live, valid proof' do - let(:token1) { '111111111111111111111111111111111111111111111111111111111111111111' } - let(:kb_name1) { 'crypto_alice' } - - before do - Fabricate(:account_identity_proof, account: alice, verified: true, live: true, token: token1, provider_username: kb_name1) - end - - it 'is a list with that proof in it' do - get :index, params: { username: alice.username, provider: 'keybase' } - - expect(body_as_json[:signatures]).to eq [ - { kb_username: kb_name1, sig_hash: token1 }, - ] - end - - describe 'add one that is neither live nor valid' do - let(:token2) { '222222222222222222222222222222222222222222222222222222222222222222' } - let(:kb_name2) { 'hidden_alice' } - - before do - Fabricate(:account_identity_proof, account: alice, verified: false, live: false, token: token2, provider_username: kb_name2) - end - - it 'is a list with both proofs' do - get :index, params: { username: alice.username, provider: 'keybase' } - - expect(body_as_json[:signatures]).to eq [ - { kb_username: kb_name1, sig_hash: token1 }, - { kb_username: kb_name2, sig_hash: token2 }, - ] - end - end - end - - describe 'a user that has an avatar' do - let(:alice) { Fabricate(:account, username: 'alice', avatar: attachment_fixture('avatar.gif')) } - - context 'and a proof' do - let(:token1) { '111111111111111111111111111111111111111111111111111111111111111111' } - let(:kb_name1) { 'crypto_alice' } - - before do - Fabricate(:account_identity_proof, account: alice, verified: true, live: true, token: token1, provider_username: kb_name1) - get :index, params: { username: alice.username, provider: 'keybase' } - end - - it 'has two keys: signatures and avatar' do - expect(body_as_json.keys).to match_array [:signatures, :avatar] - end - - it 'has the correct signatures' do - expect(body_as_json[:signatures]).to eq [ - { kb_username: kb_name1, sig_hash: token1 }, - ] - end - - it 'has the correct avatar url' do - expect(body_as_json[:avatar]).to match "https://cb6e6126.ngrok.io#{alice.avatar.url}" - end - end - end - end -end diff --git a/spec/controllers/settings/identity_proofs_controller_spec.rb b/spec/controllers/settings/identity_proofs_controller_spec.rb deleted file mode 100644 index 16f236227..000000000 --- a/spec/controllers/settings/identity_proofs_controller_spec.rb +++ /dev/null @@ -1,186 +0,0 @@ -require 'rails_helper' - -describe Settings::IdentityProofsController do - include RoutingHelper - render_views - - let(:user) { Fabricate(:user) } - let(:valid_token) { '1'*66 } - let(:kbname) { 'kbuser' } - let(:provider) { 'keybase' } - let(:findable_id) { Faker::Number.number(digits: 5) } - let(:unfindable_id) { Faker::Number.number(digits: 5) } - let(:new_proof_params) do - { provider: provider, provider_username: kbname, token: valid_token, username: user.account.username } - end - let(:status_text) { "i just proved that i am also #{kbname} on #{provider}." } - let(:status_posting_params) do - { post_status: '0', status_text: status_text } - end - let(:postable_params) do - { account_identity_proof: new_proof_params.merge(status_posting_params) } - end - - before do - allow_any_instance_of(ProofProvider::Keybase::Verifier).to receive(:status) { { 'proof_valid' => true, 'proof_live' => true } } - sign_in user, scope: :user - end - - describe 'new proof creation' do - context 'GET #new' do - before do - allow_any_instance_of(ProofProvider::Keybase::Badge).to receive(:avatar_url) { full_pack_url('media/images/void.png') } - end - - context 'with all of the correct params' do - it 'renders the template' do - get :new, params: new_proof_params - expect(response).to render_template(:new) - end - end - - context 'without any params' do - it 'redirects to :index' do - get :new, params: {} - expect(response).to redirect_to settings_identity_proofs_path - end - end - - context 'with params to prove a different, not logged-in user' do - let(:wrong_user_params) { new_proof_params.merge(username: 'someone_else') } - - it 'shows a helpful alert' do - get :new, params: wrong_user_params - expect(flash[:alert]).to eq I18n.t('identity_proofs.errors.wrong_user', proving: 'someone_else', current: user.account.username) - end - end - - context 'with params to prove the same username cased differently' do - let(:capitalized_username) { new_proof_params.merge(username: user.account.username.upcase) } - - it 'renders the new template' do - get :new, params: capitalized_username - expect(response).to render_template(:new) - end - end - end - - context 'POST #create' do - context 'when saving works' do - before do - allow(ProofProvider::Keybase::Worker).to receive(:perform_async) - allow_any_instance_of(ProofProvider::Keybase::Verifier).to receive(:valid?) { true } - allow_any_instance_of(AccountIdentityProof).to receive(:on_success_path) { root_url } - end - - it 'serializes a ProofProvider::Keybase::Worker' do - expect(ProofProvider::Keybase::Worker).to receive(:perform_async) - post :create, params: postable_params - end - - it 'delegates redirection to the proof provider' do - expect_any_instance_of(AccountIdentityProof).to receive(:on_success_path) - post :create, params: postable_params - expect(response).to redirect_to root_url - end - - it 'does not post a status' do - expect(PostStatusService).not_to receive(:new) - post :create, params: postable_params - end - - context 'and the user has requested to post a status' do - let(:postable_params_with_status) do - postable_params.tap { |p| p[:account_identity_proof][:post_status] = '1' } - end - - it 'posts a status' do - expect_any_instance_of(PostStatusService).to receive(:call).with(user.account, text: status_text) - - post :create, params: postable_params_with_status - end - end - end - - context 'when saving fails' do - before do - allow_any_instance_of(ProofProvider::Keybase::Verifier).to receive(:valid?) { false } - end - - it 'redirects to :index' do - post :create, params: postable_params - expect(response).to redirect_to settings_identity_proofs_path - end - - it 'flashes a helpful message' do - post :create, params: postable_params - expect(flash[:alert]).to eq I18n.t('identity_proofs.errors.failed', provider: 'Keybase') - end - end - - context 'it can also do an update if the provider and username match an existing proof' do - before do - allow_any_instance_of(ProofProvider::Keybase::Verifier).to receive(:valid?) { true } - allow(ProofProvider::Keybase::Worker).to receive(:perform_async) - Fabricate(:account_identity_proof, account: user.account, provider: provider, provider_username: kbname) - allow_any_instance_of(AccountIdentityProof).to receive(:on_success_path) { root_url } - end - - it 'calls update with the new token' do - expect_any_instance_of(AccountIdentityProof).to receive(:save) do |proof| - expect(proof.token).to eq valid_token - end - - post :create, params: postable_params - end - end - end - end - - describe 'GET #index' do - context 'with no existing proofs' do - it 'shows the helpful explanation' do - get :index - expect(response.body).to match I18n.t('identity_proofs.explanation_html') - end - end - - context 'with two proofs' do - before do - allow_any_instance_of(ProofProvider::Keybase::Verifier).to receive(:valid?) { true } - @proof1 = Fabricate(:account_identity_proof, account: user.account) - @proof2 = Fabricate(:account_identity_proof, account: user.account) - allow_any_instance_of(AccountIdentityProof).to receive(:badge) { double(avatar_url: '', profile_url: '', proof_url: '') } - allow_any_instance_of(AccountIdentityProof).to receive(:refresh!) {} - end - - it 'has the first proof username on the page' do - get :index - expect(response.body).to match /#{Regexp.quote(@proof1.provider_username)}/ - end - - it 'has the second proof username on the page' do - get :index - expect(response.body).to match /#{Regexp.quote(@proof2.provider_username)}/ - end - end - end - - describe 'DELETE #destroy' do - before do - allow_any_instance_of(ProofProvider::Keybase::Verifier).to receive(:valid?) { true } - @proof1 = Fabricate(:account_identity_proof, account: user.account) - allow_any_instance_of(AccountIdentityProof).to receive(:badge) { double(avatar_url: '', profile_url: '', proof_url: '') } - allow_any_instance_of(AccountIdentityProof).to receive(:refresh!) {} - delete :destroy, params: { id: @proof1.id } - end - - it 'redirects to :index' do - expect(response).to redirect_to settings_identity_proofs_path - end - - it 'removes the proof' do - expect(AccountIdentityProof.where(id: @proof1.id).count).to eq 0 - end - end -end diff --git a/spec/controllers/well_known/keybase_proof_config_controller_spec.rb b/spec/controllers/well_known/keybase_proof_config_controller_spec.rb deleted file mode 100644 index 00f251c3c..000000000 --- a/spec/controllers/well_known/keybase_proof_config_controller_spec.rb +++ /dev/null @@ -1,15 +0,0 @@ -require 'rails_helper' - -describe WellKnown::KeybaseProofConfigController, type: :controller do - render_views - - describe 'GET #show' do - it 'renders json' do - get :show - - expect(response).to have_http_status(200) - expect(response.media_type).to eq 'application/json' - expect { JSON.parse(response.body) }.not_to raise_exception - end - end -end diff --git a/spec/fabricators/account_identity_proof_fabricator.rb b/spec/fabricators/account_identity_proof_fabricator.rb deleted file mode 100644 index 7b932fa96..000000000 --- a/spec/fabricators/account_identity_proof_fabricator.rb +++ /dev/null @@ -1,8 +0,0 @@ -Fabricator(:account_identity_proof) do - account - provider 'keybase' - provider_username { sequence(:provider_username) { |i| "#{Faker::Lorem.characters(number: 15)}" } } - token { sequence(:token) { |i| "#{i}#{Faker::Crypto.sha1()*2}"[0..65] } } - verified false - live false -end diff --git a/spec/lib/proof_provider/keybase/verifier_spec.rb b/spec/lib/proof_provider/keybase/verifier_spec.rb deleted file mode 100644 index 0081a735d..000000000 --- a/spec/lib/proof_provider/keybase/verifier_spec.rb +++ /dev/null @@ -1,82 +0,0 @@ -require 'rails_helper' - -describe ProofProvider::Keybase::Verifier do - let(:my_domain) { Rails.configuration.x.local_domain } - - let(:keybase_proof) do - local_proof = AccountIdentityProof.new( - provider: 'Keybase', - provider_username: 'cryptoalice', - token: '11111111111111111111111111' - ) - - described_class.new('alice', 'cryptoalice', '11111111111111111111111111', my_domain) - end - - let(:query_params) do - "domain=#{my_domain}&kb_username=cryptoalice&sig_hash=11111111111111111111111111&username=alice" - end - - describe '#valid?' do - let(:base_url) { 'https://keybase.io/_/api/1.0/sig/proof_valid.json' } - - context 'when valid' do - before do - json_response_body = '{"status":{"code":0,"name":"OK"},"proof_valid":true}' - stub_request(:get, "#{base_url}?#{query_params}").to_return(status: 200, body: json_response_body) - end - - it 'calls out to keybase and returns true' do - expect(keybase_proof.valid?).to eq true - end - end - - context 'when invalid' do - before do - json_response_body = '{"status":{"code":0,"name":"OK"},"proof_valid":false}' - stub_request(:get, "#{base_url}?#{query_params}").to_return(status: 200, body: json_response_body) - end - - it 'calls out to keybase and returns false' do - expect(keybase_proof.valid?).to eq false - end - end - - context 'with an unexpected api response' do - before do - json_response_body = '{"status":{"code":100,"desc":"wrong size hex_id","fields":{"sig_hash":"wrong size hex_id"},"name":"INPUT_ERROR"}}' - stub_request(:get, "#{base_url}?#{query_params}").to_return(status: 200, body: json_response_body) - end - - it 'swallows the error and returns false' do - expect(keybase_proof.valid?).to eq false - end - end - end - - describe '#status' do - let(:base_url) { 'https://keybase.io/_/api/1.0/sig/proof_live.json' } - - context 'with a normal response' do - before do - json_response_body = '{"status":{"code":0,"name":"OK"},"proof_live":false,"proof_valid":true}' - stub_request(:get, "#{base_url}?#{query_params}").to_return(status: 200, body: json_response_body) - end - - it 'calls out to keybase and returns the status fields as proof_valid and proof_live' do - expect(keybase_proof.status).to include({ 'proof_valid' => true, 'proof_live' => false }) - end - end - - context 'with an unexpected keybase response' do - before do - json_response_body = '{"status":{"code":100,"desc":"missing non-optional field sig_hash","fields":{"sig_hash":"missing non-optional field sig_hash"},"name":"INPUT_ERROR"}}' - stub_request(:get, "#{base_url}?#{query_params}").to_return(status: 200, body: json_response_body) - end - - it 'raises a ProofProvider::Keybase::UnexpectedResponseError' do - expect { keybase_proof.status }.to raise_error ProofProvider::Keybase::UnexpectedResponseError - end - end - end -end diff --git a/spec/services/activitypub/process_account_service_spec.rb b/spec/services/activitypub/process_account_service_spec.rb index 1b1d878a7..7728b9ba8 100644 --- a/spec/services/activitypub/process_account_service_spec.rb +++ b/spec/services/activitypub/process_account_service_spec.rb @@ -30,51 +30,6 @@ RSpec.describe ActivityPub::ProcessAccountService, type: :service do end end - context 'identity proofs' do - let(:payload) do - { - id: 'https://foo.test', - type: 'Actor', - inbox: 'https://foo.test/inbox', - attachment: [ - { type: 'IdentityProof', name: 'Alice', signatureAlgorithm: 'keybase', signatureValue: 'a' * 66 }, - ], - }.with_indifferent_access - end - - it 'parses out of attachment' do - allow(ProofProvider::Keybase::Worker).to receive(:perform_async) - - account = subject.call('alice', 'example.com', payload) - - expect(account.identity_proofs.count).to eq 1 - - proof = account.identity_proofs.first - - expect(proof.provider).to eq 'keybase' - expect(proof.provider_username).to eq 'Alice' - expect(proof.token).to eq 'a' * 66 - end - - it 'removes no longer present proofs' do - allow(ProofProvider::Keybase::Worker).to receive(:perform_async) - - account = Fabricate(:account, username: 'alice', domain: 'example.com') - old_proof = Fabricate(:account_identity_proof, account: account, provider: 'keybase', provider_username: 'Bob', token: 'b' * 66) - - subject.call('alice', 'example.com', payload) - - expect(account.identity_proofs.count).to eq 1 - expect(account.identity_proofs.find_by(id: old_proof.id)).to be_nil - end - - it 'queues a validity check on the proof' do - allow(ProofProvider::Keybase::Worker).to receive(:perform_async) - account = subject.call('alice', 'example.com', payload) - expect(ProofProvider::Keybase::Worker).to have_received(:perform_async) - end - end - context 'when account is not suspended' do let!(:account) { Fabricate(:account, username: 'alice', domain: 'example.com') } -- cgit