Skip to content
Extraits de code Groupes Projets
Non vérifiée Valider 4f9e560a rédigé par Benjamin Neff's avatar Benjamin Neff
Parcourir les fichiers

Use RFC 7033 webfinger from diaspora_federation gem

parent 283722a6
Aucune branche associée trouvée
Aucune étiquette associée trouvée
Aucune requête de fusion associée trouvée
Masquer les modifications d'espaces
En ligne Côte à côte
app/controllers/api/openid_connect/discovery_controller.rb
+ 0
11
Voir le fichier @ 4f9e560a
...@@ -24,17 +24,6 @@ ...@@ -24,17 +24,6 @@
module Api module Api
module OpenidConnect module OpenidConnect
class DiscoveryController < ApplicationController class DiscoveryController < ApplicationController
def webfinger
jrd = {
links: [{
rel: OpenIDConnect::Discovery::Provider::Issuer::REL_VALUE,
href: root_url
}]
}
jrd[:subject] = params[:resource] if params[:resource].present?
render json: jrd, content_type: "application/jrd+json"
end
def configuration def configuration
render json: OpenIDConnect::Discovery::Provider::Config::Response.new( render json: OpenIDConnect::Discovery::Provider::Config::Response.new(
issuer: root_url, issuer: root_url,
......
config/initializers/diaspora_federation.rb
+ 16
8
Voir le fichier @ 4f9e560a
...@@ -13,14 +13,22 @@ DiasporaFederation.configure do |config| ...@@ -13,14 +13,22 @@ DiasporaFederation.configure do |config|
person = Person.where(diaspora_handle: diaspora_id, closed_account: false).where.not(owner: nil).first person = Person.where(diaspora_handle: diaspora_id, closed_account: false).where.not(owner: nil).first
if person if person
DiasporaFederation::Discovery::WebFinger.new( DiasporaFederation::Discovery::WebFinger.new(
acct_uri: "acct:#{person.diaspora_handle}", {
alias_url: AppConfig.url_to("/people/#{person.guid}"), acct_uri: "acct:#{person.diaspora_handle}",
hcard_url: AppConfig.url_to(DiasporaFederation::Engine.routes.url_helpers.hcard_path(person.guid)), hcard_url: AppConfig.url_to(DiasporaFederation::Engine.routes.url_helpers.hcard_path(person.guid)),
seed_url: AppConfig.pod_uri, seed_url: AppConfig.pod_uri,
profile_url: person.profile_url, profile_url: person.profile_url,
atom_url: person.atom_url, atom_url: person.atom_url,
salmon_url: person.receive_url, salmon_url: person.receive_url,
subscribe_url: AppConfig.url_to("/people?q={uri}") subscribe_url: AppConfig.url_to("/people?q={uri}")
},
aliases: [AppConfig.url_to("/people/#{person.guid}")],
links: [
{
rel: OpenIDConnect::Discovery::Provider::Issuer::REL_VALUE,
href: Rails.application.routes.url_helpers.root_url
}
]
) )
end end
end end
......
config/routes.rb
+ 0
1
Voir le fichier @ 4f9e560a
...@@ -230,6 +230,5 @@ Diaspora::Application.routes.draw do ...@@ -230,6 +230,5 @@ Diaspora::Application.routes.draw do
end end
end end
get ".well-known/webfinger", to: "api/openid_connect/discovery#webfinger"
get ".well-known/openid-configuration", to: "api/openid_connect/discovery#configuration" get ".well-known/openid-configuration", to: "api/openid_connect/discovery#configuration"
end end
spec/controllers/api/openid_connect/discovery_controller_spec.rb
+ 0
16
Voir le fichier @ 4f9e560a
describe Api::OpenidConnect::DiscoveryController, type: :controller do describe Api::OpenidConnect::DiscoveryController, type: :controller do
describe "#webfinger" do
before do
get :webfinger, resource: "http://example.com/bob"
end
it "should return a url to the openid-configuration" do
json_body = JSON.parse(response.body)
expect(json_body["links"].first["href"]).to eq(root_url)
end
it "should return the resource in the subject" do
json_body = JSON.parse(response.body)
expect(json_body["subject"]).to eq("http://example.com/bob")
end
end
describe "#configuration" do describe "#configuration" do
before do before do
get :configuration get :configuration
......
spec/federation_callbacks_spec.rb
+ 8
1
Voir le fichier @ 4f9e560a
...@@ -6,7 +6,6 @@ describe "diaspora federation callbacks" do ...@@ -6,7 +6,6 @@ describe "diaspora federation callbacks" do
person = alice.person person = alice.person
wf = DiasporaFederation.callbacks.trigger(:fetch_person_for_webfinger, alice.diaspora_handle) wf = DiasporaFederation.callbacks.trigger(:fetch_person_for_webfinger, alice.diaspora_handle)
expect(wf.acct_uri).to eq("acct:#{person.diaspora_handle}") expect(wf.acct_uri).to eq("acct:#{person.diaspora_handle}")
expect(wf.alias_url).to eq(AppConfig.url_to("/people/#{person.guid}"))
expect(wf.hcard_url).to eq(AppConfig.url_to("/hcard/users/#{person.guid}")) expect(wf.hcard_url).to eq(AppConfig.url_to("/hcard/users/#{person.guid}"))
expect(wf.seed_url).to eq(AppConfig.pod_uri) expect(wf.seed_url).to eq(AppConfig.pod_uri)
expect(wf.profile_url).to eq(person.profile_url) expect(wf.profile_url).to eq(person.profile_url)
...@@ -15,6 +14,14 @@ describe "diaspora federation callbacks" do ...@@ -15,6 +14,14 @@ describe "diaspora federation callbacks" do
expect(wf.subscribe_url).to eq(AppConfig.url_to("/people?q={uri}")) expect(wf.subscribe_url).to eq(AppConfig.url_to("/people?q={uri}"))
end end
it "contains the OpenID issuer" do
wf = DiasporaFederation.callbacks.trigger(:fetch_person_for_webfinger, alice.diaspora_handle)
links = wf.additional_data[:links]
openid_issuer = links.find {|l| l[:rel] == OpenIDConnect::Discovery::Provider::Issuer::REL_VALUE }
expect(openid_issuer).not_to be_nil
expect(openid_issuer[:href]).to eq(Rails.application.routes.url_helpers.root_url)
end
it "returns nil if the person was not found" do it "returns nil if the person was not found" do
wf = DiasporaFederation.callbacks.trigger(:fetch_person_for_webfinger, "unknown@example.com") wf = DiasporaFederation.callbacks.trigger(:fetch_person_for_webfinger, "unknown@example.com")
expect(wf).to be_nil expect(wf).to be_nil
......
spec/models/api/openid_connect/id_token_spec.rb
+ 4
10
Voir le fichier @ 4f9e560a
...@@ -7,19 +7,13 @@ describe Api::OpenidConnect::IdToken, type: :model do ...@@ -7,19 +7,13 @@ describe Api::OpenidConnect::IdToken, type: :model do
let(:decoded_hash) { let(:decoded_hash) {
JSON::JWT.decode(id_token.to_jwt, Api::OpenidConnect::IdTokenConfig::PRIVATE_KEY) JSON::JWT.decode(id_token.to_jwt, Api::OpenidConnect::IdTokenConfig::PRIVATE_KEY)
} }
let(:discovery_controller) { let(:webfinger) {
Api::OpenidConnect::DiscoveryController.new.tap {|controller| DiasporaFederation.callbacks.trigger(:fetch_person_for_webfinger, alice.diaspora_handle).to_json
controller.request = ActionController::TestRequest.new
controller.request.host = AppConfig.pod_uri.authority
controller.response = ActionController::TestResponse.new
}
}
let(:openid_webfinger) {
JSON.parse(discovery_controller.webfinger[0])
} }
it "issuer value must much the one we provided in OpenID discovery routine" do it "issuer value must much the one we provided in OpenID discovery routine" do
expect(decoded_hash["iss"]).to eq(openid_webfinger["links"][0]["href"]) openid_issuer = webfinger[:links].find {|l| l[:rel] == OpenIDConnect::Discovery::Provider::Issuer::REL_VALUE }
expect(decoded_hash["iss"]).to eq(openid_issuer[:href])
end end
end end
end end
......
0% ou .
You are about to add 0 people to the discussion. Proceed with caution.
Terminez d'abord l'édition de ce message.
Veuillez vous inscrire ou vous pour commenter