fix webfinger responses according to the specs (#2397)

* webfinger query with no resource should get 400 * check valid webfinger query * test webfinger query ... without acct: or with wrong server * add test for invalid user query from webfinger * reorder the tests to decouple from state cleanup
2022-12-08 01:26:06 +01:00 · 2022-12-08 01:26:06 +01:00 · 43560cc65b
commit 43560cc65b
parent 96bde6dec0
2 changed files with 28 additions and 4 deletions
--- a/activitypub/controllers/webfinger.go
+++ b/activitypub/controllers/webfinger.go
@ -30,6 +30,7 @@ func WebfingerHandler(w http.ResponseWriter, r *http.Request) {

 	userComponents := strings.Split(account, "@")
 	if len(userComponents) < 2 {
+		w.WriteHeader(http.StatusBadRequest)
 		return
 	}
 	host := userComponents[1]
@ -46,7 +47,7 @@ func WebfingerHandler(w http.ResponseWriter, r *http.Request) {
 	// should be rejected.
 	instanceHostString := data.GetServerURL()
 	if instanceHostString == "" {
-		w.WriteHeader(http.StatusNotImplemented)
+		w.WriteHeader(http.StatusNotFound)
 		return
 	}

--- a/test/automated/api/federation.test.js
+++ b/test/automated/api/federation.test.js
@ -8,6 +8,9 @@ request = request('http://127.0.0.1:8080');
 var ajv = new Ajv();
 var nodeInfoSchema = jsonfile.readFileSync('schema/nodeinfo_2.0.json');

+const serverURL = 'owncast.server.test'
+const fediUsername = 'streamer'
+
 test('disable federation', async (done) => {
 	const res = await sendConfigChangeRequest('federation/enable', false);
 	done();
@ -53,13 +56,33 @@ test('verify responses of /federation/ when federation is disabled', async (done
 	done();
 });

-test('enable federation', async (done) => {
-	const res = await sendConfigChangeRequest('federation/enable', true);
+test('set required parameters and enable federation', async (done) => {
+	const res1 = await sendConfigChangeRequest(
+		'serverurl',
+		serverURL
+	);
+	const res2 = await sendConfigChangeRequest(
+		'federation/username',
+		fediUsername
+	);
+	const res3 = await sendConfigChangeRequest('federation/enable', true);
 	done();
 });

 test('verify responses of /.well-known/webfinger when federation is enabled', async (done) => {
-	const res = request.get('/.well-known/webfinger').expect(200);
+	const resNoResource = request.get('/.well-known/webfinger').expect(400);
+	const resBadResource = request.get(
+		'/.well-known/webfinger?resource=' + fediUsername + '@' + serverURL
+	).expect(400);
+	const resBadServer = request.get(
+		'/.well-known/webfinger?resource=acct:' + fediUsername + '@not.my.server.lol'
+	).expect(404);
+	const resBadUser = request.get(
+		'/.well-known/webfinger?resource=acct:not' + fediUsername + '@' + serverURL
+	).expect(404);
+	const res = request.get(
+		'/.well-known/webfinger?resource=acct:' + fediUsername + '@' + serverURL
+	).expect(200);
 	done();
 });