mastodon/spec/controllers/api/proofs_controller_spec.rb

require 'rails_helper'

describe Api::ProofsController do
  let(:alice) { Fabricate(:account, username: 'alice') }

  before do
    stub_request(:get, 'https://keybase.io/_/api/1.0/sig/proof_valid.json?domain=cb6e6126.ngrok.io&kb_username=crypto_alice&sig_hash=111111111111111111111111111111111111111111111111111111111111111111&username=alice').to_return(status: 200, body: '{"proof_valid":true,"proof_live":false}')
    stub_request(:get, 'https://keybase.io/_/api/1.0/sig/proof_live.json?domain=cb6e6126.ngrok.io&kb_username=crypto_alice&sig_hash=111111111111111111111111111111111111111111111111111111111111111111&username=alice').to_return(status: 200, body: '{"proof_valid":true,"proof_live":true}')
    stub_request(:get, 'https://keybase.io/_/api/1.0/sig/proof_valid.json?domain=cb6e6126.ngrok.io&kb_username=hidden_alice&sig_hash=222222222222222222222222222222222222222222222222222222222222222222&username=alice').to_return(status: 200, body: '{"proof_valid":true,"proof_live":true}')
    stub_request(:get, 'https://keybase.io/_/api/1.0/sig/proof_live.json?domain=cb6e6126.ngrok.io&kb_username=hidden_alice&sig_hash=222222222222222222222222222222222222222222222222222222222222222222&username=alice').to_return(status: 200, body: '{"proof_valid":true,"proof_live":true}')
  end

  describe 'GET #index' do
    describe 'with a non-existent username' do
      it '404s' do
        get :index, params: { username: 'nonexistent', provider: 'keybase' }

        expect(response).to have_http_status(:not_found)
      end
    end

    describe 'with a user that has no proofs' do
      it 'is an empty list of signatures' do
        get :index, params: { username: alice.username, provider: 'keybase' }

        expect(body_as_json[:signatures]).to eq []
      end
    end

    describe 'with a user that has a live, valid proof' do
      let(:token1) { '111111111111111111111111111111111111111111111111111111111111111111' }
      let(:kb_name1) { 'crypto_alice' }

      before do
        Fabricate(:account_identity_proof, account: alice, verified: true, live: true, token: token1, provider_username: kb_name1)
      end

      it 'is a list with that proof in it' do
        get :index, params: { username: alice.username, provider: 'keybase' }

        expect(body_as_json[:signatures]).to eq [
          { kb_username: kb_name1, sig_hash: token1 },
        ]
      end

      describe 'add one that is neither live nor valid' do
        let(:token2) { '222222222222222222222222222222222222222222222222222222222222222222' }
        let(:kb_name2) { 'hidden_alice' }

        before do
          Fabricate(:account_identity_proof, account: alice, verified: false, live: false, token: token2, provider_username: kb_name2)
        end

        it 'is a list with both proofs' do
          get :index, params: { username: alice.username, provider: 'keybase' }

          expect(body_as_json[:signatures]).to eq [
            { kb_username: kb_name1, sig_hash: token1 },
            { kb_username: kb_name2, sig_hash: token2 },
          ]
        end
      end
    end

    describe 'a user that has an avatar' do
      let(:alice) { Fabricate(:account, username: 'alice', avatar: attachment_fixture('avatar.gif')) }

      context 'and a proof' do
        let(:token1) { '111111111111111111111111111111111111111111111111111111111111111111' }
        let(:kb_name1) { 'crypto_alice' }

        before do
          Fabricate(:account_identity_proof, account: alice, verified: true, live: true, token: token1, provider_username: kb_name1)
          get :index, params: { username: alice.username, provider: 'keybase' }
        end

        it 'has two keys: signatures and avatar' do
          expect(body_as_json.keys).to match_array [:signatures, :avatar]
        end

        it 'has the correct signatures' do
          expect(body_as_json[:signatures]).to eq [
            { kb_username: kb_name1, sig_hash: token1 },
          ]
        end

        it 'has the correct avatar url' do
          expect(body_as_json[:avatar]).to match "https://cb6e6126.ngrok.io#{alice.avatar.url}"
        end
      end
    end
  end
end
Add Keybase integration (#10297) * create account_identity_proofs table * add endpoint for keybase to check local proofs * add async task to update validity and liveness of proofs from keybase * first pass keybase proof CRUD * second pass keybase proof creation * clean up proof list and add badges * add avatar url to keybase api * Always highlight the “Identity Proofs” navigation item when interacting with proofs. * Update translations. * Add profile URL. * Reorder proofs. * Add proofs to bio. * Update settings/identity_proofs front-end. * Use `link_to`. * Only encode query params if they exist. URLs without params had a trailing `?`. * Only show live proofs. * change valid to active in proof list and update liveness before displaying * minor fixes * add keybase config at well-known path * extremely naive feature flagging off the identity proof UI * fixes for rubocop * make identity proofs page resilient to potential keybase issues * normalize i18n * tweaks for brakeman * remove two unused translations * cleanup and add more localizations * make keybase_contacts an admin setting * fix ExternalProofService my_domain * use Addressable::URI in identity proofs * use active model serializer for keybase proof config * more cleanup of keybase proof config * rename proof is_valid and is_live to proof_valid and proof_live * cleanup * assorted tweaks for more robust communication with keybase * Clean up * Small fixes * Display verified identity identically to verified links * Clean up unused CSS * Add caching for Keybase avatar URLs * Remove keybase_contacts setting 2019-03-18 21:00:55 +01:00			`require 'rails_helper'`

			`describe Api::ProofsController do`
			`let(:alice) { Fabricate(:account, username: 'alice') }`

			`before do`
			`stub_request(:get, 'https://keybase.io/_/api/1.0/sig/proof_valid.json?domain=cb6e6126.ngrok.io&kb_username=crypto_alice&sig_hash=111111111111111111111111111111111111111111111111111111111111111111&username=alice').to_return(status: 200, body: '{"proof_valid":true,"proof_live":false}')`
			`stub_request(:get, 'https://keybase.io/_/api/1.0/sig/proof_live.json?domain=cb6e6126.ngrok.io&kb_username=crypto_alice&sig_hash=111111111111111111111111111111111111111111111111111111111111111111&username=alice').to_return(status: 200, body: '{"proof_valid":true,"proof_live":true}')`
			`stub_request(:get, 'https://keybase.io/_/api/1.0/sig/proof_valid.json?domain=cb6e6126.ngrok.io&kb_username=hidden_alice&sig_hash=222222222222222222222222222222222222222222222222222222222222222222&username=alice').to_return(status: 200, body: '{"proof_valid":true,"proof_live":true}')`
			`stub_request(:get, 'https://keybase.io/_/api/1.0/sig/proof_live.json?domain=cb6e6126.ngrok.io&kb_username=hidden_alice&sig_hash=222222222222222222222222222222222222222222222222222222222222222222&username=alice').to_return(status: 200, body: '{"proof_valid":true,"proof_live":true}')`
			`end`

			`describe 'GET #index' do`
			`describe 'with a non-existent username' do`
			`it '404s' do`
			`get :index, params: { username: 'nonexistent', provider: 'keybase' }`

			`expect(response).to have_http_status(:not_found)`
			`end`
			`end`

			`describe 'with a user that has no proofs' do`
			`it 'is an empty list of signatures' do`
			`get :index, params: { username: alice.username, provider: 'keybase' }`

			`expect(body_as_json[:signatures]).to eq []`
			`end`
			`end`

			`describe 'with a user that has a live, valid proof' do`
			`let(:token1) { '111111111111111111111111111111111111111111111111111111111111111111' }`
			`let(:kb_name1) { 'crypto_alice' }`

			`before do`
			`Fabricate(:account_identity_proof, account: alice, verified: true, live: true, token: token1, provider_username: kb_name1)`
			`end`

			`it 'is a list with that proof in it' do`
			`get :index, params: { username: alice.username, provider: 'keybase' }`

			`expect(body_as_json[:signatures]).to eq [`
			`{ kb_username: kb_name1, sig_hash: token1 },`
			`]`
			`end`

			`describe 'add one that is neither live nor valid' do`
			`let(:token2) { '222222222222222222222222222222222222222222222222222222222222222222' }`
			`let(:kb_name2) { 'hidden_alice' }`

			`before do`
			`Fabricate(:account_identity_proof, account: alice, verified: false, live: false, token: token2, provider_username: kb_name2)`
			`end`

			`it 'is a list with both proofs' do`
			`get :index, params: { username: alice.username, provider: 'keybase' }`

			`expect(body_as_json[:signatures]).to eq [`
			`{ kb_username: kb_name1, sig_hash: token1 },`
			`{ kb_username: kb_name2, sig_hash: token2 },`
			`]`
			`end`
			`end`
			`end`

			`describe 'a user that has an avatar' do`
			`let(:alice) { Fabricate(:account, username: 'alice', avatar: attachment_fixture('avatar.gif')) }`

			`context 'and a proof' do`
			`let(:token1) { '111111111111111111111111111111111111111111111111111111111111111111' }`
			`let(:kb_name1) { 'crypto_alice' }`

			`before do`
			`Fabricate(:account_identity_proof, account: alice, verified: true, live: true, token: token1, provider_username: kb_name1)`
			`get :index, params: { username: alice.username, provider: 'keybase' }`
			`end`

			`it 'has two keys: signatures and avatar' do`
			`expect(body_as_json.keys).to match_array [:signatures, :avatar]`
			`end`

			`it 'has the correct signatures' do`
			`expect(body_as_json[:signatures]).to eq [`
			`{ kb_username: kb_name1, sig_hash: token1 },`
			`]`
			`end`

			`it 'has the correct avatar url' do`
Fix base64-encoded file uploads not being possible (#12748) Fix #3804, Fix #5776 2020-01-04 01:54:07 +01:00			`expect(body_as_json[:avatar]).to match "https://cb6e6126.ngrok.io#{alice.avatar.url}"`
Add Keybase integration (#10297) * create account_identity_proofs table * add endpoint for keybase to check local proofs * add async task to update validity and liveness of proofs from keybase * first pass keybase proof CRUD * second pass keybase proof creation * clean up proof list and add badges * add avatar url to keybase api * Always highlight the “Identity Proofs” navigation item when interacting with proofs. * Update translations. * Add profile URL. * Reorder proofs. * Add proofs to bio. * Update settings/identity_proofs front-end. * Use `link_to`. * Only encode query params if they exist. URLs without params had a trailing `?`. * Only show live proofs. * change valid to active in proof list and update liveness before displaying * minor fixes * add keybase config at well-known path * extremely naive feature flagging off the identity proof UI * fixes for rubocop * make identity proofs page resilient to potential keybase issues * normalize i18n * tweaks for brakeman * remove two unused translations * cleanup and add more localizations * make keybase_contacts an admin setting * fix ExternalProofService my_domain * use Addressable::URI in identity proofs * use active model serializer for keybase proof config * more cleanup of keybase proof config * rename proof is_valid and is_live to proof_valid and proof_live * cleanup * assorted tweaks for more robust communication with keybase * Clean up * Small fixes * Display verified identity identically to verified links * Clean up unused CSS * Add caching for Keybase avatar URLs * Remove keybase_contacts setting 2019-03-18 21:00:55 +01:00			`end`
			`end`
			`end`
			`end`
			`end`