funkwhale/api/tests/federation/test_authentication.py

from funkwhale_api.federation import authentication
from funkwhale_api.federation import keys
from funkwhale_api.federation import signing


def test_authenticate(factories, mocker, api_request):
    private, public = keys.get_key_pair()
    actor_url = 'https://test.federation/actor'
    mocker.patch(
        'funkwhale_api.federation.actors.get_actor_data',
        return_value={
            'id': actor_url,
            'outbox': 'https://test.com',
            'inbox': 'https://test.com',
            'publicKey': {
                'publicKeyPem': public.decode('utf-8'),
                'owner': actor_url,
                'id': actor_url + '#main-key',
            }
        })
    signed_request = factories['federation.SignedRequest'](
        auth__key=private,
        auth__key_id=actor_url + '#main-key',
        auth__headers=[
            'date',
        ]
    )
    prepared = signed_request.prepare()
    django_request = api_request.get(
        '/',
        **{
            'HTTP_DATE': prepared.headers['date'],
            'HTTP_SIGNATURE': prepared.headers['signature'],
        }
    )
    authenticator = authentication.SignatureAuthentication()
    user, _ = authenticator.authenticate(django_request)
    actor = django_request.actor

    assert user.is_anonymous is True
    assert actor.public_key == public.decode('utf-8')
    assert actor.url == actor_url