tests/proxy.rs at 6f959c6c1b6e9ee99e7f6e49c3fc78a4affe0491 · lewis.moe/bspds-sandbox

lewis.moe / bspds-sandbox
this repo has no description
bspds-sandbox / tests / proxy.rs
at 6f959c6c1b6e9ee99e7f6e49c3fc78a4affe0491 5.2 kB view raw
  1mod common;
  2use axum::{Router, extract::Request, http::StatusCode, routing::any};
  3use base64::{Engine as _, engine::general_purpose::URL_SAFE_NO_PAD};
  4use reqwest::Client;
  5use std::sync::Arc;
  6use tokio::net::TcpListener;
  7async fn spawn_mock_upstream() -> (
  8    String,
  9    tokio::sync::mpsc::Receiver<(String, String, Option<String>)>,
 10) {
 11    let (tx, rx) = tokio::sync::mpsc::channel(10);
 12    let tx = Arc::new(tx);
 13    let app = Router::new().fallback(any(move |req: Request| {
 14        let tx = tx.clone();
 15        async move {
 16            let method = req.method().to_string();
 17            let uri = req.uri().to_string();
 18            let auth = req
 19                .headers()
 20                .get("Authorization")
 21                .and_then(|h| h.to_str().ok())
 22                .map(|s| s.to_string());
 23            let _ = tx.send((method, uri, auth)).await;
 24            (StatusCode::OK, "Mock Response")
 25        }
 26    }));
 27    let listener = TcpListener::bind("127.0.0.1:0").await.unwrap();
 28    let addr = listener.local_addr().unwrap();
 29    tokio::spawn(async move {
 30        axum::serve(listener, app).await.unwrap();
 31    });
 32    (format!("http://{}", addr), rx)
 33}
 34#[tokio::test]
 35async fn test_proxy_via_header() {
 36    let app_url = common::base_url().await;
 37    let (upstream_url, mut rx) = spawn_mock_upstream().await;
 38    let client = Client::new();
 39    let res = client
 40        .get(format!("{}/xrpc/com.example.test", app_url))
 41        .header("atproto-proxy", &upstream_url)
 42        .header("Authorization", "Bearer test-token")
 43        .send()
 44        .await
 45        .unwrap();
 46    assert_eq!(res.status(), StatusCode::OK);
 47    let (method, uri, auth) = rx.recv().await.expect("Upstream should receive request");
 48    assert_eq!(method, "GET");
 49    assert_eq!(uri, "/xrpc/com.example.test");
 50    assert_eq!(auth, Some("Bearer test-token".to_string()));
 51}
 52#[tokio::test]
 53async fn test_proxy_auth_signing() {
 54    let app_url = common::base_url().await;
 55    let (upstream_url, mut rx) = spawn_mock_upstream().await;
 56    let client = Client::new();
 57    let (access_jwt, did) = common::create_account_and_login(&client).await;
 58    let res = client
 59        .get(format!("{}/xrpc/com.example.signed", app_url))
 60        .header("atproto-proxy", &upstream_url)
 61        .header("Authorization", format!("Bearer {}", access_jwt))
 62        .send()
 63        .await
 64        .unwrap();
 65    assert_eq!(res.status(), StatusCode::OK);
 66    let (method, uri, auth) = rx.recv().await.expect("Upstream receive");
 67    assert_eq!(method, "GET");
 68    assert_eq!(uri, "/xrpc/com.example.signed");
 69    let received_token = auth.expect("No auth header").replace("Bearer ", "");
 70    assert_ne!(received_token, access_jwt, "Token should be replaced");
 71    let parts: Vec<&str> = received_token.split('.').collect();
 72    assert_eq!(parts.len(), 3);
 73    let payload_bytes = URL_SAFE_NO_PAD.decode(parts[1]).expect("payload b64");
 74    let claims: serde_json::Value = serde_json::from_slice(&payload_bytes).expect("payload json");
 75    assert_eq!(claims["iss"], did);
 76    assert_eq!(claims["sub"], did);
 77    assert_eq!(claims["aud"], upstream_url);
 78    assert_eq!(claims["lxm"], "com.example.signed");
 79}
 80#[tokio::test]
 81async fn test_proxy_post_with_body() {
 82    let app_url = common::base_url().await;
 83    let (upstream_url, mut rx) = spawn_mock_upstream().await;
 84    let client = Client::new();
 85    let payload = serde_json::json!({
 86        "text": "Hello from proxy test",
 87        "createdAt": "2024-01-01T00:00:00Z"
 88    });
 89    let res = client
 90        .post(format!("{}/xrpc/com.example.postMethod", app_url))
 91        .header("atproto-proxy", &upstream_url)
 92        .header("Authorization", "Bearer test-token")
 93        .json(&payload)
 94        .send()
 95        .await
 96        .unwrap();
 97    assert_eq!(res.status(), StatusCode::OK);
 98    let (method, uri, auth) = rx.recv().await.expect("Upstream should receive request");
 99    assert_eq!(method, "POST");
100    assert_eq!(uri, "/xrpc/com.example.postMethod");
101    assert_eq!(auth, Some("Bearer test-token".to_string()));
102}
103#[tokio::test]
104async fn test_proxy_with_query_params() {
105    let app_url = common::base_url().await;
106    let (upstream_url, mut rx) = spawn_mock_upstream().await;
107    let client = Client::new();
108    let res = client
109        .get(format!(
110            "{}/xrpc/com.example.query?repo=did:plc:test&collection=app.bsky.feed.post&limit=50",
111            app_url
112        ))
113        .header("atproto-proxy", &upstream_url)
114        .header("Authorization", "Bearer test-token")
115        .send()
116        .await
117        .unwrap();
118    assert_eq!(res.status(), StatusCode::OK);
119    let (method, uri, _auth) = rx.recv().await.expect("Upstream should receive request");
120    assert_eq!(method, "GET");
121    assert!(
122        uri.contains("repo=did") || uri.contains("repo=did%3Aplc%3Atest"),
123        "URI should contain repo param, got: {}",
124        uri
125    );
126    assert!(
127        uri.contains("collection=app.bsky.feed.post") || uri.contains("collection=app.bsky"),
128        "URI should contain collection param, got: {}",
129        uri
130    );
131    assert!(
132        uri.contains("limit=50"),
133        "URI should contain limit param, got: {}",
134        uri
135    );
136}