diff --git a/app/controllers/api/openid_connect/discovery_controller.rb b/app/controllers/api/openid_connect/discovery_controller.rb index 19c9001b4..f648e3566 100644 --- a/app/controllers/api/openid_connect/discovery_controller.rb +++ b/app/controllers/api/openid_connect/discovery_controller.rb @@ -24,17 +24,6 @@ module Api module OpenidConnect class DiscoveryController < ApplicationController - def webfinger - jrd = { - links: [{ - rel: OpenIDConnect::Discovery::Provider::Issuer::REL_VALUE, - href: root_url - }] - } - jrd[:subject] = params[:resource] if params[:resource].present? - render json: jrd, content_type: "application/jrd+json" - end - def configuration render json: OpenIDConnect::Discovery::Provider::Config::Response.new( issuer: root_url, diff --git a/config/initializers/diaspora_federation.rb b/config/initializers/diaspora_federation.rb index 5acd33085..e9270d469 100644 --- a/config/initializers/diaspora_federation.rb +++ b/config/initializers/diaspora_federation.rb @@ -13,14 +13,22 @@ DiasporaFederation.configure do |config| person = Person.where(diaspora_handle: diaspora_id, closed_account: false).where.not(owner: nil).first if person DiasporaFederation::Discovery::WebFinger.new( - acct_uri: "acct:#{person.diaspora_handle}", - alias_url: AppConfig.url_to("/people/#{person.guid}"), - hcard_url: AppConfig.url_to(DiasporaFederation::Engine.routes.url_helpers.hcard_path(person.guid)), - seed_url: AppConfig.pod_uri, - profile_url: person.profile_url, - atom_url: person.atom_url, - salmon_url: person.receive_url, - subscribe_url: AppConfig.url_to("/people?q={uri}") + { + acct_uri: "acct:#{person.diaspora_handle}", + hcard_url: AppConfig.url_to(DiasporaFederation::Engine.routes.url_helpers.hcard_path(person.guid)), + seed_url: AppConfig.pod_uri, + profile_url: person.profile_url, + atom_url: person.atom_url, + salmon_url: person.receive_url, + subscribe_url: AppConfig.url_to("/people?q={uri}") + }, + aliases: [AppConfig.url_to("/people/#{person.guid}")], + links: [ + { + rel: OpenIDConnect::Discovery::Provider::Issuer::REL_VALUE, + href: Rails.application.routes.url_helpers.root_url + } + ] ) end end diff --git a/config/routes.rb b/config/routes.rb index a4313011d..355154a6f 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -230,6 +230,5 @@ Diaspora::Application.routes.draw do end end - get ".well-known/webfinger", to: "api/openid_connect/discovery#webfinger" get ".well-known/openid-configuration", to: "api/openid_connect/discovery#configuration" end diff --git a/spec/controllers/api/openid_connect/discovery_controller_spec.rb b/spec/controllers/api/openid_connect/discovery_controller_spec.rb index 9d2ff4526..73d6e51fd 100644 --- a/spec/controllers/api/openid_connect/discovery_controller_spec.rb +++ b/spec/controllers/api/openid_connect/discovery_controller_spec.rb @@ -1,20 +1,4 @@ describe Api::OpenidConnect::DiscoveryController, type: :controller do - describe "#webfinger" do - before do - get :webfinger, resource: "http://example.com/bob" - end - - it "should return a url to the openid-configuration" do - json_body = JSON.parse(response.body) - expect(json_body["links"].first["href"]).to eq(root_url) - end - - it "should return the resource in the subject" do - json_body = JSON.parse(response.body) - expect(json_body["subject"]).to eq("http://example.com/bob") - end - end - describe "#configuration" do before do get :configuration diff --git a/spec/federation_callbacks_spec.rb b/spec/federation_callbacks_spec.rb index 33040b30c..7a5ddb58e 100644 --- a/spec/federation_callbacks_spec.rb +++ b/spec/federation_callbacks_spec.rb @@ -6,7 +6,6 @@ describe "diaspora federation callbacks" do person = alice.person wf = DiasporaFederation.callbacks.trigger(:fetch_person_for_webfinger, alice.diaspora_handle) expect(wf.acct_uri).to eq("acct:#{person.diaspora_handle}") - expect(wf.alias_url).to eq(AppConfig.url_to("/people/#{person.guid}")) expect(wf.hcard_url).to eq(AppConfig.url_to("/hcard/users/#{person.guid}")) expect(wf.seed_url).to eq(AppConfig.pod_uri) expect(wf.profile_url).to eq(person.profile_url) @@ -15,6 +14,14 @@ describe "diaspora federation callbacks" do expect(wf.subscribe_url).to eq(AppConfig.url_to("/people?q={uri}")) end + it "contains the OpenID issuer" do + wf = DiasporaFederation.callbacks.trigger(:fetch_person_for_webfinger, alice.diaspora_handle) + links = wf.additional_data[:links] + openid_issuer = links.find {|l| l[:rel] == OpenIDConnect::Discovery::Provider::Issuer::REL_VALUE } + expect(openid_issuer).not_to be_nil + expect(openid_issuer[:href]).to eq(Rails.application.routes.url_helpers.root_url) + end + it "returns nil if the person was not found" do wf = DiasporaFederation.callbacks.trigger(:fetch_person_for_webfinger, "unknown@example.com") expect(wf).to be_nil diff --git a/spec/models/api/openid_connect/id_token_spec.rb b/spec/models/api/openid_connect/id_token_spec.rb index 7c85c3cb4..154bbd90f 100644 --- a/spec/models/api/openid_connect/id_token_spec.rb +++ b/spec/models/api/openid_connect/id_token_spec.rb @@ -7,19 +7,13 @@ describe Api::OpenidConnect::IdToken, type: :model do let(:decoded_hash) { JSON::JWT.decode(id_token.to_jwt, Api::OpenidConnect::IdTokenConfig::PRIVATE_KEY) } - let(:discovery_controller) { - Api::OpenidConnect::DiscoveryController.new.tap {|controller| - controller.request = ActionController::TestRequest.new - controller.request.host = AppConfig.pod_uri.authority - controller.response = ActionController::TestResponse.new - } - } - let(:openid_webfinger) { - JSON.parse(discovery_controller.webfinger[0]) + let(:webfinger) { + DiasporaFederation.callbacks.trigger(:fetch_person_for_webfinger, alice.diaspora_handle).to_json } it "issuer value must much the one we provided in OpenID discovery routine" do - expect(decoded_hash["iss"]).to eq(openid_webfinger["links"][0]["href"]) + openid_issuer = webfinger[:links].find {|l| l[:rel] == OpenIDConnect::Discovery::Provider::Issuer::REL_VALUE } + expect(decoded_hash["iss"]).to eq(openid_issuer[:href]) end end end