code.gitea.io/gitea@v1.21.7/tests/integration/api_gpg_keys_test.go (about) 1 // Copyright 2017 The Gogs Authors. All rights reserved. 2 // SPDX-License-Identifier: MIT 3 4 package integration 5 6 import ( 7 "net/http" 8 "net/http/httptest" 9 "strconv" 10 "testing" 11 12 auth_model "code.gitea.io/gitea/models/auth" 13 api "code.gitea.io/gitea/modules/structs" 14 "code.gitea.io/gitea/tests" 15 16 "github.com/stretchr/testify/assert" 17 ) 18 19 type makeRequestFunc func(testing.TB, *http.Request, int) *httptest.ResponseRecorder 20 21 func TestGPGKeys(t *testing.T) { 22 defer tests.PrepareTestEnv(t)() 23 session := loginUser(t, "user2") 24 token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeWriteRepository) 25 tokenWithGPGKeyScope := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeWriteRepository, auth_model.AccessTokenScopeWriteUser) 26 27 tt := []struct { 28 name string 29 makeRequest makeRequestFunc 30 token string 31 results []int 32 }{ 33 { 34 name: "NoLogin", makeRequest: MakeRequest, token: "", 35 results: []int{http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized}, 36 }, 37 { 38 name: "LoggedAsUser2", makeRequest: session.MakeRequest, token: token, 39 results: []int{http.StatusForbidden, http.StatusForbidden, http.StatusForbidden, http.StatusForbidden, http.StatusForbidden, http.StatusForbidden, http.StatusForbidden, http.StatusForbidden, http.StatusForbidden}, 40 }, 41 { 42 name: "LoggedAsUser2WithScope", makeRequest: session.MakeRequest, token: tokenWithGPGKeyScope, 43 results: []int{http.StatusOK, http.StatusOK, http.StatusNotFound, http.StatusNoContent, http.StatusUnprocessableEntity, http.StatusNotFound, http.StatusCreated, http.StatusNotFound, http.StatusCreated}, 44 }, 45 } 46 47 for _, tc := range tt { 48 // Basic test on result code 49 t.Run(tc.name, func(t *testing.T) { 50 t.Run("ViewOwnGPGKeys", func(t *testing.T) { 51 testViewOwnGPGKeys(t, tc.makeRequest, tc.token, tc.results[0]) 52 }) 53 t.Run("ViewGPGKeys", func(t *testing.T) { 54 testViewGPGKeys(t, tc.makeRequest, tc.token, tc.results[1]) 55 }) 56 t.Run("GetGPGKey", func(t *testing.T) { 57 testGetGPGKey(t, tc.makeRequest, tc.token, tc.results[2]) 58 }) 59 t.Run("DeleteGPGKey", func(t *testing.T) { 60 testDeleteGPGKey(t, tc.makeRequest, tc.token, tc.results[3]) 61 }) 62 63 t.Run("CreateInvalidGPGKey", func(t *testing.T) { 64 testCreateInvalidGPGKey(t, tc.makeRequest, tc.token, tc.results[4]) 65 }) 66 t.Run("CreateNoneRegistredEmailGPGKey", func(t *testing.T) { 67 testCreateNoneRegistredEmailGPGKey(t, tc.makeRequest, tc.token, tc.results[5]) 68 }) 69 t.Run("CreateValidGPGKey", func(t *testing.T) { 70 testCreateValidGPGKey(t, tc.makeRequest, tc.token, tc.results[6]) 71 }) 72 t.Run("CreateValidSecondaryEmailGPGKeyNotActivated", func(t *testing.T) { 73 testCreateValidSecondaryEmailGPGKey(t, tc.makeRequest, tc.token, tc.results[7]) 74 }) 75 }) 76 } 77 78 // Check state after basic add 79 t.Run("CheckState", func(t *testing.T) { 80 var keys []*api.GPGKey 81 82 req := NewRequest(t, "GET", "/api/v1/user/gpg_keys?token="+tokenWithGPGKeyScope) // GET all keys 83 resp := MakeRequest(t, req, http.StatusOK) 84 DecodeJSON(t, resp, &keys) 85 assert.Len(t, keys, 1) 86 87 primaryKey1 := keys[0] // Primary key 1 88 assert.EqualValues(t, "38EA3BCED732982C", primaryKey1.KeyID) 89 assert.Len(t, primaryKey1.Emails, 1) 90 assert.EqualValues(t, "user2@example.com", primaryKey1.Emails[0].Email) 91 assert.True(t, primaryKey1.Emails[0].Verified) 92 93 subKey := primaryKey1.SubsKey[0] // Subkey of 38EA3BCED732982C 94 assert.EqualValues(t, "70D7C694D17D03AD", subKey.KeyID) 95 assert.Empty(t, subKey.Emails) 96 97 var key api.GPGKey 98 req = NewRequest(t, "GET", "/api/v1/user/gpg_keys/"+strconv.FormatInt(primaryKey1.ID, 10)+"?token="+tokenWithGPGKeyScope) // Primary key 1 99 resp = MakeRequest(t, req, http.StatusOK) 100 DecodeJSON(t, resp, &key) 101 assert.EqualValues(t, "38EA3BCED732982C", key.KeyID) 102 assert.Len(t, key.Emails, 1) 103 assert.EqualValues(t, "user2@example.com", key.Emails[0].Email) 104 assert.True(t, key.Emails[0].Verified) 105 106 req = NewRequest(t, "GET", "/api/v1/user/gpg_keys/"+strconv.FormatInt(subKey.ID, 10)+"?token="+tokenWithGPGKeyScope) // Subkey of 38EA3BCED732982C 107 resp = MakeRequest(t, req, http.StatusOK) 108 DecodeJSON(t, resp, &key) 109 assert.EqualValues(t, "70D7C694D17D03AD", key.KeyID) 110 assert.Empty(t, key.Emails) 111 }) 112 113 // Check state after basic add 114 t.Run("CheckCommits", func(t *testing.T) { 115 t.Run("NotSigned", func(t *testing.T) { 116 var branch api.Branch 117 req := NewRequest(t, "GET", "/api/v1/repos/user2/repo16/branches/not-signed?token="+token) 118 resp := MakeRequest(t, req, http.StatusOK) 119 DecodeJSON(t, resp, &branch) 120 assert.False(t, branch.Commit.Verification.Verified) 121 }) 122 123 t.Run("SignedWithNotValidatedEmail", func(t *testing.T) { 124 var branch api.Branch 125 req := NewRequest(t, "GET", "/api/v1/repos/user2/repo16/branches/good-sign-not-yet-validated?token="+token) 126 resp := MakeRequest(t, req, http.StatusOK) 127 DecodeJSON(t, resp, &branch) 128 assert.False(t, branch.Commit.Verification.Verified) 129 }) 130 131 t.Run("SignedWithValidEmail", func(t *testing.T) { 132 var branch api.Branch 133 req := NewRequest(t, "GET", "/api/v1/repos/user2/repo16/branches/good-sign?token="+token) 134 resp := MakeRequest(t, req, http.StatusOK) 135 DecodeJSON(t, resp, &branch) 136 assert.True(t, branch.Commit.Verification.Verified) 137 }) 138 }) 139 } 140 141 func testViewOwnGPGKeys(t *testing.T, makeRequest makeRequestFunc, token string, expected int) { 142 req := NewRequest(t, "GET", "/api/v1/user/gpg_keys?token="+token) 143 makeRequest(t, req, expected) 144 } 145 146 func testViewGPGKeys(t *testing.T, makeRequest makeRequestFunc, token string, expected int) { 147 req := NewRequest(t, "GET", "/api/v1/users/user2/gpg_keys?token="+token) 148 makeRequest(t, req, expected) 149 } 150 151 func testGetGPGKey(t *testing.T, makeRequest makeRequestFunc, token string, expected int) { 152 req := NewRequest(t, "GET", "/api/v1/user/gpg_keys/1?token="+token) 153 makeRequest(t, req, expected) 154 } 155 156 func testDeleteGPGKey(t *testing.T, makeRequest makeRequestFunc, token string, expected int) { 157 req := NewRequest(t, "DELETE", "/api/v1/user/gpg_keys/1?token="+token) 158 makeRequest(t, req, expected) 159 } 160 161 func testCreateGPGKey(t *testing.T, makeRequest makeRequestFunc, token string, expected int, publicKey string) { 162 req := NewRequestWithJSON(t, "POST", "/api/v1/user/gpg_keys?token="+token, api.CreateGPGKeyOption{ 163 ArmoredKey: publicKey, 164 }) 165 makeRequest(t, req, expected) 166 } 167 168 func testCreateInvalidGPGKey(t *testing.T, makeRequest makeRequestFunc, token string, expected int) { 169 testCreateGPGKey(t, makeRequest, token, expected, "invalid_key") 170 } 171 172 func testCreateNoneRegistredEmailGPGKey(t *testing.T, makeRequest makeRequestFunc, token string, expected int) { 173 testCreateGPGKey(t, makeRequest, token, expected, `-----BEGIN PGP PUBLIC KEY BLOCK----- 174 175 mQENBFmGUygBCACjCNbKvMGgp0fd5vyFW9olE1CLCSyyF9gQN2hSuzmZLuAZF2Kh 176 dCMCG2T1UwzUB/yWUFWJ2BtCwSjuaRv+cGohqEy6bhEBV90peGA33lHfjx7wP25O 177 7moAphDOTZtDj1AZfCh/PTcJut8Lc0eRDMhNyp/bYtO7SHNT1Hr6rrCV/xEtSAvR 178 3b148/tmIBiSadaLwc558KU3ucjnW5RVGins3AjBZ+TuT4XXVH/oeLSeXPSJ5rt1 179 rHwaseslMqZ4AbvwFLx5qn1OC9rEQv/F548QsA8m0IntLjoPon+6wcubA9Gra21c 180 Fp6aRYl9x7fiqXDLg8i3s2nKdV7+e6as6Tp9ABEBAAG0FG5vdGtub3duQGV4YW1w 181 bGUuY29tiQEcBBABAgAGBQJZhlMoAAoJEC8+pvYULDtte/wH/2JNrhmHwDY+hMj0 182 batIK4HICnkKxjIgbha80P2Ao08NkzSge58fsxiKDFYAQjHui+ZAw4dq79Ax9AOO 183 Iv2GS9+DUfWhrb6RF+vNuJldFzcI0rTW/z2q+XGKrUCwN3khJY5XngHfQQrdBtMK 184 qsoUXz/5B8g422RTbo/SdPsyYAV6HeLLeV3rdgjI1fpaW0seZKHeTXQb/HvNeuPg 185 qz+XV1g6Gdqa1RjDOaX7A8elVKxrYq3LBtc93FW+grBde8n7JL0zPM3DY+vJ0IJZ 186 INx/MmBfmtCq05FqNclvU+sj2R3N1JJOtBOjZrJHQbJhzoILou8AkxeX1A+q9OAz 187 1geiY5E= 188 =TkP3 189 -----END PGP PUBLIC KEY BLOCK-----`) 190 } 191 192 func testCreateValidGPGKey(t *testing.T, makeRequest makeRequestFunc, token string, expected int) { 193 // User2 <user2@example.com> //primary & activated 194 testCreateGPGKey(t, makeRequest, token, expected, `-----BEGIN PGP PUBLIC KEY BLOCK----- 195 196 mQENBFmGVsMBCACuxgZ7W7rI9xN08Y4M7B8yx/6/I4Slm94+wXf8YNRvAyqj30dW 197 VJhyBcnfNRDLKSQp5o/hhfDkCgdqBjLa1PnHlGS3PXJc0hP/FyYPD2BFvNMPpCYS 198 eu3T1qKSNXm6X0XOWD2LIrdiDC8HaI9FqZVMI/srMK2CF8XCL2m67W1FuoPlWzod 199 5ORy0IZB7spoF0xihmcgnEGElRmdo5w/vkGH8U7Zyn9Eb57UVFeafgeskf4wqB23 200 BjbMdW2YaB+yzMRwYgOnD5lnBD4uqSmvjaV9C0kxn7x+oJkkiRV8/z1cNcO+BaeQ 201 Akh/yTTeTzYGSc/ZOqCX1O+NOPgSeixVlqenABEBAAG0GVVzZXIyIDx1c2VyMkBl 202 eGFtcGxlLmNvbT6JAVQEEwEIAD4WIQRXgbSh0TtGbgRd7XI46jvO1zKYLAUCWYZW 203 wwIbAwUJA8JnAAULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgAAKCRA46jvO1zKYLF/e 204 B/91wm2KLMIQBZBA9WA2/+9rQWTo9EqgYrXN60rEzX3cYJWXZiE4DrKR1oWDGNLi 205 KXOCW62snvJldolBqq0ZqaKvPKzl0Y5TRqbYEc9AjUSqgRin1b+G2DevLGT4ibq+ 206 7ocQvz0XkASEUAgHahp0Ubiiib1521WwT/duL+AG8Gg0+DK09RfV3eX5/EOkQCKv 207 8cutqgsd2Smz40A8wXuJkRcipZBtrB/GkUaZ/eJdwEeSYZjEA9GWF61LJT2stvRN 208 HCk7C3z3pVEek1PluiFs/4VN8BG8yDzW4c0tLty4Fj3VwPqwIbB5AJbquVfhQCb4 209 Eep2lm3Lc9b1OwO5N3coPJkouQENBFmGVsMBCADAGba2L6NCOE1i3WIP6CPzbdOo 210 N3gdTfTgccAx9fNeon9jor+3tgEjlo9/6cXiRoksOV6W4wFab/ZwWgwN6JO4CGvZ 211 Wi7EQwMMMp1E36YTojKQJrcA9UvMnTHulqQQ88F5E845DhzFQM3erv42QZZMBAX3 212 kXCgy1GNFocl6tLUvJdEqs+VcJGGANMpmzE4WLa8KhSYnxipwuQ62JBy9R+cHyKT 213 OARk8znRqSu5bT3LtlrZ/HXu+6Oy4+2uCdNzZIh5J5tPS7CPA6ptl88iGVBte/CJ 214 7cjgJWSQqeYp2Y5QvsWAivkQ4Ww9plHbbwV0A2eaHsjjWzlUl3HoJ/snMOhBABEB 215 AAGJATwEGAEIACYWIQRXgbSh0TtGbgRd7XI46jvO1zKYLAUCWYZWwwIbDAUJA8Jn 216 AAAKCRA46jvO1zKYLBwLCACQOpeRVrwIKVaWcPMYjVHHJsGscaLKpgpARAUgbiG6 217 Cbc2WI8Sm3fRwrY0VAfN+u9QwrtvxANcyB3vTgTzw7FimfhOimxiTSO8HQCfjDZF 218 Xly8rq+Fua7+ClWUpy21IekW41VvZYjH2sL6EVP+UcEOaGAyN53XfhaRVZPhNtZN 219 NKAE9N5EG3rbsZ33LzJj40rEKlzFSseAAPft8qA3IXjzFBx+PQXHMpNCagL79he6 220 lqockTJ+oPmta4CF/J0U5LUr1tOZXheL3TP6m8d08gDrtn0YuGOPk87i9sJz+jR9 221 uy6MA3VSB99SK9ducGmE1Jv8mcziREroz2TEGr0zPs6h 222 =J59D 223 -----END PGP PUBLIC KEY BLOCK-----`) 224 } 225 226 func testCreateValidSecondaryEmailGPGKey(t *testing.T, makeRequest makeRequestFunc, token string, expected int) { 227 // User2 <user2-2@example.com> //secondary and not activated 228 testCreateGPGKey(t, makeRequest, token, expected, `-----BEGIN PGP PUBLIC KEY BLOCK----- 229 230 mQGNBGC2K2cBDAC1+Xgk+8UfhASVgRngQi4rnQ8k0t+bWsBz4Czd26+cxVDRwlTT 231 8PALdrbrY/e9iXjcVcZ8Npo4UYe7/LfnL57dc7tgbenRGYYrWyVoNNv58BVw4xCY 232 RmgvdHWIIPGuz3aME0smHxbJ2KewYTqjTPuVKF/wrHTwCpVWdjYKC5KDo3yx0mro 233 xf9vOJOnkWNMiEw7TiZfkrbUqxyA53BVsSNKRX5C3b4FJcVT7eiAq7sDAaFxjEHy 234 ahZslmvg7XZxWzSVzxDNesR7f4xuop8HBjzaluJoVuwiyWculTvz1b6hyHVQr+ad 235 h8JGjj1tySI65OTFsTuptsfHXjtjl/NR4P6BXkf+FVwweaTQaEzpHkv0m9b9pY43 236 CY/8XtS4uNPermiLG/Z0BB1eOCdoOQVHpjOa55IXQWhxXB6NZVyowiUbrR7jLDQy 237 5JP7D1HmErTR8JRm3VDqGbSaCgugRgFX+lb/fpgFp9k02OeK+JQudolZOt1mVk+T 238 C4xmEWxfiH15/JMAEQEAAbQbdXNlcjIgPHVzZXIyLTJAZXhhbXBsZS5jb20+iQHU 239 BBMBCAA+FiEEB/Y4DM3Ba2H9iXmlPO9G70C+/D4FAmC2K2cCGwMFCQPCZwAFCwkI 240 BwIGFQoJCAsCBBYCAwECHgECF4AACgkQPO9G70C+/D59/Av/XZIhCH4X2FpxCO3d 241 oCa+sbYkBL5xeUoPfAx5ThXzqL/tllO88TKTMEGZF3k5pocXWH0xmhqlvDTcdb0i 242 W3O0CN8FLmuotU51c0JC1mt9zwJP9PeJNyqxrMm01Yzj55z/Dz3QHSTlDjrWTWjn 243 YBqDf2HfdM177oydfSYmevZni1aDmBalWpFPRvqISCO7uFnvg1hJQ5mD/0qie663 244 QJ8LAAANg32H9DyPnYi9wU62WX0DMUVTjKctT3cnYCbirjjJ7ZlCCm+cf61CRX1B 245 E1Ng/Ef3ZcUfXWitZSjfET/pKEMSNjsQawFpZ/LPCBl+UPHzaTPAASeGJvcbZ3py 246 wZQLQc1MCu2hmMBQ8zHQTdS2Pp0RISxCQLYvVQL6DrcJDNiSqn9p9RQt5c5r5Pjx 247 80BIPcjj3glOVP7PYE2azQAkt6reEjhimwCfjeDpiPnkBTY7Av2jCcUFhhemDY/j 248 TRXK1paLphhJ36zC22SeHGxNNakjjuUakqB85DEUeoWuVm6ouQGNBGC2K2cBDADx 249 G2rIAgMjdPtofhkEZXwv6zdNwmYOlIIM+59bam9Ep/vFq8F5f+xldevm5dvM8SeR 250 pNwDGSOUf5OKBWBdsJFhlYBl7+EcKd/Tent/XS6JoA9ffF33b+r04L543+ykiKON 251 WYeYi0F4WwYTIQgqZHJze1sPVkYGR5F0bL8PAcLuwd5dzZVi/q2HakrGdg29N8oY 252 b/XnoR7FflPrNYdzO6hawi5Inx7KS7aWa0ZkARb0F4HSct+/m6nAZVsoJINLudyQ 253 ut2NWeU8rWIm1hqyIxQFvuQJy46umq++10J/sWA98bkg41Rx+72+eP7DM5v8IgUp 254 clJsfljRXIBWbmRAVZvtNI7PX9fwMMhf4M7wHO7G2WV39o1exKps5xFFcn8PUQiX 255 jCSR81M145CgCdmLUR1y0pdkN/WIqjXBhkPIvO2dxEcodMNHb1aUUuUOnww6+xIP 256 8rGVw+a2DUiALc8Qr5RP21AYKRctfiwhSQh2KODveMtyLI3U9C/eLRPp+QM3XB8A 257 EQEAAYkBvAQYAQgAJhYhBAf2OAzNwWth/Yl5pTzvRu9Avvw+BQJgtitnAhsMBQkD 258 wmcAAAoJEDzvRu9Avvw+3FcMAJBwupyJ4zwQFxTJ5BkDlusG3U2FXEf3bDrXhvNd 259 qi8eS8Vo/vRiH/w/my5JFpz1o2tJToryF71D+uF5DTItalKquhsQ9reAEmXggqOh 260 9Jd9mWJIEEWcRORiLNDKENKvE8bouw4U4hRaSF0IaGzAe5mO+oOvwal8L97wFxrZ 261 4leM1GzkopiuNfbkkBBw2KJcMjYBHzzXSCALnVwhjbgkBEWPIg38APT3cr9KfnMM 262 q8+tvsGLj4piAl3Lww7+GhSsDOUXH8btR41BSAQDrbO5q6oi/h4nuxoNmQIDW/Ug 263 s+dd5hnY2FtHRjb4FCR9kAjdTE6stc8wzohWfbg1N+12TTA2ylByAumICVXixavH 264 RJ7l0OiWJk388qw9mqh3k8HcBxL7OfDlFC9oPmCS0iYiIwW/Yc80kBhoxcvl/Xa7 265 mIMMn8taHIaQO7v9ln2EVQYTzbNCmwTw9ovTM0j/Pbkg2EftfP1TCoxQHvBnsCED 266 6qgtsUdi5eviONRkBgeZtN3oxA== 267 =MgDv 268 -----END PGP PUBLIC KEY BLOCK-----`) 269 }