DukeInc/Kez
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Kez/kez-chat/tests/http.rs
Tudisco 111b23b94b feat(kez-chat): scaffold the home server (v0.1) 
First runnable kez-chat-server binary plus its docker-compose deploy
recipe. Implements steps 2-3 of the document.md sequenced plan; the
rust-lib refactor (step 1) is deferred — chat-server path-deps on
rust/crates/kez-core for now, which works and matches what
rust-sig-server already does.

What's in this commit:

kez-core (1-line change)
- New public `verify_envelope<T>(payload, signature)` helper that
  dispatches Schnorr / Ed25519 / future suites by signature.alg.
  Used by chat-server's registration verifier; downstream value
  beyond chat-server too.

kez-chat-server (new crate)
- src/main.rs: tokio + axum + tracing entry; clap config; graceful
  Ctrl-C shutdown.
- src/lib.rs: re-exports so tests can drive the same router.
- src/config.rs: env/flag config (bind, db, server, sig_server_url,
  web_dir) with defaults sane for both dev and prod.
- src/error.rs: typed ApiError → structured JSON responses with
  stable error codes.
- src/store.rs: SQLite-backed handle registry, UNIQUE on both
  (handle) and (primary_id); race-safe via SQL primary key.
- src/handles.rs: username validation (length, charset, reserved
  list, must start with letter/digit).
- src/registration.rs: SignedRegistration envelope sharing KEZ's
  JCS canonical-bytes pattern; signature verification via the new
  kez-core helper; replay protection via ±5-minute clock skew check.
- src/api.rs: all six routes in one file —
    GET  /v1/healthz
    GET  /v1/u/:handle
    POST /v1/register
    GET  /.well-known/webfinger
    POST /internal/nats/auth   (501 stub for v0.1; wired up in v0.2)
    GET  /                     (placeholder HTML; ServeDir when web/dist exists)

tests/http.rs — 13 integration tests
- Stands up the real router on a random port; uses reqwest.
- Coverage: healthz, lookup-404, full register→lookup round-trip,
  duplicate-handle conflict, wrong-server rejection, reserved-name
  rejection, tampered-signature rejection, stale-timestamp rejection,
  WebFinger success + wrong-server-404, placeholder SPA renders,
  NATS callout 501, JCS determinism sanity.

deploy/
- Dockerfile: multi-stage build (rust:1.86-slim → debian:bookworm-slim).
  Build context is repo root so the path dep on kez-core resolves.
  Runtime image ~50 MB; runs as non-root uid 10001.
- Dockerfile.sig-server: same pattern for the existing
  rust-sig-server, so the stack builds from one git pull.
- docker-compose.yml: three services (chat-server + nats + sig-server)
  with named volumes for persistence. Ports: 6969 (chat HTTP),
  4222/8443/8222 (NATS native/ws/monitoring), 7878 (sig-server).
- nats.conf: WebSocket on 8443 for the browser SPA, JetStream
  enabled, auth_callout pointing at chat-server's
  /internal/nats/auth endpoint (issuer nkey is a placeholder — must
  be replaced with a real one before going live).

README.md
- Documents all endpoints with example bodies.
- Quick-start for both local dev and full Docker compose.
- Honest list of what's in v0.1 vs what's still stubbed.

Smoke-tested running on 127.0.0.1:6969:
  GET /v1/healthz       → {"server":"kez.lat","status":"ok","version":"0.1.0"}
  GET /                 → placeholder HTML rendering
  GET /v1/u/ghost       → 404
  POST /internal/nats/auth → 501 with "wired up in v0.2"

cargo test  → 13 passed.
cargo build --release → 19.6s, clean.
2026-05-24 23:36:53 -06:00

316 lines
9.6 KiB
Rust
Raw Blame History

//! Integration tests: stand up the real router on a random local port,
//! drive it with `reqwest`. No mocks — exercises the full HTTP + SQLite +
//! kez-core signature path.
use std::net::SocketAddr;
use std::path::PathBuf;
use chrono::{DateTime, Utc};
use kez_chat_server::{AppState, Config, Store, router};
use kez_chat_server::registration::{
ENVELOPE_TAG, FORMAT_VERSION, REGISTRATION_TYPE, RegistrationPayload, SignedRegistration,
};
use kez_core::{
Ed25519Secret, Identity, SignatureBlock, ED25519_SHA512_ALG, canonical_bytes,
};
use reqwest::StatusCode;
use serde_json::Value;
use sha2::{Digest, Sha256};
struct TestServer {
base: String,
#[allow(dead_code)]
handle: tokio::task::JoinHandle<()>,
}
async fn spawn_server() -> TestServer {
spawn_server_with_config(default_config()).await
}
fn default_config() -> Config {
Config {
bind: SocketAddr::from(([127, 0, 0, 1], 0)),
db: PathBuf::from(":memory:"), // unused (we open in-memory below)
server: "kez.test".to_owned(),
sig_server_url: "http://sig.test".to_owned(),
web_dir: None,
}
}
async fn spawn_server_with_config(config: Config) -> TestServer {
let store = Store::open_in_memory().unwrap();
let state = AppState { store, config };
let app = router(state);
let listener = tokio::net::TcpListener::bind(SocketAddr::from(([127, 0, 0, 1], 0)))
.await
.unwrap();
let addr = listener.local_addr().unwrap();
let handle = tokio::spawn(async move {
axum::serve(listener, app).await.unwrap();
});
TestServer {
base: format!("http://{addr}"),
handle,
}
}
fn sign_registration(
secret: &Ed25519Secret,
handle: &str,
server: &str,
created_at: DateTime<Utc>,
) -> SignedRegistration {
let primary = secret.identity().unwrap();
let payload = RegistrationPayload {
kind: REGISTRATION_TYPE.to_owned(),
version: FORMAT_VERSION,
handle: handle.to_owned(),
primary: primary.clone(),
server: server.to_owned(),
created_at,
};
let jcs = canonical_bytes(&payload).unwrap();
let sig = secret.sign(&jcs);
SignedRegistration {
kez: ENVELOPE_TAG.to_owned(),
payload,
signature: SignatureBlock {
alg: ED25519_SHA512_ALG.to_owned(),
key: primary,
sig: hex::encode(sig),
},
}
}
#[tokio::test]
async fn healthz_returns_ok() {
let server = spawn_server().await;
let resp = reqwest::get(format!("{}/v1/healthz", server.base))
.await
.unwrap();
assert_eq!(resp.status(), StatusCode::OK);
let body: Value = resp.json().await.unwrap();
assert_eq!(body["status"], "ok");
assert_eq!(body["server"], "kez.test");
}
#[tokio::test]
async fn unknown_handle_returns_404() {
let server = spawn_server().await;
let resp = reqwest::get(format!("{}/v1/u/ghost", server.base))
.await
.unwrap();
assert_eq!(resp.status(), StatusCode::NOT_FOUND);
}
#[tokio::test]
async fn register_then_lookup_round_trip() {
let server = spawn_server().await;
let secret = Ed25519Secret::generate();
let req = sign_registration(&secret, "tudisco", "kez.test", Utc::now());
let client = reqwest::Client::new();
let post = client
.post(format!("{}/v1/register", server.base))
.json(&req)
.send()
.await
.unwrap();
assert_eq!(post.status(), StatusCode::CREATED);
let posted: Value = post.json().await.unwrap();
assert_eq!(posted["handle"], "tudisco");
assert_eq!(posted["fqhn"], "tudisco@kez.test");
let get = reqwest::get(format!("{}/v1/u/tudisco", server.base))
.await
.unwrap();
assert_eq!(get.status(), StatusCode::OK);
let looked: Value = get.json().await.unwrap();
assert_eq!(looked["handle"], "tudisco");
assert_eq!(looked["primary"], secret.identity().unwrap().to_string());
}
#[tokio::test]
async fn rejects_duplicate_handle() {
let server = spawn_server().await;
let a = Ed25519Secret::generate();
let b = Ed25519Secret::generate();
let req_a = sign_registration(&a, "tudisco", "kez.test", Utc::now());
let req_b = sign_registration(&b, "tudisco", "kez.test", Utc::now());
let client = reqwest::Client::new();
let r1 = client
.post(format!("{}/v1/register", server.base))
.json(&req_a)
.send()
.await
.unwrap();
assert_eq!(r1.status(), StatusCode::CREATED);
let r2 = client
.post(format!("{}/v1/register", server.base))
.json(&req_b)
.send()
.await
.unwrap();
assert_eq!(r2.status(), StatusCode::CONFLICT);
}
#[tokio::test]
async fn rejects_wrong_server() {
let server = spawn_server().await;
let secret = Ed25519Secret::generate();
let req = sign_registration(&secret, "tudisco", "other.example", Utc::now());
let client = reqwest::Client::new();
let resp = client
.post(format!("{}/v1/register", server.base))
.json(&req)
.send()
.await
.unwrap();
assert_eq!(resp.status(), StatusCode::BAD_REQUEST);
}
#[tokio::test]
async fn rejects_reserved_handle() {
let server = spawn_server().await;
let secret = Ed25519Secret::generate();
let req = sign_registration(&secret, "admin", "kez.test", Utc::now());
let client = reqwest::Client::new();
let resp = client
.post(format!("{}/v1/register", server.base))
.json(&req)
.send()
.await
.unwrap();
assert_eq!(resp.status(), StatusCode::FORBIDDEN);
}
#[tokio::test]
async fn rejects_tampered_signature() {
let server = spawn_server().await;
let secret = Ed25519Secret::generate();
let mut req = sign_registration(&secret, "tudisco", "kez.test", Utc::now());
// Tamper: flip the handle after signing. Signature still references
// the original handle, but payload now claims a different one.
req.payload.handle = "imposter".to_owned();
let client = reqwest::Client::new();
let resp = client
.post(format!("{}/v1/register", server.base))
.json(&req)
.send()
.await
.unwrap();
assert_eq!(resp.status(), StatusCode::BAD_REQUEST);
}
#[tokio::test]
async fn rejects_stale_timestamp() {
let server = spawn_server().await;
let secret = Ed25519Secret::generate();
let stale = Utc::now() - chrono::Duration::hours(1);
let req = sign_registration(&secret, "tudisco", "kez.test", stale);
let client = reqwest::Client::new();
let resp = client
.post(format!("{}/v1/register", server.base))
.json(&req)
.send()
.await
.unwrap();
assert_eq!(resp.status(), StatusCode::BAD_REQUEST);
let body: Value = resp.json().await.unwrap();
let msg = body["error"]["message"].as_str().unwrap();
assert!(msg.contains("created_at"), "got: {msg}");
}
#[tokio::test]
async fn webfinger_finds_registered_user() {
let server = spawn_server().await;
let secret = Ed25519Secret::generate();
let req = sign_registration(&secret, "tudisco", "kez.test", Utc::now());
let client = reqwest::Client::new();
client
.post(format!("{}/v1/register", server.base))
.json(&req)
.send()
.await
.unwrap();
let url = format!(
"{}/.well-known/webfinger?resource=acct:tudisco@kez.test",
server.base
);
let resp = reqwest::get(&url).await.unwrap();
assert_eq!(resp.status(), StatusCode::OK);
let body: Value = resp.json().await.unwrap();
assert_eq!(body["subject"], "acct:tudisco@kez.test");
assert!(body["links"].is_array());
}
#[tokio::test]
async fn webfinger_rejects_wrong_server() {
let server = spawn_server().await;
let resp = reqwest::get(format!(
"{}/.well-known/webfinger?resource=acct:tudisco@other.example",
server.base
))
.await
.unwrap();
assert_eq!(resp.status(), StatusCode::NOT_FOUND);
}
#[tokio::test]
async fn placeholder_index_renders() {
let server = spawn_server().await;
let resp = reqwest::get(format!("{}/", server.base)).await.unwrap();
assert_eq!(resp.status(), StatusCode::OK);
let text = resp.text().await.unwrap();
assert!(text.contains("kez-chat"));
assert!(text.contains("kez.test"));
}
#[tokio::test]
async fn nats_auth_callout_stub_returns_not_implemented() {
let server = spawn_server().await;
let client = reqwest::Client::new();
let resp = client
.post(format!("{}/internal/nats/auth", server.base))
.json(&serde_json::json!({}))
.send()
.await
.unwrap();
assert_eq!(resp.status(), StatusCode::NOT_IMPLEMENTED);
}
// Sanity: signing the same payload twice with the same Ed25519 key
// gives the same signature. Catches any accidental non-determinism in
// the JCS pipeline.
#[tokio::test]
async fn registration_signing_is_deterministic() {
let seed = "4242424242424242424242424242424242424242424242424242424242424242";
let secret = Ed25519Secret::from_seed_hex(seed).unwrap();
let payload = RegistrationPayload {
kind: REGISTRATION_TYPE.to_owned(),
version: FORMAT_VERSION,
handle: "tudisco".to_owned(),
primary: secret.identity().unwrap(),
server: "kez.lat".to_owned(),
created_at: DateTime::parse_from_rfc3339("2026-01-01T00:00:00Z")
.unwrap()
.with_timezone(&Utc),
};
let jcs1 = canonical_bytes(&payload).unwrap();
let jcs2 = canonical_bytes(&payload).unwrap();
assert_eq!(jcs1, jcs2);
let sig1 = secret.sign(&jcs1);
let sig2 = secret.sign(&jcs2);
assert_eq!(sig1, sig2);
// Hash for human eyeballing in CI logs.
let _ = Sha256::digest(&jcs1);
}
Reference in New Issue View Git Blame Copy Permalink