fix: sitekeyとsecretを混同をしていたのを修正

This commit is contained in:
usbharu 2024-04-04 18:08:39 +09:00
parent 5b322ade29
commit 4218431012
5 changed files with 47 additions and 11 deletions

View File

@ -12,6 +12,7 @@ hideout:
debug:
trace-query-exception: true
trace-query-call: true
private: false
spring:
flyway:

View File

@ -12,6 +12,7 @@ hideout:
public-key: "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu1SU1LfVLPHCozMxH2Mo4lgOEePzNm0tRgeLezV6ffAt0gunVTLw7onLRnrq0/IzW7yWR7QkrmBL7jTKEn5u+qKhbwKfBstIs+bMY2Zkp18gnTxKLxoS2tFczGkPLPgizskuemMghRniWaoLcyehkd3qqGElvW/VDL5AaWTg0nLVkjRo9z+40RQzuVaE8AkAFmxZzow3x+VJYKdjykkJ0iT9wCS0DRTXu269V264Vf/3jvredZiKRkgwlL9xNAwxXFg0x/XFw005UWVRIkdgcKWTjpBP2dPwVZ4WWC+9aGVd+Gyn1o0CLelf4rEjGoXbAAEgAqeGUxrcIlbjXfbcmwIDAQAB"
storage:
type: local
private: false
spring:
flyway:

View File

@ -4,5 +4,6 @@ import org.springframework.boot.context.properties.ConfigurationProperties
@ConfigurationProperties("hideout.security")
data class CaptchaConfig(
val reCaptchaSiteKey:String
val reCaptchaSiteKey: String?,
val reCaptchaSecretKey: String?
)

View File

@ -4,7 +4,6 @@ import com.fasterxml.jackson.databind.ObjectMapper
import com.fasterxml.jackson.module.kotlin.readValue
import dev.usbharu.hideout.application.config.CaptchaConfig
import dev.usbharu.hideout.core.domain.model.actor.Actor
import dev.usbharu.hideout.core.domain.model.userdetails.UserDetail
import dev.usbharu.hideout.core.service.user.UserCreateDto
import dev.usbharu.hideout.core.service.user.UserService
import io.ktor.client.*
@ -22,15 +21,15 @@ class AuthApiServiceImpl(
) :
AuthApiService {
override suspend fun registerAccount(registerAccountDto: RegisterAccountDto): Actor {
val get =
httpClient.get("https://www.google.com/recaptcha/api/siteverify?secret=" + captchaConfig.reCaptchaSiteKey + "&response=" + registerAccountDto.recaptchaResponse)
if (captchaConfig.reCaptchaSecretKey != null && captchaConfig.reCaptchaSiteKey != null) {
val get =
httpClient.get("https://www.google.com/recaptcha/api/siteverify?secret=" + captchaConfig.reCaptchaSecretKey + "&response=" + registerAccountDto.recaptchaResponse)
val recaptchaResult = objectMapper.readValue<RecaptchaResult>(get.bodyAsText())
logger.debug("reCAPTCHA: {}", recaptchaResult)
require(recaptchaResult.success)
require(!(recaptchaResult.score < 0.5))
}
val recaptchaResult = objectMapper.readValue<RecaptchaResult>(get.bodyAsText())
logger.debug("reCAPTCHA: {}",recaptchaResult)
require(recaptchaResult.success)
require(!(recaptchaResult.score < 0.5))
val createLocalUser = userService.createLocalUser(
UserCreateDto(

View File

@ -28,6 +28,7 @@ import jakarta.validation.Validation
import kotlinx.coroutines.ExperimentalCoroutinesApi
import kotlinx.coroutines.test.runTest
import org.junit.jupiter.api.Test
import org.junit.jupiter.api.assertThrows
import org.mockito.ArgumentMatchers.anyString
import org.mockito.kotlin.*
import utils.TestApplicationConfig.testApplicationConfig
@ -60,7 +61,7 @@ class ActorServiceTest {
actorRepository = actorRepository,
userAuthService = userAuthService,
actorBuilder = actorBuilder,
applicationConfig = testApplicationConfig,
applicationConfig = testApplicationConfig.copy(private = false),
instanceService = mock(),
userDetailRepository = mock(),
deletedActorRepository = mock(),
@ -87,6 +88,39 @@ class ActorServiceTest {
}
}
@Test
fun `createLocalUser applicationconfig privateがtrueのときアカウントを作成できない`() = runTest {
val actorRepository = mock<ActorRepository> {
onBlocking { nextId() } doReturn 110001L
}
val generateKeyPair = KeyPairGenerator.getInstance("RSA").generateKeyPair()
val userAuthService = mock<UserAuthService> {
onBlocking { hash(anyString()) } doReturn "hashedPassword"
onBlocking { generateKeyPair() } doReturn generateKeyPair
}
val userService =
UserServiceImpl(
actorRepository = actorRepository,
userAuthService = userAuthService,
actorBuilder = actorBuilder,
applicationConfig = testApplicationConfig.copy(private = true),
instanceService = mock(),
userDetailRepository = mock(),
deletedActorRepository = mock(),
reactionRepository = mock(),
relationshipRepository = mock(),
postService = mock(),
apSendDeleteService = mock(),
postRepository = mock()
)
assertThrows<IllegalStateException> {
userService.createLocalUser(UserCreateDto("test", "testUser", "XXXXXXXXXXXXX", "test"))
}
}
@Test
fun `createRemoteUser リモートユーザーを作成できる`() = runTest {