fix: sitekeyとsecretを混同をしていたのを修正

2024-04-04 18:08:39 +09:00 · 2024-04-04 18:08:39 +09:00 · 4218431012
parent 5b322ade29
commit 4218431012
5 changed files with 47 additions and 11 deletions
--- a/src/e2eTest/resources/application.yml
+++ b/src/e2eTest/resources/application.yml
@ -12,6 +12,7 @@ hideout:
  debug:
    trace-query-exception: true
    trace-query-call: true
+  private: false

 spring:
  flyway:
--- a/src/intTest/resources/application.yml
+++ b/src/intTest/resources/application.yml
@ -12,6 +12,7 @@ hideout:
      public-key: "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu1SU1LfVLPHCozMxH2Mo4lgOEePzNm0tRgeLezV6ffAt0gunVTLw7onLRnrq0/IzW7yWR7QkrmBL7jTKEn5u+qKhbwKfBstIs+bMY2Zkp18gnTxKLxoS2tFczGkPLPgizskuemMghRniWaoLcyehkd3qqGElvW/VDL5AaWTg0nLVkjRo9z+40RQzuVaE8AkAFmxZzow3x+VJYKdjykkJ0iT9wCS0DRTXu269V264Vf/3jvredZiKRkgwlL9xNAwxXFg0x/XFw005UWVRIkdgcKWTjpBP2dPwVZ4WWC+9aGVd+Gyn1o0CLelf4rEjGoXbAAEgAqeGUxrcIlbjXfbcmwIDAQAB"
  storage:
    type: local
+  private: false

 spring:
  flyway:
--- a/src/main/kotlin/dev/usbharu/hideout/application/config/CaptchaConfig.kt
+++ b/src/main/kotlin/dev/usbharu/hideout/application/config/CaptchaConfig.kt
@ -4,5 +4,6 @@ import org.springframework.boot.context.properties.ConfigurationProperties

@ConfigurationProperties("hideout.security")
 data class CaptchaConfig(
-    val reCaptchaSiteKey:String
+    val reCaptchaSiteKey: String?,
+    val reCaptchaSecretKey: String?
 )
--- a/src/main/kotlin/dev/usbharu/hideout/core/service/auth/AuthApiServiceImpl.kt
+++ b/src/main/kotlin/dev/usbharu/hideout/core/service/auth/AuthApiServiceImpl.kt
@ -4,7 +4,6 @@ import com.fasterxml.jackson.databind.ObjectMapper
 import com.fasterxml.jackson.module.kotlin.readValue
 import dev.usbharu.hideout.application.config.CaptchaConfig
 import dev.usbharu.hideout.core.domain.model.actor.Actor
-import dev.usbharu.hideout.core.domain.model.userdetails.UserDetail
 import dev.usbharu.hideout.core.service.user.UserCreateDto
 import dev.usbharu.hideout.core.service.user.UserService
 import io.ktor.client.*
@ -22,15 +21,15 @@ class AuthApiServiceImpl(
 ) :
    AuthApiService {
    override suspend fun registerAccount(registerAccountDto: RegisterAccountDto): Actor {
-        val get =
-            httpClient.get("https://www.google.com/recaptcha/api/siteverify?secret=" + captchaConfig.reCaptchaSiteKey + "&response=" + registerAccountDto.recaptchaResponse)
+        if (captchaConfig.reCaptchaSecretKey != null && captchaConfig.reCaptchaSiteKey != null) {
+            val get =
+                httpClient.get("https://www.google.com/recaptcha/api/siteverify?secret=" + captchaConfig.reCaptchaSecretKey + "&response=" + registerAccountDto.recaptchaResponse)
+            val recaptchaResult = objectMapper.readValue<RecaptchaResult>(get.bodyAsText())
+            logger.debug("reCAPTCHA: {}", recaptchaResult)
+            require(recaptchaResult.success)
+            require(!(recaptchaResult.score < 0.5))
+        }

-        val recaptchaResult = objectMapper.readValue<RecaptchaResult>(get.bodyAsText())
-
-        logger.debug("reCAPTCHA: {}",recaptchaResult)
-
-        require(recaptchaResult.success)
-        require(!(recaptchaResult.score < 0.5))

        val createLocalUser = userService.createLocalUser(
            UserCreateDto(
--- a/src/test/kotlin/dev/usbharu/hideout/core/service/user/ActorServiceTest.kt
+++ b/src/test/kotlin/dev/usbharu/hideout/core/service/user/ActorServiceTest.kt
@ -28,6 +28,7 @@ import jakarta.validation.Validation
 import kotlinx.coroutines.ExperimentalCoroutinesApi
 import kotlinx.coroutines.test.runTest
 import org.junit.jupiter.api.Test
+import org.junit.jupiter.api.assertThrows
 import org.mockito.ArgumentMatchers.anyString
 import org.mockito.kotlin.*
 import utils.TestApplicationConfig.testApplicationConfig
@ -60,7 +61,7 @@ class ActorServiceTest {
                actorRepository = actorRepository,
                userAuthService = userAuthService,
                actorBuilder = actorBuilder,
-                applicationConfig = testApplicationConfig,
+                applicationConfig = testApplicationConfig.copy(private = false),
                instanceService = mock(),
                userDetailRepository = mock(),
                deletedActorRepository = mock(),
@ -87,6 +88,39 @@ class ActorServiceTest {
        }
    }

+    @Test
+    fun `createLocalUser applicationconfig privateがtrueのときアカウントを作成できない`() = runTest {
+
+        val actorRepository = mock<ActorRepository> {
+            onBlocking { nextId() } doReturn 110001L
+        }
+        val generateKeyPair = KeyPairGenerator.getInstance("RSA").generateKeyPair()
+        val userAuthService = mock<UserAuthService> {
+            onBlocking { hash(anyString()) } doReturn "hashedPassword"
+            onBlocking { generateKeyPair() } doReturn generateKeyPair
+        }
+        val userService =
+            UserServiceImpl(
+                actorRepository = actorRepository,
+                userAuthService = userAuthService,
+                actorBuilder = actorBuilder,
+                applicationConfig = testApplicationConfig.copy(private = true),
+                instanceService = mock(),
+                userDetailRepository = mock(),
+                deletedActorRepository = mock(),
+                reactionRepository = mock(),
+                relationshipRepository = mock(),
+                postService = mock(),
+                apSendDeleteService = mock(),
+                postRepository = mock()
+            )
+
+        assertThrows<IllegalStateException> {
+            userService.createLocalUser(UserCreateDto("test", "testUser", "XXXXXXXXXXXXX", "test"))
+        }
+
+    }
+
    @Test
    fun `createRemoteUser リモートユーザーを作成できる`() = runTest {