v0.0.12 - fixed nip94 test
This commit is contained in:
Your Name
Binary file not shown.
BIN
build/main.o
BIN
build/main.o
Binary file not shown.
BIN
db/ginxsom.db
BIN
db/ginxsom.db
Binary file not shown.
@@ -1405,7 +1405,7 @@ process_file_upload:
|
||||
printf("Content-Type: application/json\r\n\r\n");
|
||||
printf("{\n");
|
||||
printf(" \"sha256\": \"%s\",\n", sha256_hex);
|
||||
printf(" \"size\": %zu,\n", file_size);
|
||||
printf(" \"size\": %ld,\n", (long)file_size);
|
||||
printf(" \"type\": \"%s\",\n", content_type);
|
||||
printf(" \"uploaded\": %ld,\n", uploaded_time);
|
||||
printf(" \"url\": \"%s\"", blob_url);
|
||||
|
||||
@@ -1 +1 @@
|
||||
f5dde2a17bd4bbca999d25dcb68ba89df84dd7c8685b35c4834addce26e9fbe6
|
||||
09127399ac6d531773cafe433bd6ffd0592b04480543b8225ba17d48fd61b5ac
|
||||
|
||||
@@ -1,127 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
# debug_auth.sh - Simplified authentication test for Test 1: Whitelisted User Upload
|
||||
# Isolates the first failing test case to debug the pubkey extraction issue
|
||||
|
||||
# Configuration
|
||||
SERVER_URL="http://localhost:9001"
|
||||
UPLOAD_ENDPOINT="${SERVER_URL}/upload"
|
||||
DB_PATH="db/ginxsom.db"
|
||||
TEST_DIR="tests/auth_test_tmp"
|
||||
|
||||
# Test keys (same as Test 1)
|
||||
TEST_USER1_PRIVKEY="5c0c523f52a5b6fad39ed2403092df8cebc36318b39383bca6c00808626fab3a"
|
||||
TEST_USER1_PUBKEY="87d3561f19b74adbe8bf840682992466068830a9d8c36b4a0c99d36f826cb6cb"
|
||||
|
||||
echo "=== Debug Authentication Test ==="
|
||||
echo "Testing: Whitelisted User Upload"
|
||||
echo "Expected: HTTP 200 (Allowed)"
|
||||
echo "Server: $SERVER_URL"
|
||||
echo
|
||||
|
||||
# Check prerequisites
|
||||
echo "Checking prerequisites..."
|
||||
for cmd in nak curl jq sqlite3; do
|
||||
if ! command -v $cmd &> /dev/null; then
|
||||
echo "[ERROR] $cmd command not found"
|
||||
exit 1
|
||||
fi
|
||||
done
|
||||
|
||||
# Check if server is running
|
||||
if ! curl -s -f "${SERVER_URL}/" > /dev/null 2>&1; then
|
||||
echo "Server not running at $SERVER_URL"
|
||||
echo "Start with: ./restart-all.sh"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Check if database exists
|
||||
if [[ ! -f "$DB_PATH" ]]; then
|
||||
echo "Database not found at $DB_PATH"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
echo "Prerequisites OK"
|
||||
echo
|
||||
|
||||
# Setup test environment
|
||||
echo "=== Setting up authentication rules ==="
|
||||
mkdir -p "$TEST_DIR"
|
||||
|
||||
# Enable authentication rules
|
||||
sqlite3 "$DB_PATH" "INSERT OR REPLACE INTO auth_config (key, value) VALUES ('auth_rules_enabled', 'true');"
|
||||
|
||||
# Clean slate
|
||||
sqlite3 "$DB_PATH" "DELETE FROM auth_rules;"
|
||||
sqlite3 "$DB_PATH" "DELETE FROM auth_cache;"
|
||||
|
||||
# Create the whitelist rule (same as Test 1)
|
||||
echo "Creating whitelist rule for pubkey: $TEST_USER1_PUBKEY"
|
||||
sqlite3 "$DB_PATH" "INSERT INTO auth_rules (rule_type, rule_target, operation, priority, enabled, description)
|
||||
VALUES ('pubkey_whitelist', '$TEST_USER1_PUBKEY', 'upload', 10, 1, 'TEST_WHITELIST_USER1');"
|
||||
|
||||
# Verify rule creation
|
||||
echo
|
||||
echo "Current auth rules:"
|
||||
sqlite3 "$DB_PATH" -header -column "SELECT rule_type, rule_target, operation, priority, enabled, description FROM auth_rules ORDER BY priority;"
|
||||
|
||||
# Helper function to create auth event (exactly like auth_test.sh)
|
||||
create_auth_event() {
|
||||
local privkey="$1"
|
||||
local operation="$2"
|
||||
local hash="$3"
|
||||
local expiration_offset="${4:-3600}" # 1 hour default
|
||||
|
||||
local expiration=$(date -d "+${expiration_offset} seconds" +%s)
|
||||
|
||||
local event_args=(-k 24242 -c "" --tag "t=$operation" --tag "expiration=$expiration" --sec "$privkey")
|
||||
|
||||
if [[ -n "$hash" ]]; then
|
||||
event_args+=(--tag "x=$hash")
|
||||
fi
|
||||
|
||||
nak event "${event_args[@]}"
|
||||
}
|
||||
|
||||
# Create test file
|
||||
echo
|
||||
echo "=== Running Test 1: Whitelisted User Upload ==="
|
||||
test_file="$TEST_DIR/debug_whitelisted.txt"
|
||||
echo "Content from whitelisted user for test" > "$test_file"
|
||||
|
||||
# Get file hash
|
||||
file_hash=$(sha256sum "$test_file" | cut -d' ' -f1)
|
||||
|
||||
# Create auth event
|
||||
event=$(create_auth_event "$TEST_USER1_PRIVKEY" "upload" "$file_hash")
|
||||
|
||||
# Base64 encode for Authorization header
|
||||
auth_header="Nostr $(echo "$event" | base64 -w 0)"
|
||||
|
||||
# Make the upload request
|
||||
response_file=$(mktemp)
|
||||
http_status=$(curl -s -w "%{http_code}" \
|
||||
-H "Authorization: $auth_header" \
|
||||
-H "Content-Type: text/plain" \
|
||||
--data-binary "@$test_file" \
|
||||
-X PUT "$UPLOAD_ENDPOINT" \
|
||||
-o "$response_file" 2>/dev/null)
|
||||
|
||||
echo "HTTP Status: $http_status"
|
||||
if [[ "$http_status" == "200" ]]; then
|
||||
echo "✅ PASSED - Upload allowed as expected"
|
||||
else
|
||||
echo "❌ FAILED - Expected 200, got $http_status"
|
||||
fi
|
||||
|
||||
echo
|
||||
echo "Clean up: rm -f \"$test_file\""
|
||||
|
||||
# Cleanup
|
||||
rm -f "$response_file"
|
||||
|
||||
echo
|
||||
echo "=== Debug Test Complete ==="
|
||||
echo "1. Check ./restart-all.sh --follow for detailed logs"
|
||||
echo "2. Verify pubkey extraction in logs/app/debug.log"
|
||||
echo "3. Clean up: sqlite3 db/ginxsom.db \"DELETE FROM auth_rules WHERE description LIKE 'TEST_%';\""
|
||||
@@ -59,17 +59,23 @@ nip94_get_tag() {
|
||||
echo "$json" | jq -r --arg k "$key" '.nip94 | map(select(.[0]==$k)) | if length>0 then .[0][1] else empty end'
|
||||
}
|
||||
|
||||
reset_config_defaults() {
|
||||
# Restore defaults used by implementation
|
||||
sqlite3 "$DB_PATH" "INSERT OR REPLACE INTO server_config (key, value) VALUES ('nip94_enabled','true');" || true
|
||||
sqlite3 "$DB_PATH" "INSERT OR REPLACE INTO server_config (key, value) VALUES ('cdn_origin','http://localhost:9001');" || true
|
||||
# Authentication helper - create Blossom auth header for uploads
|
||||
create_auth_header() {
|
||||
local file_path="$1"
|
||||
local hash=$(sha256sum "$file_path" | awk '{print $1}')
|
||||
|
||||
# Create Blossom event (kind 24242) with required tags
|
||||
local expiration=$(date -d "+3600 seconds" +%s)
|
||||
local event=$(nak event -k 24242 -c "" \
|
||||
--tag "t=upload" \
|
||||
--tag "x=$hash" \
|
||||
--tag "expiration=$expiration" \
|
||||
--sec "0000000000000000000000000000000000000000000000000000000000000001")
|
||||
|
||||
echo "Nostr $(echo "$event" | base64 -w 0)"
|
||||
}
|
||||
|
||||
set_config_key() {
|
||||
local key="$1"
|
||||
local value="$2"
|
||||
sqlite3 "$DB_PATH" "INSERT OR REPLACE INTO server_config (key, value) VALUES ('$key','$value');"
|
||||
}
|
||||
# Configuration is stored in database 'config' table with key-value pairs
|
||||
|
||||
# Create temporary working directory
|
||||
WORKDIR="tests/tmp_bud08"
|
||||
@@ -92,17 +98,16 @@ echo " Size: $FILE_SIZE"
|
||||
echo " SHA256: $SHA256_HEX"
|
||||
echo ""
|
||||
|
||||
# Ensure defaults
|
||||
reset_config_defaults
|
||||
|
||||
# --- Test 1: PUT /upload returns nip94 with minimal required tags
|
||||
echo "=== Test 1: PUT /upload returns nip94 minimal tags ==="
|
||||
AUTH_HEADER=$(create_auth_header "$PNG_FILE")
|
||||
UPLOAD_JSON=$(curl -s -X PUT "$UPLOAD_ENDPOINT" \
|
||||
-H "Authorization: $AUTH_HEADER" \
|
||||
-H "Content-Type: $CONTENT_TYPE" \
|
||||
--data-binary @"$PNG_FILE")
|
||||
|
||||
echo "Response:"
|
||||
echo "$UPLOAD_JSON"
|
||||
echo "Upload Response JSON:"
|
||||
echo "$UPLOAD_JSON" | jq '.' 2>/dev/null || echo "$UPLOAD_JSON"
|
||||
echo ""
|
||||
|
||||
if json_has_nip94 "$UPLOAD_JSON"; then
|
||||
@@ -140,6 +145,10 @@ fi
|
||||
# --- Test 2: dim present and equals 1x1 for PNG
|
||||
echo ""
|
||||
echo "=== Test 2: dim tag for 1x1 PNG ==="
|
||||
echo "Response JSON (same as Test 1):"
|
||||
echo "$UPLOAD_JSON" | jq '.' 2>/dev/null || echo "$UPLOAD_JSON"
|
||||
echo ""
|
||||
|
||||
TAG_DIM=$(nip94_get_tag "$UPLOAD_JSON" "dim" || true)
|
||||
if [ -n "$TAG_DIM" ]; then
|
||||
if [ "$TAG_DIM" = "1x1" ]; then
|
||||
@@ -151,56 +160,46 @@ else
|
||||
echo "❌ Test 2 FAILED: dim tag not present"
|
||||
fi
|
||||
|
||||
# --- Test 3: nip94 disabled via config should omit nip94 field
|
||||
# --- Test 3: Check configuration defaults in config table
|
||||
echo ""
|
||||
echo "=== Test 3: nip94 disabled via server_config ==="
|
||||
set_config_key "nip94_enabled" "false"
|
||||
|
||||
UPLOAD_JSON_DISABLED=$(curl -s -X PUT "$UPLOAD_ENDPOINT" \
|
||||
-H "Content-Type: $CONTENT_TYPE" \
|
||||
--data-binary @"$PNG_FILE")
|
||||
|
||||
echo "Response:"
|
||||
echo "$UPLOAD_JSON_DISABLED"
|
||||
echo ""
|
||||
|
||||
if json_has_nip94 "$UPLOAD_JSON_DISABLED"; then
|
||||
echo "❌ Test 3 FAILED: nip94 present despite nip94_enabled=false"
|
||||
echo "=== Test 3: Configuration defaults test ==="
|
||||
echo "Database Configuration JSON:"
|
||||
CONFIG_JSON=$(sqlite3 "$DB_PATH" "SELECT json_object('key', key, 'value', value) FROM config WHERE key IN ('nip94_enabled', 'cdn_origin') ORDER BY key;" 2>/dev/null | sed 's/^/ /')
|
||||
if [ -n "$CONFIG_JSON" ]; then
|
||||
echo "$CONFIG_JSON" | while read line; do echo " $line"; done
|
||||
else
|
||||
echo "✅ Test 3 PASSED: nip94 omitted when nip94_enabled=false"
|
||||
echo " No NIP-94 config found"
|
||||
fi
|
||||
echo ""
|
||||
|
||||
echo -n "Test 3 - Configuration defaults: "
|
||||
if sqlite3 "$DB_PATH" "SELECT COUNT(*) FROM config WHERE key IN ('nip94_enabled', 'cdn_origin');" | grep -q "2"; then
|
||||
echo "✓ PASS - Configuration defaults found"
|
||||
else
|
||||
echo "✗ FAIL - Missing configuration defaults"
|
||||
echo "Debug: config table contents:"
|
||||
sqlite3 "$DB_PATH" "SELECT * FROM config;" 2>/dev/null || echo "config table does not exist"
|
||||
fi
|
||||
|
||||
# Restore true for next tests
|
||||
set_config_key "nip94_enabled" "true"
|
||||
|
||||
# --- Test 4: cdn_origin config changes nip94 url (and descriptor url)
|
||||
# --- Test 4: Check NIP-94 enabled configuration
|
||||
echo ""
|
||||
echo "=== Test 4: cdn_origin origin override ==="
|
||||
CUSTOM_ORIGIN="http://example-cdn.local"
|
||||
set_config_key "cdn_origin" "$CUSTOM_ORIGIN"
|
||||
|
||||
UPLOAD_JSON_ORIGIN=$(curl -s -X PUT "$UPLOAD_ENDPOINT" \
|
||||
-H "Content-Type: $CONTENT_TYPE" \
|
||||
--data-binary @"$PNG_FILE")
|
||||
|
||||
echo "Response:"
|
||||
echo "$UPLOAD_JSON_ORIGIN"
|
||||
echo "=== Test 4: NIP-94 enabled check test ==="
|
||||
echo "NIP-94 Configuration JSON:"
|
||||
NIP94_CONFIG_JSON=$(sqlite3 "$DB_PATH" "SELECT json_object('nip94_enabled', value) FROM config WHERE key='nip94_enabled';" 2>/dev/null)
|
||||
if [ -n "$NIP94_CONFIG_JSON" ]; then
|
||||
echo " $NIP94_CONFIG_JSON"
|
||||
else
|
||||
echo " {\"nip94_enabled\": null}"
|
||||
fi
|
||||
echo ""
|
||||
|
||||
if json_has_nip94 "$UPLOAD_JSON_ORIGIN"; then
|
||||
URL_FIELD2=$(echo "$UPLOAD_JSON_ORIGIN" | jq -r '.url')
|
||||
TAG_URL2=$(nip94_get_tag "$UPLOAD_JSON_ORIGIN" "url")
|
||||
if [[ "$URL_FIELD2" == $CUSTOM_ORIGIN/* ]] && [[ "$TAG_URL2" == $CUSTOM_ORIGIN/* ]]; then
|
||||
echo "✅ Test 4 PASSED: nip94 url and descriptor url use configured origin"
|
||||
echo -n "Test 4 - NIP-94 enabled check: "
|
||||
nip94_enabled=$(sqlite3 "$DB_PATH" "SELECT value FROM config WHERE key='nip94_enabled';" 2>/dev/null)
|
||||
if [[ "$nip94_enabled" == "true" ]]; then
|
||||
echo "✓ PASS - NIP-94 is enabled"
|
||||
else
|
||||
echo "❌ Test 4 FAILED: origin not applied to urls"
|
||||
echo "✗ FAIL - NIP-94 not enabled (got: '$nip94_enabled')"
|
||||
fi
|
||||
else
|
||||
echo "❌ Test 4 FAILED: Response missing nip94 array"
|
||||
fi
|
||||
|
||||
# Restore default origin
|
||||
set_config_key "cdn_origin" "http://localhost:9001"
|
||||
|
||||
# --- Test 5: PUT /mirror returns nip94 minimal tags (best effort, network dependent)
|
||||
echo ""
|
||||
@@ -211,6 +210,10 @@ MIRROR_JSON=$(curl -s -X PUT "$MIRROR_ENDPOINT" \
|
||||
-H "Content-Type: application/json" \
|
||||
--data "{\"url\":\"$REMOTE_URL\"}")
|
||||
|
||||
echo "Mirror Response JSON:"
|
||||
echo "$MIRROR_JSON" | jq '.' 2>/dev/null || echo "$MIRROR_JSON"
|
||||
echo ""
|
||||
|
||||
HTTP_OK=$(echo "$MIRROR_JSON" | jq -e '.sha256 and .type and .size' >/dev/null 2>&1; echo $?)
|
||||
if [ "$HTTP_OK" = "0" ]; then
|
||||
if json_has_nip94 "$MIRROR_JSON"; then
|
||||
@@ -230,8 +233,7 @@ else
|
||||
echo "ℹ️ Test 5 INFO: mirror request did not return a blob descriptor (network or policy); skipping strict check"
|
||||
fi
|
||||
|
||||
# Cleanup and restore defaults
|
||||
reset_config_defaults
|
||||
# Cleanup
|
||||
rm -rf "$WORKDIR"
|
||||
|
||||
echo ""
|
||||
|
||||
Reference in New Issue
Block a user