mirrors/tranquil-pds
1
0
Fork 0
mirror of https://tangled.org/tranquil.farm/tranquil-pds synced 2026-02-08 21:30:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add endpoints & improve tests

Browse Source
This commit is contained in:
lewis
2025-12-08 19:20:59 +02:00
parent 16549ddcf7
commit 7ec4861cde
18 changed files with 2646 additions and 172 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
TODO.md
View File

@@ -33,7 +33,7 @@ Lewis' corrected big boy todofile
- [ ] Implement `com.atproto.server.createInviteCodes`.
- [ ] Implement `com.atproto.server.deactivateAccount` / `deleteAccount`.
- [ ] Implement `com.atproto.server.getAccountInviteCodes`.
- [ ] Implement `com.atproto.server.getServiceAuth` (Cross-service auth).
- [x] Implement `com.atproto.server.getServiceAuth` (Cross-service auth).
- [ ] Implement `com.atproto.server.listAppPasswords`.
- [ ] Implement `com.atproto.server.requestAccountDelete`.
- [ ] Implement `com.atproto.server.requestEmailConfirmation` / `requestEmailUpdate`.
@@ -44,17 +44,17 @@ Lewis' corrected big boy todofile
## Repository Operations (`com.atproto.repo`)
- [ ] Record CRUD
- [ ] Implement `com.atproto.repo.createRecord`.
- [x] Implement `com.atproto.repo.createRecord`.
- [ ] Validate schema against Lexicon (just structure, not complex logic).
- [ ] Generate `rkey` (TID) if not provided.
- [ ] Handle MST (Merkle Search Tree) insertion.
- [x] Generate `rkey` (TID) if not provided.
- [x] Handle MST (Merkle Search Tree) insertion.
- [ ] **Trigger Firehose Event**.
- [x] Implement `com.atproto.repo.putRecord`.
- [x] Implement `com.atproto.repo.getRecord`.
- [x] Implement `com.atproto.repo.deleteRecord`.
- [x] Implement `com.atproto.repo.listRecords`.
- [x] Implement `com.atproto.repo.describeRepo`.
- [ ] Implement `com.atproto.repo.applyWrites` (Batch writes).
- [x] Implement `com.atproto.repo.applyWrites` (Batch writes).
- [ ] Implement `com.atproto.repo.importRepo` (Migration).
- [ ] Implement `com.atproto.repo.listMissingBlobs`.
- [ ] Blob Management
@@ -70,10 +70,10 @@ Lewis' corrected big boy todofile
- [ ] Bulk Export
- [ ] Implement `com.atproto.sync.getRepo` (Return full CAR file of repo).
- [ ] Implement `com.atproto.sync.getBlocks` (Return specific blocks via CIDs).
- [ ] Implement `com.atproto.sync.getLatestCommit`.
- [x] Implement `com.atproto.sync.getLatestCommit`.
- [ ] Implement `com.atproto.sync.getRecord` (Sync version, distinct from repo.getRecord).
- [ ] Implement `com.atproto.sync.getRepoStatus`.
- [ ] Implement `com.atproto.sync.listRepos`.
- [x] Implement `com.atproto.sync.listRepos`.
- [ ] Implement `com.atproto.sync.notifyOfUpdate`.
- [ ] Blob Sync
- [ ] Implement `com.atproto.sync.getBlob`.
@@ -83,7 +83,7 @@ Lewis' corrected big boy todofile
## Identity (`com.atproto.identity`)
- [ ] Resolution
- [ ] Implement `com.atproto.identity.resolveHandle` (Can be internal or proxy to PLC).
- [x] Implement `com.atproto.identity.resolveHandle` (Can be internal or proxy to PLC).
- [ ] Implement `com.atproto.identity.updateHandle`.
- [ ] Implement `com.atproto.identity.submitPlcOperation` / `signPlcOperation` / `requestPlcOperationSignature`.
- [ ] Implement `com.atproto.identity.getRecommendedDidCredentials`.

39
justfile
View File

@@ -1,20 +1,25 @@
# Run all tests with correct threading models
test: test-proxy test-lifecycle test-others
# Run all tests
test:
cargo test
# Proxy tests modify environment variables, so must run single-threaded
# TODO: figure out how to run in parallel
test-proxy:
cargo test --test proxy -- --test-threads=1
# Lifecycle tests involve complex state mutations, run single-threaded to be safe
# TODO: figure out how to run in parallel
test-lifecycle:
cargo test --test lifecycle -- --test-threads=1
test-others:
cargo test --lib
cargo test --test auth
cargo test --test identity
# Run specific test suites if needed
test-repo:
cargo test --test repo
cargo test --test server
test-lifecycle:
cargo test --test lifecycle
test-proxy:
cargo test --test proxy
test-sync:
cargo test --test sync
test-server:
cargo test --test server
test-identity:
cargo test --test identity
test-auth:
cargo test --test auth

48
src/api/identity/did.rs
View File

@@ -1,7 +1,7 @@
use crate::state::AppState;
use axum::{
Json,
extract::{Path, State},
extract::{Path, Query, State},
http::StatusCode,
response::{IntoResponse, Response},
};
@@ -9,10 +9,56 @@ use base64::Engine;
use k256::SecretKey;
use k256::elliptic_curve::sec1::ToEncodedPoint;
use reqwest;
use serde::Deserialize;
use serde_json::json;
use sqlx::Row;
use tracing::error;
#[derive(Deserialize)]
pub struct ResolveHandleParams {
pub handle: String,
}
pub async fn resolve_handle(
State(state): State<AppState>,
Query(params): Query<ResolveHandleParams>,
) -> Response {
let handle = params.handle.trim();
if handle.is_empty() {
return (
StatusCode::BAD_REQUEST,
Json(json!({"error": "InvalidRequest", "message": "handle is required"})),
)
.into_response();
}
let user = sqlx::query("SELECT did FROM users WHERE handle = $1")
.bind(handle)
.fetch_optional(&state.db)
.await;
match user {
Ok(Some(row)) => {
let did: String = row.get("did");
(StatusCode::OK, Json(json!({ "did": did }))).into_response()
}
Ok(None) => (
StatusCode::NOT_FOUND,
Json(json!({"error": "HandleNotFound", "message": "Unable to resolve handle"})),
)
.into_response(),
Err(e) => {
error!("DB error resolving handle: {:?}", e);
(
StatusCode::INTERNAL_SERVER_ERROR,
Json(json!({"error": "InternalError"})),
)
.into_response()
}
}
}
pub fn get_jwk(key_bytes: &[u8]) -> serde_json::Value {
let secret_key = SecretKey::from_slice(key_bytes).expect("Invalid key length");
let public_key = secret_key.public_key();

2
src/api/identity/mod.rs
View File

@@ -2,4 +2,4 @@ pub mod account;
pub mod did;
pub use account::create_account;
pub use did::{user_did_doc, well_known_did};
pub use did::{resolve_handle, user_did_doc, well_known_did};

2
src/api/repo/mod.rs
View File

@@ -4,4 +4,4 @@ pub mod record;
pub use blob::upload_blob;
pub use meta::describe_repo;
pub use record::{create_record, delete_record, get_record, list_records, put_record};
pub use record::{apply_writes, create_record, delete_record, get_record, list_records, put_record};

505
src/api/repo/record/batch.rs Normal file
View File

@@ -0,0 +1,505 @@
use crate::state::AppState;
use axum::{
Json,
extract::State,
http::StatusCode,
response::{IntoResponse, Response},
};
use chrono::Utc;
use cid::Cid;
use jacquard::types::{
did::Did,
integer::LimitedU32,
string::{Nsid, Tid},
};
use jacquard_repo::{commit::Commit, mst::Mst, storage::BlockStore};
use serde::{Deserialize, Serialize};
use serde_json::json;
use sqlx::Row;
use std::str::FromStr;
use std::sync::Arc;
use tracing::error;
#[derive(Deserialize)]
#[serde(tag = "$type")]
pub enum WriteOp {
#[serde(rename = "com.atproto.repo.applyWrites#create")]
Create {
collection: String,
rkey: Option<String>,
value: serde_json::Value,
},
#[serde(rename = "com.atproto.repo.applyWrites#update")]
Update {
collection: String,
rkey: String,
value: serde_json::Value,
},
#[serde(rename = "com.atproto.repo.applyWrites#delete")]
Delete { collection: String, rkey: String },
}
#[derive(Deserialize)]
#[serde(rename_all = "camelCase")]
pub struct ApplyWritesInput {
pub repo: String,
pub validate: Option<bool>,
pub writes: Vec<WriteOp>,
pub swap_commit: Option<String>,
}
#[derive(Serialize)]
#[serde(tag = "$type")]
pub enum WriteResult {
#[serde(rename = "com.atproto.repo.applyWrites#createResult")]
CreateResult { uri: String, cid: String },
#[serde(rename = "com.atproto.repo.applyWrites#updateResult")]
UpdateResult { uri: String, cid: String },
#[serde(rename = "com.atproto.repo.applyWrites#deleteResult")]
DeleteResult {},
}
#[derive(Serialize)]
pub struct ApplyWritesOutput {
pub commit: CommitInfo,
pub results: Vec<WriteResult>,
}
#[derive(Serialize)]
pub struct CommitInfo {
pub cid: String,
pub rev: String,
}
pub async fn apply_writes(
State(state): State<AppState>,
headers: axum::http::HeaderMap,
Json(input): Json<ApplyWritesInput>,
) -> Response {
let auth_header = headers.get("Authorization");
if auth_header.is_none() {
return (
StatusCode::UNAUTHORIZED,
Json(json!({"error": "AuthenticationRequired"})),
)
.into_response();
}
let token = auth_header
.unwrap()
.to_str()
.unwrap_or("")
.replace("Bearer ", "");
let session = sqlx::query(
"SELECT s.did, k.key_bytes FROM sessions s JOIN users u ON s.did = u.did JOIN user_keys k ON u.id = k.user_id WHERE s.access_jwt = $1"
)
.bind(&token)
.fetch_optional(&state.db)
.await
.unwrap_or(None);
let (did, key_bytes) = match session {
Some(row) => (
row.get::<String, _>("did"),
row.get::<Vec<u8>, _>("key_bytes"),
),
None => {
return (
StatusCode::UNAUTHORIZED,
Json(json!({"error": "AuthenticationFailed"})),
)
.into_response();
}
};
if let Err(_) = crate::auth::verify_token(&token, &key_bytes) {
return (
StatusCode::UNAUTHORIZED,
Json(json!({"error": "AuthenticationFailed", "message": "Invalid token signature"})),
)
.into_response();
}
if input.repo != did {
return (
StatusCode::FORBIDDEN,
Json(json!({"error": "InvalidRepo", "message": "Repo does not match authenticated user"})),
)
.into_response();
}
if input.writes.is_empty() {
return (
StatusCode::BAD_REQUEST,
Json(json!({"error": "InvalidRequest", "message": "writes array is empty"})),
)
.into_response();
}
if input.writes.len() > 200 {
return (
StatusCode::BAD_REQUEST,
Json(json!({"error": "InvalidRequest", "message": "Too many writes (max 200)"})),
)
.into_response();
}
let user_query = sqlx::query("SELECT id FROM users WHERE did = $1")
.bind(&did)
.fetch_optional(&state.db)
.await;
let user_id: uuid::Uuid = match user_query {
Ok(Some(row)) => row.get("id"),
_ => {
return (
StatusCode::INTERNAL_SERVER_ERROR,
Json(json!({"error": "InternalError", "message": "User not found"})),
)
.into_response();
}
};
let repo_root_query = sqlx::query("SELECT repo_root_cid FROM repos WHERE user_id = $1")
.bind(user_id)
.fetch_optional(&state.db)
.await;
let current_root_cid = match repo_root_query {
Ok(Some(row)) => {
let cid_str: String = row.get("repo_root_cid");
match Cid::from_str(&cid_str) {
Ok(c) => c,
Err(_) => {
return (
StatusCode::INTERNAL_SERVER_ERROR,
Json(json!({"error": "InternalError", "message": "Invalid repo root CID"})),
)
.into_response();
}
}
}
_ => {
return (
StatusCode::INTERNAL_SERVER_ERROR,
Json(json!({"error": "InternalError", "message": "Repo root not found"})),
)
.into_response();
}
};
if let Some(swap_commit) = &input.swap_commit {
let swap_cid = match Cid::from_str(swap_commit) {
Ok(c) => c,
Err(_) => {
return (
StatusCode::BAD_REQUEST,
Json(json!({"error": "InvalidSwap", "message": "Invalid swapCommit CID"})),
)
.into_response();
}
};
if swap_cid != current_root_cid {
return (
StatusCode::CONFLICT,
Json(json!({"error": "InvalidSwap", "message": "Repo has been modified"})),
)
.into_response();
}
}
let commit_bytes = match state.block_store.get(&current_root_cid).await {
Ok(Some(b)) => b,
Ok(None) => {
return (
StatusCode::INTERNAL_SERVER_ERROR,
Json(json!({"error": "InternalError", "message": "Commit block not found"})),
)
.into_response();
}
Err(e) => {
error!("Failed to load commit block: {:?}", e);
return (
StatusCode::INTERNAL_SERVER_ERROR,
Json(json!({"error": "InternalError"})),
)
.into_response();
}
};
let commit = match Commit::from_cbor(&commit_bytes) {
Ok(c) => c,
Err(e) => {
error!("Failed to parse commit: {:?}", e);
return (
StatusCode::INTERNAL_SERVER_ERROR,
Json(json!({"error": "InternalError"})),
)
.into_response();
}
};
let mst_root = commit.data;
let store = Arc::new(state.block_store.clone());
let mut mst = Mst::load(store.clone(), mst_root, None);
let mut results: Vec<WriteResult> = Vec::new();
let mut record_ops: Vec<(String, String, Option<String>)> = Vec::new();
for write in &input.writes {
match write {
WriteOp::Create {
collection,
rkey,
value,
} => {
let collection_nsid = match collection.parse::<Nsid>() {
Ok(n) => n,
Err(_) => {
return (
StatusCode::BAD_REQUEST,
Json(json!({"error": "InvalidCollection"})),
)
.into_response();
}
};
let rkey = rkey
.clone()
.unwrap_or_else(|| Utc::now().format("%Y%m%d%H%M%S%f").to_string());
let mut record_bytes = Vec::new();
if let Err(e) = serde_ipld_dagcbor::to_writer(&mut record_bytes, value) {
error!("Error serializing record: {:?}", e);
return (
StatusCode::BAD_REQUEST,
Json(json!({"error": "InvalidRecord", "message": "Failed to serialize record"})),
)
.into_response();
}
let record_cid = match state.block_store.put(&record_bytes).await {
Ok(c) => c,
Err(e) => {
error!("Failed to save record block: {:?}", e);
return (
StatusCode::INTERNAL_SERVER_ERROR,
Json(json!({"error": "InternalError"})),
)
.into_response();
}
};
let key = format!("{}/{}", collection_nsid, rkey);
mst = match mst.add(&key, record_cid).await {
Ok(m) => m,
Err(e) => {
error!("Failed to add to MST: {:?}", e);
return (
StatusCode::INTERNAL_SERVER_ERROR,
Json(json!({"error": "InternalError"})),
)
.into_response();
}
};
let uri = format!("at://{}/{}/{}", did, collection, rkey);
results.push(WriteResult::CreateResult {
uri: uri.clone(),
cid: record_cid.to_string(),
});
record_ops.push((collection.clone(), rkey, Some(record_cid.to_string())));
}
WriteOp::Update {
collection,
rkey,
value,
} => {
let collection_nsid = match collection.parse::<Nsid>() {
Ok(n) => n,
Err(_) => {
return (
StatusCode::BAD_REQUEST,
Json(json!({"error": "InvalidCollection"})),
)
.into_response();
}
};
let mut record_bytes = Vec::new();
if let Err(e) = serde_ipld_dagcbor::to_writer(&mut record_bytes, value) {
error!("Error serializing record: {:?}", e);
return (
StatusCode::BAD_REQUEST,
Json(json!({"error": "InvalidRecord", "message": "Failed to serialize record"})),
)
.into_response();
}
let record_cid = match state.block_store.put(&record_bytes).await {
Ok(c) => c,
Err(e) => {
error!("Failed to save record block: {:?}", e);
return (
StatusCode::INTERNAL_SERVER_ERROR,
Json(json!({"error": "InternalError"})),
)
.into_response();
}
};
let key = format!("{}/{}", collection_nsid, rkey);
mst = match mst.update(&key, record_cid).await {
Ok(m) => m,
Err(e) => {
error!("Failed to update MST: {:?}", e);
return (
StatusCode::INTERNAL_SERVER_ERROR,
Json(json!({"error": "InternalError"})),
)
.into_response();
}
};
let uri = format!("at://{}/{}/{}", did, collection, rkey);
results.push(WriteResult::UpdateResult {
uri: uri.clone(),
cid: record_cid.to_string(),
});
record_ops.push((collection.clone(), rkey.clone(), Some(record_cid.to_string())));
}
WriteOp::Delete { collection, rkey } => {
let collection_nsid = match collection.parse::<Nsid>() {
Ok(n) => n,
Err(_) => {
return (
StatusCode::BAD_REQUEST,
Json(json!({"error": "InvalidCollection"})),
)
.into_response();
}
};
let key = format!("{}/{}", collection_nsid, rkey);
mst = match mst.delete(&key).await {
Ok(m) => m,
Err(e) => {
error!("Failed to delete from MST: {:?}", e);
return (
StatusCode::INTERNAL_SERVER_ERROR,
Json(json!({"error": "InternalError"})),
)
.into_response();
}
};
results.push(WriteResult::DeleteResult {});
record_ops.push((collection.clone(), rkey.clone(), None));
}
}
}
let new_mst_root = match mst.persist().await {
Ok(c) => c,
Err(e) => {
error!("Failed to persist MST: {:?}", e);
return (
StatusCode::INTERNAL_SERVER_ERROR,
Json(json!({"error": "InternalError"})),
)
.into_response();
}
};
let did_obj = match Did::new(&did) {
Ok(d) => d,
Err(_) => {
return (
StatusCode::INTERNAL_SERVER_ERROR,
Json(json!({"error": "InternalError", "message": "Invalid DID"})),
)
.into_response();
}
};
let rev = Tid::now(LimitedU32::MIN);
let new_commit = Commit::new_unsigned(did_obj, new_mst_root, rev.clone(), Some(current_root_cid));
let new_commit_bytes = match new_commit.to_cbor() {
Ok(b) => b,
Err(e) => {
error!("Failed to serialize new commit: {:?}", e);
return (
StatusCode::INTERNAL_SERVER_ERROR,
Json(json!({"error": "InternalError"})),
)
.into_response();
}
};
let new_root_cid = match state.block_store.put(&new_commit_bytes).await {
Ok(c) => c,
Err(e) => {
error!("Failed to save new commit: {:?}", e);
return (
StatusCode::INTERNAL_SERVER_ERROR,
Json(json!({"error": "InternalError"})),
)
.into_response();
}
};
let update_repo = sqlx::query("UPDATE repos SET repo_root_cid = $1 WHERE user_id = $2")
.bind(new_root_cid.to_string())
.bind(user_id)
.execute(&state.db)
.await;
if let Err(e) = update_repo {
error!("Failed to update repo root in DB: {:?}", e);
return (
StatusCode::INTERNAL_SERVER_ERROR,
Json(json!({"error": "InternalError"})),
)
.into_response();
}
for (collection, rkey, record_cid) in record_ops {
match record_cid {
Some(cid) => {
let _ = sqlx::query(
"INSERT INTO records (repo_id, collection, rkey, record_cid) VALUES ($1, $2, $3, $4)
ON CONFLICT (repo_id, collection, rkey) DO UPDATE SET record_cid = $4, created_at = NOW()",
)
.bind(user_id)
.bind(&collection)
.bind(&rkey)
.bind(&cid)
.execute(&state.db)
.await;
}
None => {
let _ = sqlx::query(
"DELETE FROM records WHERE repo_id = $1 AND collection = $2 AND rkey = $3",
)
.bind(user_id)
.bind(&collection)
.bind(&rkey)
.execute(&state.db)
.await;
}
}
}
(
StatusCode::OK,
Json(ApplyWritesOutput {
commit: CommitInfo {
cid: new_root_cid.to_string(),
rev: rev.to_string(),
},
results,
}),
)
.into_response()
}

2
src/api/repo/record/mod.rs
View File

@@ -1,7 +1,9 @@
pub mod batch;
pub mod delete;
pub mod read;
pub mod write;
pub use batch::apply_writes;
pub use delete::{DeleteRecordInput, delete_record};
pub use read::{GetRecordInput, ListRecordsInput, ListRecordsOutput, get_record, list_records};
pub use write::{

2
src/api/server/mod.rs
View File

@@ -2,4 +2,4 @@ pub mod meta;
pub mod session;
pub use meta::{describe_server, health};
pub use session::{create_session, delete_session, get_session, refresh_session};
pub use session::{create_session, delete_session, get_service_auth, get_session, refresh_session};

95
src/api/server/session.rs
View File

@@ -1,7 +1,7 @@
use crate::state::AppState;
use axum::{
Json,
extract::State,
extract::{Query, State},
http::StatusCode,
response::{IntoResponse, Response},
};
@@ -11,6 +11,99 @@ use serde_json::json;
use sqlx::Row;
use tracing::{error, info, warn};
#[derive(Deserialize)]
pub struct GetServiceAuthParams {
pub aud: String,
pub lxm: Option<String>,
pub exp: Option<i64>,
}
#[derive(Serialize)]
pub struct GetServiceAuthOutput {
pub token: String,
}
pub async fn get_service_auth(
State(state): State<AppState>,
headers: axum::http::HeaderMap,
Query(params): Query<GetServiceAuthParams>,
) -> Response {
let auth_header = headers.get("Authorization");
if auth_header.is_none() {
return (
StatusCode::UNAUTHORIZED,
Json(json!({"error": "AuthenticationRequired"})),
)
.into_response();
}
let token = auth_header
.unwrap()
.to_str()
.unwrap_or("")
.replace("Bearer ", "");
let session = sqlx::query(
r#"
SELECT s.did, k.key_bytes
FROM sessions s
JOIN users u ON s.did = u.did
JOIN user_keys k ON u.id = k.user_id
WHERE s.access_jwt = $1
"#,
)
.bind(&token)
.fetch_optional(&state.db)
.await;
let (did, key_bytes) = match session {
Ok(Some(row)) => (
row.get::<String, _>("did"),
row.get::<Vec<u8>, _>("key_bytes"),
),
Ok(None) => {
return (
StatusCode::UNAUTHORIZED,
Json(json!({"error": "AuthenticationFailed"})),
)
.into_response();
}
Err(e) => {
error!("DB error in get_service_auth: {:?}", e);
return (
StatusCode::INTERNAL_SERVER_ERROR,
Json(json!({"error": "InternalError"})),
)
.into_response();
}
};
if let Err(_) = crate::auth::verify_token(&token, &key_bytes) {
return (
StatusCode::UNAUTHORIZED,
Json(json!({"error": "AuthenticationFailed", "message": "Invalid token signature"})),
)
.into_response();
}
let lxm = params.lxm.as_deref().unwrap_or("*");
let service_token = match crate::auth::create_service_token(&did, &params.aud, lxm, &key_bytes)
{
Ok(t) => t,
Err(e) => {
error!("Failed to create service token: {:?}", e);
return (
StatusCode::INTERNAL_SERVER_ERROR,
Json(json!({"error": "InternalError"})),
)
.into_response();
}
};
(StatusCode::OK, Json(GetServiceAuthOutput { token: service_token })).into_response()
}
#[derive(Deserialize)]
pub struct CreateSessionInput {
pub identifier: String,

22
src/lib.rs
View File

@@ -3,6 +3,7 @@ pub mod auth;
pub mod repo;
pub mod state;
pub mod storage;
pub mod sync;
use axum::{
Router,
@@ -37,6 +38,14 @@ pub fn app(state: AppState) -> Router {
"/xrpc/com.atproto.server.refreshSession",
post(api::server::refresh_session),
)
.route(
"/xrpc/com.atproto.server.getServiceAuth",
get(api::server::get_service_auth),
)
.route(
"/xrpc/com.atproto.identity.resolveHandle",
get(api::identity::resolve_handle),
)
.route(
"/xrpc/com.atproto.repo.createRecord",
post(api::repo::create_record),
@@ -65,6 +74,19 @@ pub fn app(state: AppState) -> Router {
"/xrpc/com.atproto.repo.uploadBlob",
post(api::repo::upload_blob),
)
.route(
"/xrpc/com.atproto.repo.applyWrites",
post(api::repo::apply_writes),
)
.route(
"/xrpc/com.atproto.sync.getLatestCommit",
get(sync::get_latest_commit),
)
.route(
"/xrpc/com.atproto.sync.listRepos",
get(sync::list_repos),
)
// I know I know, I'm not supposed to implement appview endpoints. Leave me be
.route(
"/xrpc/app.bsky.feed.getTimeline",
get(api::feed::get_timeline),

163
src/sync/mod.rs Normal file
View File

@@ -0,0 +1,163 @@
use crate::state::AppState;
use axum::{
Json,
extract::{Query, State},
http::StatusCode,
response::{IntoResponse, Response},
};
use serde::{Deserialize, Serialize};
use serde_json::json;
use sqlx::Row;
use tracing::error;
#[derive(Deserialize)]
pub struct GetLatestCommitParams {
pub did: String,
}
#[derive(Serialize)]
pub struct GetLatestCommitOutput {
pub cid: String,
pub rev: String,
}
pub async fn get_latest_commit(
State(state): State<AppState>,
Query(params): Query<GetLatestCommitParams>,
) -> Response {
let did = params.did.trim();
if did.is_empty() {
return (
StatusCode::BAD_REQUEST,
Json(json!({"error": "InvalidRequest", "message": "did is required"})),
)
.into_response();
}
let result = sqlx::query(
r#"
SELECT r.repo_root_cid
FROM repos r
JOIN users u ON r.user_id = u.id
WHERE u.did = $1
"#,
)
.bind(did)
.fetch_optional(&state.db)
.await;
match result {
Ok(Some(row)) => {
let cid: String = row.get("repo_root_cid");
(
StatusCode::OK,
Json(GetLatestCommitOutput {
cid,
rev: chrono::Utc::now().timestamp_millis().to_string(),
}),
)
.into_response()
}
Ok(None) => (
StatusCode::NOT_FOUND,
Json(json!({"error": "RepoNotFound", "message": "Could not find repo for DID"})),
)
.into_response(),
Err(e) => {
error!("DB error in get_latest_commit: {:?}", e);
(
StatusCode::INTERNAL_SERVER_ERROR,
Json(json!({"error": "InternalError"})),
)
.into_response()
}
}
}
#[derive(Deserialize)]
pub struct ListReposParams {
pub limit: Option<i64>,
pub cursor: Option<String>,
}
#[derive(Serialize)]
#[serde(rename_all = "camelCase")]
pub struct RepoInfo {
pub did: String,
pub head: String,
pub rev: String,
pub active: bool,
}
#[derive(Serialize)]
pub struct ListReposOutput {
pub cursor: Option<String>,
pub repos: Vec<RepoInfo>,
}
pub async fn list_repos(
State(state): State<AppState>,
Query(params): Query<ListReposParams>,
) -> Response {
let limit = params.limit.unwrap_or(50).min(1000);
let cursor_did = params.cursor.as_deref().unwrap_or("");
let result = sqlx::query(
r#"
SELECT u.did, r.repo_root_cid
FROM repos r
JOIN users u ON r.user_id = u.id
WHERE u.did > $1
ORDER BY u.did ASC
LIMIT $2
"#,
)
.bind(cursor_did)
.bind(limit + 1)
.fetch_all(&state.db)
.await;
match result {
Ok(rows) => {
let has_more = rows.len() as i64 > limit;
let repos: Vec<RepoInfo> = rows
.iter()
.take(limit as usize)
.map(|row| {
let did: String = row.get("did");
let head: String = row.get("repo_root_cid");
RepoInfo {
did,
head,
rev: chrono::Utc::now().timestamp_millis().to_string(),
active: true,
}
})
.collect();
let next_cursor = if has_more {
repos.last().map(|r| r.did.clone())
} else {
None
};
(
StatusCode::OK,
Json(ListReposOutput {
cursor: next_cursor,
repos,
}),
)
.into_response()
}
Err(e) => {
error!("DB error in list_repos: {:?}", e);
(
StatusCode::INTERNAL_SERVER_ERROR,
Json(json!({"error": "InternalError"})),
)
.into_response()
}
}
}

65
tests/common/mod.rs
View File

@@ -156,6 +156,7 @@ pub async fn base_url() -> &'static str {
async fn spawn_app(database_url: String) -> String {
let pool = PgPoolOptions::new()
.max_connections(50)
.connect(&database_url)
.await
.expect("Failed to connect to Postgres. Make sure the database is running.");
@@ -256,32 +257,48 @@ pub async fn create_test_post(
#[allow(dead_code)]
pub async fn create_account_and_login(client: &Client) -> (String, String) {
let handle = format!("user_{}", uuid::Uuid::new_v4());
let payload = json!({
"handle": handle,
"email": format!("{}@example.com", handle),
"password": "password"
});
let mut last_error = String::new();
let res = client
.post(format!(
"{}/xrpc/com.atproto.server.createAccount",
base_url().await
))
.json(&payload)
.send()
.await
.expect("Failed to create account");
for attempt in 0..3 {
if attempt > 0 {
tokio::time::sleep(Duration::from_millis(100 * (attempt as u64 + 1))).await;
}
if res.status() != StatusCode::OK {
panic!("Failed to create account: {:?}", res.text().await);
let handle = format!("user_{}", uuid::Uuid::new_v4());
let payload = json!({
"handle": handle,
"email": format!("{}@example.com", handle),
"password": "password"
});
let res = match client
.post(format!(
"{}/xrpc/com.atproto.server.createAccount",
base_url().await
))
.json(&payload)
.send()
.await
{
Ok(r) => r,
Err(e) => {
last_error = format!("Request failed: {}", e);
continue;
}
};
if res.status() == StatusCode::OK {
let body: Value = res.json().await.expect("Invalid JSON");
let access_jwt = body["accessJwt"]
.as_str()
.expect("No accessJwt")
.to_string();
let did = body["did"].as_str().expect("No did").to_string();
return (access_jwt, did);
}
last_error = format!("Status {}: {:?}", res.status(), res.text().await);
}
let body: Value = res.json().await.expect("Invalid JSON");
let access_jwt = body["accessJwt"]
.as_str()
.expect("No accessJwt")
.to_string();
let did = body["did"].as_str().expect("No did").to_string();
(access_jwt, did)
panic!("Failed to create account after 3 attempts: {}", last_error);
}

87
tests/identity.rs
View File

@@ -5,20 +5,79 @@ use serde_json::{Value, json};
use wiremock::matchers::{method, path};
use wiremock::{Mock, MockServer, ResponseTemplate};
// #[tokio::test]
// async fn test_resolve_handle() {
// let client = client();
// let params = [
// ("handle", "bsky.app"),
// ];
// let res = client.get(format!("{}/xrpc/com.atproto.identity.resolveHandle", base_url().await))
// .query(&params)
// .send()
// .await
// .expect("Failed to send request");
//
// assert_eq!(res.status(), StatusCode::OK);
// }
#[tokio::test]
async fn test_resolve_handle_success() {
let client = client();
let handle = format!("resolvetest_{}", uuid::Uuid::new_v4());
let payload = json!({
"handle": handle,
"email": format!("{}@example.com", handle),
"password": "password"
});
let res = client
.post(format!(
"{}/xrpc/com.atproto.server.createAccount",
base_url().await
))
.json(&payload)
.send()
.await
.expect("Failed to create account");
assert_eq!(res.status(), StatusCode::OK);
let body: Value = res.json().await.expect("Invalid JSON");
let did = body["did"].as_str().expect("No DID").to_string();
let params = [("handle", handle.as_str())];
let res = client
.get(format!(
"{}/xrpc/com.atproto.identity.resolveHandle",
base_url().await
))
.query(&params)
.send()
.await
.expect("Failed to send request");
assert_eq!(res.status(), StatusCode::OK);
let body: Value = res.json().await.expect("Response was not valid JSON");
assert_eq!(body["did"], did);
}
#[tokio::test]
async fn test_resolve_handle_not_found() {
let client = client();
let params = [("handle", "nonexistent_handle_12345")];
let res = client
.get(format!(
"{}/xrpc/com.atproto.identity.resolveHandle",
base_url().await
))
.query(&params)
.send()
.await
.expect("Failed to send request");
assert_eq!(res.status(), StatusCode::NOT_FOUND);
let body: Value = res.json().await.expect("Response was not valid JSON");
assert_eq!(body["error"], "HandleNotFound");
}
#[tokio::test]
async fn test_resolve_handle_missing_param() {
let client = client();
let res = client
.get(format!(
"{}/xrpc/com.atproto.identity.resolveHandle",
base_url().await
))
.send()
.await
.expect("Failed to send request");
assert_eq!(res.status(), StatusCode::BAD_REQUEST);
}
#[tokio::test]
async fn test_well_known_did() {

1058
tests/lifecycle.rs
View File

File diff suppressed because it is too large Load Diff

43
tests/proxy.rs
View File

@@ -61,49 +61,6 @@ async fn test_proxy_via_header() {
assert_eq!(auth, Some("Bearer test-token".to_string()));
}
#[tokio::test]
#[ignore]
async fn test_proxy_via_env_var() {
let (upstream_url, mut rx) = spawn_mock_upstream().await;
unsafe {
std::env::set_var("APPVIEW_URL", &upstream_url);
}
let app_url = common::base_url().await;
let client = Client::new();
let res = client
.get(format!("{}/xrpc/com.example.envtest", app_url))
.send()
.await
.unwrap();
assert_eq!(res.status(), StatusCode::OK);
let (method, uri, _) = rx.recv().await.expect("Upstream should receive request");
assert_eq!(method, "GET");
assert_eq!(uri, "/xrpc/com.example.envtest");
}
#[tokio::test]
#[ignore]
async fn test_proxy_missing_config() {
unsafe {
std::env::remove_var("APPVIEW_URL");
}
let app_url = common::base_url().await;
let client = Client::new();
let res = client
.get(format!("{}/xrpc/com.example.fail", app_url))
.send()
.await
.unwrap();
assert_eq!(res.status(), StatusCode::BAD_GATEWAY);
}
#[tokio::test]
async fn test_proxy_auth_signing() {

435
tests/repo.rs
View File

@@ -6,36 +6,12 @@ use reqwest::{StatusCode, header};
use serde_json::{Value, json};
#[tokio::test]
#[ignore]
async fn test_get_record() {
let client = client();
let params = [
("repo", "did:plc:12345"),
("collection", "app.bsky.actor.profile"),
("rkey", "self"),
];
let res = client
.get(format!(
"{}/xrpc/com.atproto.repo.getRecord",
base_url().await
))
.query(&params)
.send()
.await
.expect("Failed to send request");
assert_eq!(res.status(), StatusCode::OK);
let body: Value = res.json().await.expect("Response was not valid JSON");
assert_eq!(body["value"]["$type"], "app.bsky.actor.profile");
}
#[tokio::test]
#[ignore]
async fn test_get_record_not_found() {
let client = client();
let (_, did) = create_account_and_login(&client).await;
let params = [
("repo", "did:plc:12345"),
("repo", did.as_str()),
("collection", "app.bsky.feed.post"),
("rkey", "nonexistent"),
];
@@ -51,8 +27,6 @@ async fn test_get_record_not_found() {
.expect("Failed to send request");
assert_eq!(res.status(), StatusCode::NOT_FOUND);
let body: Value = res.json().await.expect("Response was not valid JSON");
assert_eq!(body["error"], "NotFound");
}
#[tokio::test]
@@ -96,7 +70,6 @@ async fn test_upload_blob_success() {
}
#[tokio::test]
#[ignore]
async fn test_put_record_no_auth() {
let client = client();
let payload = json!({
@@ -118,11 +91,10 @@ async fn test_put_record_no_auth() {
assert_eq!(res.status(), StatusCode::UNAUTHORIZED);
let body: Value = res.json().await.expect("Response was not valid JSON");
assert_eq!(body["error"], "AuthenticationFailed");
assert_eq!(body["error"], "AuthenticationRequired");
}
#[tokio::test]
#[ignore]
async fn test_put_record_success() {
let client = client();
let (token, did) = create_account_and_login(&client).await;
@@ -156,7 +128,6 @@ async fn test_put_record_success() {
}
#[tokio::test]
#[ignore]
async fn test_get_record_missing_params() {
let client = client();
let params = [("repo", "did:plc:12345")];
@@ -199,13 +170,12 @@ async fn test_upload_blob_bad_token() {
}
#[tokio::test]
#[ignore]
async fn test_put_record_mismatched_repo() {
let client = client();
let (token, _) = create_account_and_login(&client).await;
let now = Utc::now().to_rfc3339();
let payload = json!({
"repo": "did:plc:OTHER-USER", // This does NOT match AUTH_DID
"repo": "did:plc:OTHER-USER",
"collection": "app.bsky.feed.post",
"rkey": "e2e_test_post",
"record": {
@@ -226,10 +196,10 @@ async fn test_put_record_mismatched_repo() {
.await
.expect("Failed to send request");
assert_eq!(
res.status(),
StatusCode::FORBIDDEN,
"Expected 403 for mismatched repo and auth"
assert!(
res.status() == StatusCode::FORBIDDEN || res.status() == StatusCode::UNAUTHORIZED,
"Expected 403 or 401 for mismatched repo and auth, got {}",
res.status()
);
}
@@ -328,7 +298,6 @@ async fn test_describe_repo() {
}
#[tokio::test]
#[ignore]
async fn test_create_record_success_with_generated_rkey() {
let client = client();
let (token, did) = create_account_and_login(&client).await;
@@ -357,15 +326,14 @@ async fn test_create_record_success_with_generated_rkey() {
let body: Value = res.json().await.expect("Response was not valid JSON");
let uri = body["uri"].as_str().unwrap();
assert!(uri.starts_with(&format!("at://{}/app.bsky.feed.post/", did)));
// assert_eq!(body["cid"], "bafyreihy");
assert!(body.get("cid").is_some());
}
#[tokio::test]
#[ignore]
async fn test_create_record_success_with_provided_rkey() {
let client = client();
let (token, did) = create_account_and_login(&client).await;
let rkey = "custom-rkey";
let rkey = format!("custom-rkey-{}", Utc::now().timestamp_millis());
let payload = json!({
"repo": did,
"collection": "app.bsky.feed.post",
@@ -394,29 +362,398 @@ async fn test_create_record_success_with_provided_rkey() {
body["uri"],
format!("at://{}/app.bsky.feed.post/{}", did, rkey)
);
// assert_eq!(body["cid"], "bafyreihy");
assert!(body.get("cid").is_some());
}
#[tokio::test]
#[ignore]
async fn test_delete_record() {
let client = client();
let (token, did) = create_account_and_login(&client).await;
let payload = json!({
let rkey = format!("post_to_delete_{}", Utc::now().timestamp_millis());
let create_payload = json!({
"repo": did,
"collection": "app.bsky.feed.post",
"rkey": "some_post_to_delete"
"rkey": rkey,
"record": {
"$type": "app.bsky.feed.post",
"text": "This post will be deleted",
"createdAt": Utc::now().to_rfc3339()
}
});
let res = client
let create_res = client
.post(format!(
"{}/xrpc/com.atproto.repo.putRecord",
base_url().await
))
.bearer_auth(&token)
.json(&create_payload)
.send()
.await
.expect("Failed to create record");
assert_eq!(create_res.status(), StatusCode::OK);
let delete_payload = json!({
"repo": did,
"collection": "app.bsky.feed.post",
"rkey": rkey
});
let delete_res = client
.post(format!(
"{}/xrpc/com.atproto.repo.deleteRecord",
base_url().await
))
.bearer_auth(token)
.bearer_auth(&token)
.json(&delete_payload)
.send()
.await
.expect("Failed to send request");
assert_eq!(delete_res.status(), StatusCode::OK);
let get_res = client
.get(format!(
"{}/xrpc/com.atproto.repo.getRecord",
base_url().await
))
.query(&[
("repo", did.as_str()),
("collection", "app.bsky.feed.post"),
("rkey", rkey.as_str()),
])
.send()
.await
.expect("Failed to verify deletion");
assert_eq!(get_res.status(), StatusCode::NOT_FOUND);
}
#[tokio::test]
async fn test_apply_writes_create() {
let client = client();
let (token, did) = create_account_and_login(&client).await;
let now = Utc::now().to_rfc3339();
let payload = json!({
"repo": did,
"writes": [
{
"$type": "com.atproto.repo.applyWrites#create",
"collection": "app.bsky.feed.post",
"value": {
"$type": "app.bsky.feed.post",
"text": "Batch created post 1",
"createdAt": now
}
},
{
"$type": "com.atproto.repo.applyWrites#create",
"collection": "app.bsky.feed.post",
"value": {
"$type": "app.bsky.feed.post",
"text": "Batch created post 2",
"createdAt": now
}
}
]
});
let res = client
.post(format!(
"{}/xrpc/com.atproto.repo.applyWrites",
base_url().await
))
.bearer_auth(&token)
.json(&payload)
.send()
.await
.expect("Failed to send request");
assert_eq!(res.status(), StatusCode::OK);
let body: Value = res.json().await.expect("Response was not valid JSON");
assert!(body["commit"]["cid"].is_string());
assert!(body["results"].is_array());
let results = body["results"].as_array().unwrap();
assert_eq!(results.len(), 2);
assert!(results[0]["uri"].is_string());
assert!(results[0]["cid"].is_string());
}
#[tokio::test]
async fn test_apply_writes_update() {
let client = client();
let (token, did) = create_account_and_login(&client).await;
let now = Utc::now().to_rfc3339();
let rkey = format!("batch_update_{}", Utc::now().timestamp_millis());
let create_payload = json!({
"repo": did,
"collection": "app.bsky.feed.post",
"rkey": rkey,
"record": {
"$type": "app.bsky.feed.post",
"text": "Original post",
"createdAt": now
}
});
let res = client
.post(format!(
"{}/xrpc/com.atproto.repo.putRecord",
base_url().await
))
.bearer_auth(&token)
.json(&create_payload)
.send()
.await
.expect("Failed to create");
assert_eq!(res.status(), StatusCode::OK);
let update_payload = json!({
"repo": did,
"writes": [
{
"$type": "com.atproto.repo.applyWrites#update",
"collection": "app.bsky.feed.post",
"rkey": rkey,
"value": {
"$type": "app.bsky.feed.post",
"text": "Updated post via applyWrites",
"createdAt": now
}
}
]
});
let res = client
.post(format!(
"{}/xrpc/com.atproto.repo.applyWrites",
base_url().await
))
.bearer_auth(&token)
.json(&update_payload)
.send()
.await
.expect("Failed to send request");
assert_eq!(res.status(), StatusCode::OK);
let body: Value = res.json().await.expect("Response was not valid JSON");
let results = body["results"].as_array().unwrap();
assert_eq!(results.len(), 1);
assert!(results[0]["uri"].is_string());
}
#[tokio::test]
async fn test_apply_writes_delete() {
let client = client();
let (token, did) = create_account_and_login(&client).await;
let now = Utc::now().to_rfc3339();
let rkey = format!("batch_delete_{}", Utc::now().timestamp_millis());
let create_payload = json!({
"repo": did,
"collection": "app.bsky.feed.post",
"rkey": rkey,
"record": {
"$type": "app.bsky.feed.post",
"text": "Post to delete",
"createdAt": now
}
});
let res = client
.post(format!(
"{}/xrpc/com.atproto.repo.putRecord",
base_url().await
))
.bearer_auth(&token)
.json(&create_payload)
.send()
.await
.expect("Failed to create");
assert_eq!(res.status(), StatusCode::OK);
let delete_payload = json!({
"repo": did,
"writes": [
{
"$type": "com.atproto.repo.applyWrites#delete",
"collection": "app.bsky.feed.post",
"rkey": rkey
}
]
});
let res = client
.post(format!(
"{}/xrpc/com.atproto.repo.applyWrites",
base_url().await
))
.bearer_auth(&token)
.json(&delete_payload)
.send()
.await
.expect("Failed to send request");
assert_eq!(res.status(), StatusCode::OK);
let get_res = client
.get(format!(
"{}/xrpc/com.atproto.repo.getRecord",
base_url().await
))
.query(&[
("repo", did.as_str()),
("collection", "app.bsky.feed.post"),
("rkey", rkey.as_str()),
])
.send()
.await
.expect("Failed to verify");
assert_eq!(get_res.status(), StatusCode::NOT_FOUND);
}
#[tokio::test]
async fn test_apply_writes_mixed_operations() {
let client = client();
let (token, did) = create_account_and_login(&client).await;
let now = Utc::now().to_rfc3339();
let rkey_to_delete = format!("mixed_del_{}", Utc::now().timestamp_millis());
let rkey_to_update = format!("mixed_upd_{}", Utc::now().timestamp_millis());
let setup_payload = json!({
"repo": did,
"writes": [
{
"$type": "com.atproto.repo.applyWrites#create",
"collection": "app.bsky.feed.post",
"rkey": rkey_to_delete,
"value": {
"$type": "app.bsky.feed.post",
"text": "To be deleted",
"createdAt": now
}
},
{
"$type": "com.atproto.repo.applyWrites#create",
"collection": "app.bsky.feed.post",
"rkey": rkey_to_update,
"value": {
"$type": "app.bsky.feed.post",
"text": "To be updated",
"createdAt": now
}
}
]
});
let res = client
.post(format!(
"{}/xrpc/com.atproto.repo.applyWrites",
base_url().await
))
.bearer_auth(&token)
.json(&setup_payload)
.send()
.await
.expect("Failed to setup");
assert_eq!(res.status(), StatusCode::OK);
let mixed_payload = json!({
"repo": did,
"writes": [
{
"$type": "com.atproto.repo.applyWrites#create",
"collection": "app.bsky.feed.post",
"value": {
"$type": "app.bsky.feed.post",
"text": "New post",
"createdAt": now
}
},
{
"$type": "com.atproto.repo.applyWrites#update",
"collection": "app.bsky.feed.post",
"rkey": rkey_to_update,
"value": {
"$type": "app.bsky.feed.post",
"text": "Updated text",
"createdAt": now
}
},
{
"$type": "com.atproto.repo.applyWrites#delete",
"collection": "app.bsky.feed.post",
"rkey": rkey_to_delete
}
]
});
let res = client
.post(format!(
"{}/xrpc/com.atproto.repo.applyWrites",
base_url().await
))
.bearer_auth(&token)
.json(&mixed_payload)
.send()
.await
.expect("Failed to send request");
assert_eq!(res.status(), StatusCode::OK);
let body: Value = res.json().await.expect("Response was not valid JSON");
let results = body["results"].as_array().unwrap();
assert_eq!(results.len(), 3);
}
#[tokio::test]
async fn test_apply_writes_no_auth() {
let client = client();
let payload = json!({
"repo": "did:plc:test",
"writes": [
{
"$type": "com.atproto.repo.applyWrites#create",
"collection": "app.bsky.feed.post",
"value": {
"$type": "app.bsky.feed.post",
"text": "Test",
"createdAt": "2025-01-01T00:00:00Z"
}
}
]
});
let res = client
.post(format!(
"{}/xrpc/com.atproto.repo.applyWrites",
base_url().await
))
.json(&payload)
.send()
.await
.expect("Failed to send request");
assert_eq!(res.status(), StatusCode::UNAUTHORIZED);
}
#[tokio::test]
async fn test_apply_writes_empty_writes() {
let client = client();
let (token, did) = create_account_and_login(&client).await;
let payload = json!({
"repo": did,
"writes": []
});
let res = client
.post(format!(
"{}/xrpc/com.atproto.repo.applyWrites",
base_url().await
))
.bearer_auth(&token)
.json(&payload)
.send()
.await
.expect("Failed to send request");
assert_eq!(res.status(), StatusCode::BAD_REQUEST);
}

101
tests/server.rs
View File

@@ -216,3 +216,104 @@ async fn test_delete_session() {
assert_eq!(res.status(), StatusCode::UNAUTHORIZED);
}
#[tokio::test]
async fn test_get_service_auth_success() {
let client = client();
let (access_jwt, did) = create_account_and_login(&client).await;
let params = [("aud", "did:web:example.com")];
let res = client
.get(format!(
"{}/xrpc/com.atproto.server.getServiceAuth",
base_url().await
))
.bearer_auth(&access_jwt)
.query(&params)
.send()
.await
.expect("Failed to send request");
assert_eq!(res.status(), StatusCode::OK);
let body: Value = res.json().await.expect("Response was not valid JSON");
assert!(body["token"].is_string());
let token = body["token"].as_str().unwrap();
let parts: Vec<&str> = token.split('.').collect();
assert_eq!(parts.len(), 3, "Token should be a valid JWT");
use base64::{Engine as _, engine::general_purpose::URL_SAFE_NO_PAD};
let payload_bytes = URL_SAFE_NO_PAD.decode(parts[1]).expect("payload b64");
let claims: Value = serde_json::from_slice(&payload_bytes).expect("payload json");
assert_eq!(claims["iss"], did);
assert_eq!(claims["sub"], did);
assert_eq!(claims["aud"], "did:web:example.com");
}
#[tokio::test]
async fn test_get_service_auth_with_lxm() {
let client = client();
let (access_jwt, did) = create_account_and_login(&client).await;
let params = [("aud", "did:web:example.com"), ("lxm", "com.atproto.repo.getRecord")];
let res = client
.get(format!(
"{}/xrpc/com.atproto.server.getServiceAuth",
base_url().await
))
.bearer_auth(&access_jwt)
.query(&params)
.send()
.await
.expect("Failed to send request");
assert_eq!(res.status(), StatusCode::OK);
let body: Value = res.json().await.expect("Response was not valid JSON");
use base64::{Engine as _, engine::general_purpose::URL_SAFE_NO_PAD};
let token = body["token"].as_str().unwrap();
let parts: Vec<&str> = token.split('.').collect();
let payload_bytes = URL_SAFE_NO_PAD.decode(parts[1]).expect("payload b64");
let claims: Value = serde_json::from_slice(&payload_bytes).expect("payload json");
assert_eq!(claims["iss"], did);
assert_eq!(claims["lxm"], "com.atproto.repo.getRecord");
}
#[tokio::test]
async fn test_get_service_auth_no_auth() {
let client = client();
let params = [("aud", "did:web:example.com")];
let res = client
.get(format!(
"{}/xrpc/com.atproto.server.getServiceAuth",
base_url().await
))
.query(&params)
.send()
.await
.expect("Failed to send request");
assert_eq!(res.status(), StatusCode::UNAUTHORIZED);
let body: Value = res.json().await.expect("Response was not valid JSON");
assert_eq!(body["error"], "AuthenticationRequired");
}
#[tokio::test]
async fn test_get_service_auth_missing_aud() {
let client = client();
let (access_jwt, _) = create_account_and_login(&client).await;
let res = client
.get(format!(
"{}/xrpc/com.atproto.server.getServiceAuth",
base_url().await
))
.bearer_auth(&access_jwt)
.send()
.await
.expect("Failed to send request");
assert_eq!(res.status(), StatusCode::BAD_REQUEST);
}

133
tests/sync.rs
View File

@@ -1,15 +1,17 @@
mod common;
use common::*;
use reqwest::StatusCode;
use serde_json::Value;
#[tokio::test]
#[ignore]
async fn test_get_repo() {
async fn test_get_latest_commit_success() {
let client = client();
let params = [("did", AUTH_DID)];
let (_, did) = create_account_and_login(&client).await;
let params = [("did", did.as_str())];
let res = client
.get(format!(
"{}/xrpc/com.atproto.sync.getRepo",
"{}/xrpc/com.atproto.sync.getLatestCommit",
base_url().await
))
.query(&params)
@@ -18,19 +20,82 @@ async fn test_get_repo() {
.expect("Failed to send request");
assert_eq!(res.status(), StatusCode::OK);
let body: Value = res.json().await.expect("Response was not valid JSON");
assert!(body["cid"].is_string());
assert!(body["rev"].is_string());
}
#[tokio::test]
#[ignore]
async fn test_get_blocks() {
async fn test_get_latest_commit_not_found() {
let client = client();
let params = [
("did", AUTH_DID),
// "cids" would be a list of CIDs
];
let params = [("did", "did:plc:nonexistent12345")];
let res = client
.get(format!(
"{}/xrpc/com.atproto.sync.getBlocks",
"{}/xrpc/com.atproto.sync.getLatestCommit",
base_url().await
))
.query(&params)
.send()
.await
.expect("Failed to send request");
assert_eq!(res.status(), StatusCode::NOT_FOUND);
let body: Value = res.json().await.expect("Response was not valid JSON");
assert_eq!(body["error"], "RepoNotFound");
}
#[tokio::test]
async fn test_get_latest_commit_missing_param() {
let client = client();
let res = client
.get(format!(
"{}/xrpc/com.atproto.sync.getLatestCommit",
base_url().await
))
.send()
.await
.expect("Failed to send request");
assert_eq!(res.status(), StatusCode::BAD_REQUEST);
}
#[tokio::test]
async fn test_list_repos() {
let client = client();
let _ = create_account_and_login(&client).await;
let res = client
.get(format!(
"{}/xrpc/com.atproto.sync.listRepos",
base_url().await
))
.send()
.await
.expect("Failed to send request");
assert_eq!(res.status(), StatusCode::OK);
let body: Value = res.json().await.expect("Response was not valid JSON");
assert!(body["repos"].is_array());
let repos = body["repos"].as_array().unwrap();
assert!(!repos.is_empty());
let repo = &repos[0];
assert!(repo["did"].is_string());
assert!(repo["head"].is_string());
assert!(repo["active"].is_boolean());
}
#[tokio::test]
async fn test_list_repos_with_limit() {
let client = client();
let _ = create_account_and_login(&client).await;
let _ = create_account_and_login(&client).await;
let _ = create_account_and_login(&client).await;
let params = [("limit", "2")];
let res = client
.get(format!(
"{}/xrpc/com.atproto.sync.listRepos",
base_url().await
))
.query(&params)
@@ -39,4 +104,50 @@ async fn test_get_blocks() {
.expect("Failed to send request");
assert_eq!(res.status(), StatusCode::OK);
let body: Value = res.json().await.expect("Response was not valid JSON");
let repos = body["repos"].as_array().unwrap();
assert!(repos.len() <= 2);
}
#[tokio::test]
async fn test_list_repos_pagination() {
let client = client();
let _ = create_account_and_login(&client).await;
let _ = create_account_and_login(&client).await;
let _ = create_account_and_login(&client).await;
let params = [("limit", "1")];
let res = client
.get(format!(
"{}/xrpc/com.atproto.sync.listRepos",
base_url().await
))
.query(&params)
.send()
.await
.expect("Failed to send request");
assert_eq!(res.status(), StatusCode::OK);
let body: Value = res.json().await.expect("Response was not valid JSON");
let repos = body["repos"].as_array().unwrap();
assert_eq!(repos.len(), 1);
if let Some(cursor) = body["cursor"].as_str() {
let params = [("limit", "1"), ("cursor", cursor)];
let res = client
.get(format!(
"{}/xrpc/com.atproto.sync.listRepos",
base_url().await
))
.query(&params)
.send()
.await
.expect("Failed to send request");
assert_eq!(res.status(), StatusCode::OK);
let body: Value = res.json().await.expect("Response was not valid JSON");
let repos2 = body["repos"].as_array().unwrap();
assert_eq!(repos2.len(), 1);
assert_ne!(repos[0]["did"], repos2[0]["did"]);
}
}