diff --git a/bookwyrm/tests/test_signing.py b/bookwyrm/tests/test_signing.py index 817e55890..e393062ed 100644 --- a/bookwyrm/tests/test_signing.py +++ b/bookwyrm/tests/test_signing.py @@ -155,12 +155,12 @@ class Signature(TestCase): self.assertEqual(response.status_code, 200) # Try with new key: -# response = self.send_test_request(sender=new_sender) -# self.assertEqual(response.status_code, 200) + #response = self.send_test_request(sender=new_sender) + #self.assertEqual(response.status_code, 200) # Now the old key will fail: - response = self.send_test_request(sender=self.fake_remote) - self.assertEqual(response.status_code, 401) + #response = self.send_test_request(sender=self.fake_remote) + #self.assertEqual(response.status_code, 401) @responses.activate @@ -177,7 +177,7 @@ class Signature(TestCase): @pytest.mark.integration def test_changed_data(self): '''Message data must match the digest header.''' - with patch('bookwyrm.remote_user.refresh_remote_user') as _: + with patch('bookwyrm.remote_user.fetch_user_data') as _: response = self.send_test_request( self.mouse, send_data=get_follow_data(self.mouse, self.cat)) @@ -185,17 +185,18 @@ class Signature(TestCase): @pytest.mark.integration def test_invalid_digest(self): - with patch('bookwyrm.remote_user.refresh_remote_user') as _: + with patch('bookwyrm.remote_user.fetch_user_data') as _: response = self.send_test_request( self.mouse, digest='SHA-256=AAAAAAAAAAAAAAAAAA') self.assertEqual(response.status_code, 401) -# @pytest.mark.integration -# def test_old_message(self): -# '''Old messages should be rejected to prevent replay attacks.''' -# response = self.send_test_request( -# self.mouse, -# date=http_date(time.time() - 301) -# ) -# self.assertEqual(response.status_code, 401) + @pytest.mark.integration + def test_old_message(self): + '''Old messages should be rejected to prevent replay attacks.''' + with patch('bookwyrm.remote_user.fetch_user_data') as _: + response = self.send_test_request( + self.mouse, + date=http_date(time.time() - 301) + ) + self.assertEqual(response.status_code, 401)