[feature] Push notifications (#3587)

* Update push subscription API model to be Mastodon 4.0 compatible * Add webpush-go dependency # Conflicts: # go.sum * Single-row table for storing instance's VAPID key pair * Generate VAPID key pair during startup * Add VAPID public key to instance info API * Return VAPID public key when registering an app * Store Web Push subscriptions in DB * Add Web Push sender (similar to email sender) * Add no-op push senders to most processor tests * Test Web Push notifications from workers * Delete Web Push subscriptions when account is deleted * Implement push subscription API * Linter fixes * Update Swagger * Fix enum to int migration * Fix GetVAPIDKeyPair * Create web push subscriptions table with indexes * Log Web Push server error messages * Send instance URL as Web Push JWT subject * Accept any 2xx code as a success * Fix malformed VAPID sub claim * Use packed notification flags * Remove unused date columns * Add notification type for update notifications Not used yet * Make GetVAPIDKeyPair idempotent and remove PutVAPIDKeyPair * Post-rebase fixes * go mod tidy * Special-case 400 errors other than 408/429 Most client errors should remove the subscription. * Improve titles, trim body to reasonable length * Disallow cleartext HTTP for Web Push servers * Fix lint * Remove redundant index on unique column Also removes redundant unique and notnull tags on ID column since these are implied by pk * Make realsender.go more readable * Use Tobi's style for wrapping errors * Restore treating all 5xx codes as temporary problems * Always load target account settings * Stub `policy` and `standard` * webpush.Sender: take type converter as ctor param * Move webpush.MockSender and noopSender into testrig
2025-10-31 14:42:26 -05:00 · 2025-01-23 16:47:30 -08:00 · 2025-01-23 16:47:30 -08:00 · 5b765d734e
commit 5b765d734e
parent 9333bbc4d0
134 changed files with 21525 additions and 125 deletions
--- a/internal/api/client/push/pushsubscriptionget_test.go
+++ b/internal/api/client/push/pushsubscriptionget_test.go
@ -0,0 +1,102 @@
+// GoToSocial
+// Copyright (C) GoToSocial Authors admin@gotosocial.org
+// SPDX-License-Identifier: AGPL-3.0-or-later
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+package push_test
+
+import (
+	"encoding/json"
+	"fmt"
+	"io"
+	"net/http"
+	"net/http/httptest"
+
+	"github.com/superseriousbusiness/gotosocial/internal/api/client/push"
+	apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model"
+	"github.com/superseriousbusiness/gotosocial/internal/config"
+	"github.com/superseriousbusiness/gotosocial/internal/oauth"
+	"github.com/superseriousbusiness/gotosocial/testrig"
+)
+
+// getSubscription gets the push subscription for the named account and token.
+func (suite *PushTestSuite) getSubscription(
+	accountFixtureName string,
+	tokenFixtureName string,
+	expectedHTTPStatus int,
+) (*apimodel.WebPushSubscription, error) {
+	// instantiate recorder + test context
+	recorder := httptest.NewRecorder()
+	ctx, _ := testrig.CreateGinTestContext(recorder, nil)
+	ctx.Set(oauth.SessionAuthorizedAccount, suite.testAccounts[accountFixtureName])
+	ctx.Set(oauth.SessionAuthorizedToken, oauth.DBTokenToToken(suite.testTokens[tokenFixtureName]))
+	ctx.Set(oauth.SessionAuthorizedApplication, suite.testApplications["application_1"])
+	ctx.Set(oauth.SessionAuthorizedUser, suite.testUsers[accountFixtureName])
+
+	// create the request
+	requestUrl := config.GetProtocol() + "://" + config.GetHost() + "/api" + push.SubscriptionPath
+	ctx.Request = httptest.NewRequest(http.MethodGet, requestUrl, nil)
+	ctx.Request.Header.Set("accept", "application/json")
+
+	// trigger the handler
+	suite.pushModule.PushSubscriptionGETHandler(ctx)
+
+	// read the response
+	result := recorder.Result()
+	defer func() {
+		_ = result.Body.Close()
+	}()
+
+	b, err := io.ReadAll(result.Body)
+	if err != nil {
+		return nil, err
+	}
+
+	if resultCode := recorder.Code; expectedHTTPStatus != resultCode {
+		return nil, fmt.Errorf("expected %d got %d", expectedHTTPStatus, resultCode)
+	}
+
+	resp := &apimodel.WebPushSubscription{}
+	if err := json.Unmarshal(b, resp); err != nil {
+		return nil, err
+	}
+
+	return resp, nil
+}
+
+// Get a subscription that should exist.
+func (suite *PushTestSuite) TestGetSubscription() {
+	accountFixtureName := "local_account_1"
+	// This token should have a subscription associated with it already, with all event types turned on.
+	tokenFixtureName := "local_account_1"
+
+	subscription, err := suite.getSubscription(accountFixtureName, tokenFixtureName, 200)
+	if suite.NoError(err) {
+		suite.NotEmpty(subscription.ID)
+		suite.NotEmpty(subscription.Endpoint)
+		suite.NotEmpty(subscription.ServerKey)
+		suite.True(subscription.Alerts.Mention)
+	}
+}
+
+// Get a subscription that should not exist, which should fail.
+func (suite *PushTestSuite) TestGetMissingSubscription() {
+	accountFixtureName := "local_account_1"
+	// This token should not have a subscription.
+	tokenFixtureName := "local_account_1_user_authorization_token"
+
+	_, err := suite.getSubscription(accountFixtureName, tokenFixtureName, 404)
+	suite.NoError(err)
+}