[feature] Discover webfinger through host-meta (#1588)

* [feature] Discover webfinger through host-meta

This implements a fallback for discovering the webfinger endpoint in
case the /.well-known/webfinger endpoint wasn't properly redirected.
Some instances do this because the recommendation used to be to use
host-meta for the webfinger redirect in the before times.

Closes #1558.

* [bug] Ensure we only ever update cache on success

* [chore] Move finger tests to their own place

This adds a test suite for transport and moves the finger cache tests
into there instead of abusing the search test suite.

* [chore] cleanup the test a bit more

We don't really need a separate function for the oddly located webfinger
response as we check the full URL string anyway

* Address review comments

* [chore] update config example

* [chore] access DB only through state in controller

1 files changed, 118 insertions, 0 deletions

diff --git a/internal/transport/finger_test.go b/internal/transport/finger_test.go
new file mode 100644
index 000000000..d207785dc
--- /dev/null
+++ b/internal/transport/finger_test.go
@@ -0,0 +1,118 @@
+/*
+   GoToSocial
+   Copyright (C) 2021-2023 GoToSocial Authors admin@gotosocial.org
+
+   This program is free software: you can redistribute it and/or modify
+   it under the terms of the GNU Affero General Public License as published by
+   the Free Software Foundation, either version 3 of the License, or
+   (at your option) any later version.
+
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU Affero General Public License for more details.
+
+   You should have received a copy of the GNU Affero General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+package transport_test
+
+import (
+	"context"
+	"testing"
+
+	"github.com/stretchr/testify/suite"
+)
+
+type FingerTestSuite struct {
+	TransportTestSuite
+}
+
+func (suite *FingerTestSuite) TestFinger() {
+	wc := suite.state.Caches.GTS.Webfinger()
+	suite.Equal(0, wc.Len(), "expect webfinger cache to be empty")
+
+	_, err := suite.transport.Finger(context.TODO(), "brand_new_person", "unknown-instance.com")
+	if err != nil {
+		suite.FailNow(err.Error())
+	}
+
+	suite.Equal(0, wc.Len(), "expect webfinger cache to be empty for normal webfinger request")
+}
+
+func (suite *FingerTestSuite) TestFingerWithHostMeta() {
+	wc := suite.state.Caches.GTS.Webfinger()
+	suite.Equal(0, wc.Len(), "expect webfinger cache to be empty")
+
+	_, err := suite.transport.Finger(context.TODO(), "someone", "misconfigured-instance.com")
+	if err != nil {
+		suite.FailNow(err.Error())
+	}
+
+	suite.Equal(1, wc.Len(), "expect webfinger cache to hold one entry")
+	suite.True(wc.Has("misconfigured-instance.com"), "expect webfinger cache to have entry for misconfigured-instance.com")
+}
+
+func (suite *FingerTestSuite) TestFingerWithHostMetaCacheStrategy() {
+	wc := suite.state.Caches.GTS.Webfinger()
+	suite.Equal(0, wc.Len(), "expect webfinger cache to be empty")
+
+	_, err := suite.transport.Finger(context.TODO(), "someone", "misconfigured-instance.com")
+	if err != nil {
+		suite.FailNow(err.Error())
+	}
+
+	suite.Equal(1, wc.Len(), "expect webfinger cache to hold one entry")
+	wc.Lock()
+	suite.True(wc.Cache.Has("misconfigured-instance.com"), "expect webfinger cache to have entry for misconfigured-instance.com")
+	ent, _ := wc.Cache.Get("misconfigured-instance.com")
+	wc.Unlock()
+
+	initialTime := ent.Expiry
+
+	// finger them again
+	_, err = suite.transport.Finger(context.TODO(), "someone", "misconfigured-instance.com")
+	if err != nil {
+		suite.FailNow(err.Error())
+	}
+
+	// there should still only be 1 cache entry
+	suite.Equal(1, wc.Len(), "expect webfinger cache to hold one entry")
+	wc.Lock()
+	suite.True(wc.Cache.Has("misconfigured-instance.com"), "expect webfinger cache to have entry for misconfigured-instance.com")
+	rep, _ := wc.Cache.Get("misconfigured-instance.com")
+	wc.Unlock()
+
+	repeatTime := rep.Expiry
+
+	// the TTL of the entry should have extended because we did a second
+	// successful finger
+	suite.NotEqual(initialTime, repeatTime, "expected webfinger cache entry to have different expiry times")
+	if repeatTime.Before(initialTime) {
+		suite.FailNow("expected webfinger cache entry to not be a time traveller")
+	}
+
+	// finger a non-existing user on that same instance which will return an error
+	_, err = suite.transport.Finger(context.TODO(), "invalid", "misconfigured-instance.com")
+	if err == nil {
+		suite.FailNow("expected request for invalid user to fail")
+	}
+
+	// there should still only be 1 cache entry, because we don't evict from cache on failure
+	suite.Equal(1, wc.Len(), "expect webfinger cache to hold one entry")
+	wc.Lock()
+	suite.True(wc.Cache.Has("misconfigured-instance.com"), "expect webfinger cache to have entry for misconfigured-instance.com")
+	last, _ := wc.Cache.Get("misconfigured-instance.com")
+	wc.Unlock()
+
+	lastTime := last.Expiry
+
+	// The TTL of the previous and new entry should be the same since
+	// a failed request must not extend the entry TTL
+	suite.Equal(repeatTime, lastTime)
+}
+
+func TestFingerTestSuite(t *testing.T) {
+	suite.Run(t, &FingerTestSuite{})
+}