mirror of
https://github.com/BookStackApp/BookStack.git
synced 2025-05-07 09:30:58 +00:00
Covered TOTP setup with testing
This commit is contained in:
Dan Brown
parent
916a82616f
commit
83c8f73142
3 changed files with 60 additions and 10 deletions
52
tests/Auth/MfaConfigurationTest.php
Normal file
52
tests/Auth/MfaConfigurationTest.php
Normal file
|
|
@ -0,0 +1,52 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
namespace Tests\Auth;
|
||||||
|
|
||||||
|
use PragmaRX\Google2FA\Google2FA;
|
||||||
|
use Tests\TestCase;
|
||||||
|
|
||||||
|
class MfaConfigurationTest extends TestCase
|
||||||
|
{
|
||||||
|
|
||||||
|
public function test_totp_setup()
|
||||||
|
{
|
||||||
|
$editor = $this->getEditor();
|
||||||
|
$this->assertDatabaseMissing('mfa_values', ['user_id' => $editor->id]);
|
||||||
|
|
||||||
|
// Setup page state
|
||||||
|
$resp = $this->actingAs($editor)->get('/mfa/setup');
|
||||||
|
$resp->assertElementContains('a[href$="/mfa/totp-generate"]', 'Setup');
|
||||||
|
|
||||||
|
// Generate page access
|
||||||
|
$resp = $this->get('/mfa/totp-generate');
|
||||||
|
$resp->assertSee('Mobile App Setup');
|
||||||
|
$resp->assertSee('Verify Setup');
|
||||||
|
$resp->assertElementExists('form[action$="/mfa/totp-confirm"] button');
|
||||||
|
$this->assertSessionHas('mfa-setup-totp-secret');
|
||||||
|
$svg = $resp->getElementHtml('#main-content .card svg');
|
||||||
|
|
||||||
|
// Validation error, code should remain the same
|
||||||
|
$resp = $this->post('/mfa/totp-confirm', [
|
||||||
|
'code' => 'abc123',
|
||||||
|
]);
|
||||||
|
$resp->assertRedirect('/mfa/totp-generate');
|
||||||
|
$resp = $this->followRedirects($resp);
|
||||||
|
$resp->assertSee('The provided code is not valid or has expired.');
|
||||||
|
$revisitSvg = $resp->getElementHtml('#main-content .card svg');
|
||||||
|
$this->assertTrue($svg === $revisitSvg);
|
||||||
|
|
||||||
|
// Successful confirmation
|
||||||
|
$google2fa = new Google2FA();
|
||||||
|
$otp = $google2fa->getCurrentOtp(decrypt(session()->get('mfa-setup-totp-secret')));
|
||||||
|
$resp = $this->post('/mfa/totp-confirm', [
|
||||||
|
'code' => $otp,
|
||||||
|
]);
|
||||||
|
$resp->assertRedirect('/mfa/setup');
|
||||||
|
|
||||||
|
// Confirmation of setup
|
||||||
|
$resp = $this->followRedirects($resp);
|
||||||
|
$resp->assertSee('Multi-factor method successfully configured');
|
||||||
|
$resp->assertElementContains('a[href$="/mfa/totp-generate"]', 'Reconfigure');
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
|
@ -1,10 +0,0 @@
|
||||||
<?php
|
|
||||||
|
|
||||||
namespace Tests\Auth;
|
|
||||||
|
|
||||||
use Tests\TestCase;
|
|
||||||
|
|
||||||
class MfaTotpTest extends TestCase
|
|
||||||
{
|
|
||||||
// TODO
|
|
||||||
}
|
|
||||||
|
|
@ -26,6 +26,14 @@ class TestResponse extends BaseTestResponse
|
||||||
return $this->crawlerInstance;
|
return $this->crawlerInstance;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get the HTML of the first element at the given selector.
|
||||||
|
*/
|
||||||
|
public function getElementHtml(string $selector): string
|
||||||
|
{
|
||||||
|
return $this->crawler()->filter($selector)->first()->outerHtml();
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Assert the response contains the specified element.
|
* Assert the response contains the specified element.
|
||||||
*
|
*
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue