2021-11-14 01:52:46 +01:00
|
|
|
<?php
|
|
|
|
|
2021-11-30 17:39:33 +01:00
|
|
|
namespace Tests\Api\v1\Controllers;
|
2021-11-14 01:52:46 +01:00
|
|
|
|
2022-07-30 17:51:02 +02:00
|
|
|
use App\Facades\Settings;
|
2022-11-22 15:15:52 +01:00
|
|
|
use App\Models\Group;
|
2021-12-02 13:15:53 +01:00
|
|
|
use App\Models\TwoFAccount;
|
2022-11-22 15:15:52 +01:00
|
|
|
use App\Models\User;
|
2021-11-14 01:52:46 +01:00
|
|
|
use Illuminate\Support\Facades\DB;
|
|
|
|
use Illuminate\Support\Facades\Storage;
|
2022-10-07 18:58:48 +02:00
|
|
|
use Tests\Classes\LocalFile;
|
2022-12-13 12:07:29 +01:00
|
|
|
use Tests\Data\MigrationTestData;
|
2022-12-09 10:52:17 +01:00
|
|
|
use Tests\Data\OtpTestData;
|
2022-11-22 15:15:52 +01:00
|
|
|
use Tests\FeatureTestCase;
|
2021-11-22 01:09:54 +01:00
|
|
|
|
|
|
|
/**
|
|
|
|
* @covers \App\Api\v1\Controllers\TwoFAccountController
|
2023-03-18 17:33:43 +01:00
|
|
|
* @covers \App\Api\v1\Resources\TwoFAccountCollection
|
2021-11-30 17:39:33 +01:00
|
|
|
* @covers \App\Api\v1\Resources\TwoFAccountReadResource
|
|
|
|
* @covers \App\Api\v1\Resources\TwoFAccountStoreResource
|
2023-03-18 17:33:43 +01:00
|
|
|
* @covers \App\Api\v1\Resources\TwoFAccountExportResource
|
|
|
|
* @covers \App\Api\v1\Resources\TwoFAccountExportCollection
|
2022-12-09 10:52:17 +01:00
|
|
|
* @covers \App\Providers\MigrationServiceProvider
|
|
|
|
* @covers \App\Providers\TwoFAuthServiceProvider
|
2023-03-18 17:33:43 +01:00
|
|
|
* @covers \App\Policies\TwoFAccountPolicy
|
2021-11-22 01:09:54 +01:00
|
|
|
*/
|
2021-11-14 01:52:46 +01:00
|
|
|
class TwoFAccountControllerTest extends FeatureTestCase
|
|
|
|
{
|
|
|
|
/**
|
2023-03-08 09:41:18 +01:00
|
|
|
* @var \App\Models\User|\Illuminate\Contracts\Auth\Authenticatable
|
2022-11-22 15:15:52 +01:00
|
|
|
*/
|
2023-03-10 22:59:46 +01:00
|
|
|
protected $user;
|
|
|
|
|
|
|
|
protected $anotherUser;
|
2021-11-14 01:52:46 +01:00
|
|
|
|
2021-11-22 01:09:54 +01:00
|
|
|
/**
|
2023-03-08 09:41:18 +01:00
|
|
|
* @var App\Models\Group
|
2022-11-22 15:15:52 +01:00
|
|
|
*/
|
2023-03-10 22:59:46 +01:00
|
|
|
protected $userGroupA;
|
|
|
|
|
|
|
|
protected $userGroupB;
|
|
|
|
|
|
|
|
protected $anotherUserGroupA;
|
|
|
|
|
|
|
|
protected $anotherUserGroupB;
|
2023-03-08 09:41:18 +01:00
|
|
|
|
|
|
|
/**
|
|
|
|
* @var App\Models\TwoFAccount
|
|
|
|
*/
|
2023-03-10 22:59:46 +01:00
|
|
|
protected $twofaccountA;
|
|
|
|
|
|
|
|
protected $twofaccountB;
|
|
|
|
|
|
|
|
protected $twofaccountC;
|
|
|
|
|
|
|
|
protected $twofaccountD;
|
2021-11-22 01:09:54 +01:00
|
|
|
|
2021-11-15 00:21:07 +01:00
|
|
|
private const VALID_RESOURCE_STRUCTURE_WITHOUT_SECRET = [
|
|
|
|
'id',
|
|
|
|
'group_id',
|
|
|
|
'service',
|
|
|
|
'account',
|
|
|
|
'icon',
|
|
|
|
'otp_type',
|
|
|
|
'digits',
|
|
|
|
'algorithm',
|
|
|
|
'period',
|
2022-11-22 15:15:52 +01:00
|
|
|
'counter',
|
2021-11-15 00:21:07 +01:00
|
|
|
];
|
2022-11-22 15:15:52 +01:00
|
|
|
|
2021-11-15 00:21:07 +01:00
|
|
|
private const VALID_RESOURCE_STRUCTURE_WITH_SECRET = [
|
|
|
|
'id',
|
|
|
|
'group_id',
|
|
|
|
'service',
|
|
|
|
'account',
|
|
|
|
'icon',
|
|
|
|
'otp_type',
|
|
|
|
'secret',
|
|
|
|
'digits',
|
|
|
|
'algorithm',
|
|
|
|
'period',
|
2022-11-22 15:15:52 +01:00
|
|
|
'counter',
|
2021-11-15 00:21:07 +01:00
|
|
|
];
|
2022-11-22 15:15:52 +01:00
|
|
|
|
2021-11-15 00:21:07 +01:00
|
|
|
private const VALID_OTP_RESOURCE_STRUCTURE_FOR_TOTP = [
|
|
|
|
'generated_at',
|
|
|
|
'otp_type',
|
|
|
|
'password',
|
|
|
|
'period',
|
|
|
|
];
|
2022-11-22 15:15:52 +01:00
|
|
|
|
2021-11-15 00:21:07 +01:00
|
|
|
private const VALID_OTP_RESOURCE_STRUCTURE_FOR_HOTP = [
|
|
|
|
'otp_type',
|
|
|
|
'password',
|
|
|
|
'counter',
|
|
|
|
];
|
2022-11-22 15:15:52 +01:00
|
|
|
|
2023-03-18 17:33:43 +01:00
|
|
|
private const VALID_EXPORT_STRUTURE = [
|
|
|
|
'app',
|
|
|
|
'schema',
|
|
|
|
'datetime',
|
|
|
|
'data' => [
|
|
|
|
'*' => [
|
|
|
|
'otp_type',
|
|
|
|
'account',
|
|
|
|
'service',
|
|
|
|
'icon',
|
|
|
|
'icon_mime',
|
|
|
|
'icon_file',
|
|
|
|
'secret',
|
|
|
|
'digits',
|
|
|
|
'algorithm',
|
|
|
|
'period',
|
|
|
|
'counter',
|
|
|
|
'legacy_uri',
|
|
|
|
], ],
|
|
|
|
];
|
|
|
|
|
2021-11-15 00:21:07 +01:00
|
|
|
private const JSON_FRAGMENTS_FOR_CUSTOM_TOTP = [
|
2022-07-05 10:10:24 +02:00
|
|
|
'service' => OtpTestData::SERVICE,
|
|
|
|
'account' => OtpTestData::ACCOUNT,
|
2021-11-15 00:21:07 +01:00
|
|
|
'otp_type' => 'totp',
|
2022-07-05 10:10:24 +02:00
|
|
|
'secret' => OtpTestData::SECRET,
|
|
|
|
'digits' => OtpTestData::DIGITS_CUSTOM,
|
|
|
|
'algorithm' => OtpTestData::ALGORITHM_CUSTOM,
|
|
|
|
'period' => OtpTestData::PERIOD_CUSTOM,
|
2021-11-15 00:21:07 +01:00
|
|
|
'counter' => null,
|
|
|
|
];
|
2022-11-22 15:15:52 +01:00
|
|
|
|
2021-11-15 00:21:07 +01:00
|
|
|
private const JSON_FRAGMENTS_FOR_DEFAULT_TOTP = [
|
|
|
|
'service' => null,
|
2022-07-05 10:10:24 +02:00
|
|
|
'account' => OtpTestData::ACCOUNT,
|
2021-11-15 00:21:07 +01:00
|
|
|
'otp_type' => 'totp',
|
2022-07-05 10:10:24 +02:00
|
|
|
'secret' => OtpTestData::SECRET,
|
|
|
|
'digits' => OtpTestData::DIGITS_DEFAULT,
|
|
|
|
'algorithm' => OtpTestData::ALGORITHM_DEFAULT,
|
|
|
|
'period' => OtpTestData::PERIOD_DEFAULT,
|
2021-11-15 00:21:07 +01:00
|
|
|
'counter' => null,
|
|
|
|
];
|
2022-11-22 15:15:52 +01:00
|
|
|
|
2021-11-15 00:21:07 +01:00
|
|
|
private const JSON_FRAGMENTS_FOR_CUSTOM_HOTP = [
|
2022-07-05 10:10:24 +02:00
|
|
|
'service' => OtpTestData::SERVICE,
|
|
|
|
'account' => OtpTestData::ACCOUNT,
|
2021-11-15 00:21:07 +01:00
|
|
|
'otp_type' => 'hotp',
|
2022-07-05 10:10:24 +02:00
|
|
|
'secret' => OtpTestData::SECRET,
|
|
|
|
'digits' => OtpTestData::DIGITS_CUSTOM,
|
|
|
|
'algorithm' => OtpTestData::ALGORITHM_CUSTOM,
|
2021-11-15 00:21:07 +01:00
|
|
|
'period' => null,
|
2022-07-05 10:10:24 +02:00
|
|
|
'counter' => OtpTestData::COUNTER_CUSTOM,
|
2021-11-15 00:21:07 +01:00
|
|
|
];
|
2022-11-22 15:15:52 +01:00
|
|
|
|
2021-11-15 00:21:07 +01:00
|
|
|
private const JSON_FRAGMENTS_FOR_DEFAULT_HOTP = [
|
2022-11-22 15:15:52 +01:00
|
|
|
'service' => null,
|
2022-07-05 10:10:24 +02:00
|
|
|
'account' => OtpTestData::ACCOUNT,
|
2021-11-15 00:21:07 +01:00
|
|
|
'otp_type' => 'hotp',
|
2022-07-05 10:10:24 +02:00
|
|
|
'secret' => OtpTestData::SECRET,
|
|
|
|
'digits' => OtpTestData::DIGITS_DEFAULT,
|
|
|
|
'algorithm' => OtpTestData::ALGORITHM_DEFAULT,
|
2021-11-15 00:21:07 +01:00
|
|
|
'period' => null,
|
2022-07-05 10:10:24 +02:00
|
|
|
'counter' => OtpTestData::COUNTER_DEFAULT,
|
2021-11-15 00:21:07 +01:00
|
|
|
];
|
2022-11-22 15:15:52 +01:00
|
|
|
|
2021-11-15 00:21:07 +01:00
|
|
|
private const ARRAY_OF_INVALID_PARAMETERS = [
|
2022-11-22 15:15:52 +01:00
|
|
|
'account' => null,
|
|
|
|
'otp_type' => 'totp',
|
|
|
|
'secret' => OtpTestData::SECRET,
|
2021-11-15 00:21:07 +01:00
|
|
|
];
|
2022-07-05 10:10:24 +02:00
|
|
|
|
2021-11-14 01:52:46 +01:00
|
|
|
/**
|
|
|
|
* @test
|
|
|
|
*/
|
2022-12-13 12:07:29 +01:00
|
|
|
public function setUp() : void
|
2021-11-14 01:52:46 +01:00
|
|
|
{
|
|
|
|
parent::setUp();
|
|
|
|
|
2023-03-10 22:59:46 +01:00
|
|
|
$this->user = User::factory()->create();
|
2023-03-08 09:41:18 +01:00
|
|
|
$this->userGroupA = Group::factory()->for($this->user)->create();
|
|
|
|
$this->userGroupB = Group::factory()->for($this->user)->create();
|
|
|
|
|
|
|
|
$this->twofaccountA = TwoFAccount::factory()->for($this->user)->create([
|
|
|
|
'group_id' => $this->userGroupA->id,
|
|
|
|
]);
|
|
|
|
$this->twofaccountB = TwoFAccount::factory()->for($this->user)->create([
|
|
|
|
'group_id' => $this->userGroupA->id,
|
|
|
|
]);
|
|
|
|
|
2023-03-10 22:59:46 +01:00
|
|
|
$this->anotherUser = User::factory()->create();
|
2023-03-08 09:41:18 +01:00
|
|
|
$this->anotherUserGroupA = Group::factory()->for($this->anotherUser)->create();
|
|
|
|
$this->anotherUserGroupB = Group::factory()->for($this->anotherUser)->create();
|
|
|
|
|
|
|
|
$this->twofaccountC = TwoFAccount::factory()->for($this->anotherUser)->create([
|
|
|
|
'group_id' => $this->anotherUserGroupA->id,
|
|
|
|
]);
|
|
|
|
$this->twofaccountD = TwoFAccount::factory()->for($this->anotherUser)->create([
|
|
|
|
'group_id' => $this->anotherUserGroupB->id,
|
|
|
|
]);
|
2021-11-14 01:52:46 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @test
|
2022-11-22 15:15:52 +01:00
|
|
|
*
|
2022-08-01 08:24:49 +02:00
|
|
|
* @dataProvider indexUrlParameterProvider
|
2021-11-14 01:52:46 +01:00
|
|
|
*/
|
2023-03-08 09:41:18 +01:00
|
|
|
public function test_index_returns_user_twofaccounts_only($urlParameter, $expected)
|
2021-11-14 01:52:46 +01:00
|
|
|
{
|
2022-03-31 08:38:35 +02:00
|
|
|
$response = $this->actingAs($this->user, 'api-guard')
|
2022-11-22 15:15:52 +01:00
|
|
|
->json('GET', '/api/v1/twofaccounts' . $urlParameter)
|
2021-11-14 01:52:46 +01:00
|
|
|
->assertOk()
|
2023-03-08 09:41:18 +01:00
|
|
|
->assertJsonCount(2, $key = null)
|
2021-11-14 01:52:46 +01:00
|
|
|
->assertJsonStructure([
|
2022-11-22 15:15:52 +01:00
|
|
|
'*' => $expected,
|
2023-03-08 09:41:18 +01:00
|
|
|
])
|
|
|
|
->assertJsonFragment([
|
|
|
|
'id' => $this->twofaccountA->id,
|
|
|
|
])
|
|
|
|
->assertJsonFragment([
|
|
|
|
'id' => $this->twofaccountB->id,
|
|
|
|
])
|
|
|
|
->assertJsonMissing([
|
|
|
|
'id' => $this->twofaccountC->id,
|
|
|
|
])
|
|
|
|
->assertJsonMissing([
|
|
|
|
'id' => $this->twofaccountD->id,
|
2021-11-15 00:21:07 +01:00
|
|
|
]);
|
2021-11-14 01:52:46 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2022-08-01 08:24:49 +02:00
|
|
|
* Provide data for index tests
|
2021-11-14 01:52:46 +01:00
|
|
|
*/
|
2022-08-01 08:24:49 +02:00
|
|
|
public function indexUrlParameterProvider()
|
2021-11-14 01:52:46 +01:00
|
|
|
{
|
2022-08-01 08:24:49 +02:00
|
|
|
return [
|
2022-11-22 15:15:52 +01:00
|
|
|
'VALID_RESOURCE_STRUCTURE_WITHOUT_SECRET' => [
|
2022-08-01 08:24:49 +02:00
|
|
|
'',
|
2022-11-22 15:15:52 +01:00
|
|
|
self::VALID_RESOURCE_STRUCTURE_WITHOUT_SECRET,
|
2022-08-01 08:24:49 +02:00
|
|
|
],
|
2022-11-22 15:15:52 +01:00
|
|
|
'VALID_RESOURCE_STRUCTURE_WITH_SECRET' => [
|
2022-08-01 08:24:49 +02:00
|
|
|
'?withSecret=1',
|
2022-11-22 15:15:52 +01:00
|
|
|
self::VALID_RESOURCE_STRUCTURE_WITH_SECRET,
|
2022-08-01 08:24:49 +02:00
|
|
|
],
|
|
|
|
];
|
2021-11-14 01:52:46 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @test
|
|
|
|
*/
|
2023-03-08 09:41:18 +01:00
|
|
|
public function test_show_returns_twofaccount_resource_with_secret()
|
2021-11-14 01:52:46 +01:00
|
|
|
{
|
2022-03-31 08:38:35 +02:00
|
|
|
$response = $this->actingAs($this->user, 'api-guard')
|
2023-03-08 09:41:18 +01:00
|
|
|
->json('GET', '/api/v1/twofaccounts/' . $this->twofaccountA->id)
|
2021-11-14 01:52:46 +01:00
|
|
|
->assertOk()
|
2021-11-15 00:21:07 +01:00
|
|
|
->assertJsonStructure(self::VALID_RESOURCE_STRUCTURE_WITH_SECRET);
|
2021-11-14 01:52:46 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @test
|
|
|
|
*/
|
2023-03-08 09:41:18 +01:00
|
|
|
public function test_show_returns_twofaccount_resource_without_secret()
|
2021-11-14 01:52:46 +01:00
|
|
|
{
|
2022-03-31 08:38:35 +02:00
|
|
|
$response = $this->actingAs($this->user, 'api-guard')
|
2023-03-08 09:41:18 +01:00
|
|
|
->json('GET', '/api/v1/twofaccounts/' . $this->twofaccountA->id . '?withSecret=0')
|
2021-11-14 01:52:46 +01:00
|
|
|
->assertOk()
|
2021-11-15 00:21:07 +01:00
|
|
|
->assertJsonStructure(self::VALID_RESOURCE_STRUCTURE_WITHOUT_SECRET);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @test
|
|
|
|
*/
|
2021-11-30 17:39:33 +01:00
|
|
|
// public function test_show_twofaccount_with_indeciphered_data_returns_replaced_data()
|
|
|
|
// {
|
|
|
|
// $dbEncryptionService = resolve('App\Services\DbEncryptionService');
|
|
|
|
// $dbEncryptionService->setTo(true);
|
2021-11-15 00:21:07 +01:00
|
|
|
|
2021-12-02 13:15:53 +01:00
|
|
|
// $twofaccount = TwoFAccount::factory()->create();
|
2021-11-15 00:21:07 +01:00
|
|
|
|
2021-11-30 17:39:33 +01:00
|
|
|
// DB::table('twofaccounts')
|
|
|
|
// ->where('id', $twofaccount->id)
|
|
|
|
// ->update([
|
|
|
|
// 'secret' => '**encrypted**',
|
|
|
|
// 'account' => '**encrypted**',
|
|
|
|
// ]);
|
2021-11-15 00:21:07 +01:00
|
|
|
|
2022-03-31 08:38:35 +02:00
|
|
|
// $response = $this->actingAs($this->user, 'api-guard')
|
2021-11-30 17:39:33 +01:00
|
|
|
// ->json('GET', '/api/v1/twofaccounts/' . $twofaccount->id)
|
|
|
|
// ->assertJsonFragment([
|
|
|
|
// 'secret' => '*indecipherable*',
|
|
|
|
// 'account' => '*indecipherable*',
|
|
|
|
// ]);
|
|
|
|
// }
|
2021-11-14 01:52:46 +01:00
|
|
|
|
|
|
|
/**
|
|
|
|
* @test
|
|
|
|
*/
|
|
|
|
public function test_show_missing_twofaccount_returns_not_found()
|
|
|
|
{
|
2022-03-31 08:38:35 +02:00
|
|
|
$response = $this->actingAs($this->user, 'api-guard')
|
2021-11-14 01:52:46 +01:00
|
|
|
->json('GET', '/api/v1/twofaccounts/1000')
|
|
|
|
->assertNotFound()
|
|
|
|
->assertJsonStructure([
|
2022-11-22 15:15:52 +01:00
|
|
|
'message',
|
2021-11-14 01:52:46 +01:00
|
|
|
]);
|
|
|
|
}
|
|
|
|
|
2023-03-08 09:41:18 +01:00
|
|
|
/**
|
|
|
|
* @test
|
|
|
|
*/
|
|
|
|
public function test_show_twofaccount_of_another_user_is_forbidden()
|
|
|
|
{
|
|
|
|
$response = $this->actingAs($this->user, 'api-guard')
|
|
|
|
->json('GET', '/api/v1/twofaccounts/' . $this->twofaccountC->id)
|
|
|
|
->assertForbidden()
|
|
|
|
->assertJsonStructure([
|
|
|
|
'message',
|
|
|
|
]);
|
|
|
|
}
|
|
|
|
|
2021-11-14 01:52:46 +01:00
|
|
|
/**
|
2022-08-01 08:24:49 +02:00
|
|
|
* @dataProvider accountCreationProvider
|
2021-11-14 01:52:46 +01:00
|
|
|
* @test
|
|
|
|
*/
|
2022-08-01 08:24:49 +02:00
|
|
|
public function test_store_without_encryption_returns_success_with_consistent_resource_structure($payload, $expected)
|
2021-11-14 01:52:46 +01:00
|
|
|
{
|
2022-08-01 08:24:49 +02:00
|
|
|
Settings::set('useEncryption', false);
|
2021-11-14 01:52:46 +01:00
|
|
|
Storage::put('test.png', 'emptied to prevent missing resource replaced by null by the model getter');
|
|
|
|
|
2022-03-31 08:38:35 +02:00
|
|
|
$response = $this->actingAs($this->user, 'api-guard')
|
2022-08-01 08:24:49 +02:00
|
|
|
->json('POST', '/api/v1/twofaccounts', $payload)
|
2021-11-14 01:52:46 +01:00
|
|
|
->assertCreated()
|
2022-08-01 08:24:49 +02:00
|
|
|
->assertJsonStructure(self::VALID_RESOURCE_STRUCTURE_WITH_SECRET)
|
|
|
|
->assertJsonFragment($expected);
|
2021-11-14 01:52:46 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2022-08-01 08:24:49 +02:00
|
|
|
* @dataProvider accountCreationProvider
|
2021-11-14 01:52:46 +01:00
|
|
|
* @test
|
|
|
|
*/
|
2022-08-01 08:24:49 +02:00
|
|
|
public function test_store_with_encryption_returns_success_with_consistent_resource_structure($payload, $expected)
|
2021-11-14 01:52:46 +01:00
|
|
|
{
|
2022-08-01 08:24:49 +02:00
|
|
|
Settings::set('useEncryption', true);
|
|
|
|
Storage::put('test.png', 'emptied to prevent missing resource replaced by null by the model getter');
|
2021-11-14 01:52:46 +01:00
|
|
|
|
2022-03-31 08:38:35 +02:00
|
|
|
$response = $this->actingAs($this->user, 'api-guard')
|
2022-08-01 08:24:49 +02:00
|
|
|
->json('POST', '/api/v1/twofaccounts', $payload)
|
|
|
|
->assertCreated()
|
|
|
|
->assertJsonStructure(self::VALID_RESOURCE_STRUCTURE_WITH_SECRET)
|
|
|
|
->assertJsonFragment($expected);
|
2021-11-14 01:52:46 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2022-08-01 08:24:49 +02:00
|
|
|
* Provide data for TwoFAccount store tests
|
2021-11-14 01:52:46 +01:00
|
|
|
*/
|
2022-08-01 08:24:49 +02:00
|
|
|
public function accountCreationProvider()
|
2021-11-14 01:52:46 +01:00
|
|
|
{
|
2022-08-01 08:24:49 +02:00
|
|
|
return [
|
2022-11-22 15:15:52 +01:00
|
|
|
'TOTP_FULL_CUSTOM_URI' => [
|
2022-08-01 08:24:49 +02:00
|
|
|
[
|
|
|
|
'uri' => OtpTestData::TOTP_FULL_CUSTOM_URI,
|
|
|
|
],
|
2022-11-22 15:15:52 +01:00
|
|
|
self::JSON_FRAGMENTS_FOR_CUSTOM_TOTP,
|
2022-08-01 08:24:49 +02:00
|
|
|
],
|
2022-11-22 15:15:52 +01:00
|
|
|
'TOTP_SHORT_URI' => [
|
2022-08-01 08:24:49 +02:00
|
|
|
[
|
|
|
|
'uri' => OtpTestData::TOTP_SHORT_URI,
|
|
|
|
],
|
2022-11-22 15:15:52 +01:00
|
|
|
self::JSON_FRAGMENTS_FOR_DEFAULT_TOTP,
|
2022-08-01 08:24:49 +02:00
|
|
|
],
|
2022-11-22 15:15:52 +01:00
|
|
|
'ARRAY_OF_FULL_VALID_PARAMETERS_FOR_CUSTOM_TOTP' => [
|
2022-08-01 08:24:49 +02:00
|
|
|
OtpTestData::ARRAY_OF_FULL_VALID_PARAMETERS_FOR_CUSTOM_TOTP,
|
2022-11-22 15:15:52 +01:00
|
|
|
self::JSON_FRAGMENTS_FOR_CUSTOM_TOTP,
|
2022-08-01 08:24:49 +02:00
|
|
|
],
|
2022-11-22 15:15:52 +01:00
|
|
|
'ARRAY_OF_MINIMUM_VALID_PARAMETERS_FOR_TOTP' => [
|
2022-08-01 08:24:49 +02:00
|
|
|
OtpTestData::ARRAY_OF_MINIMUM_VALID_PARAMETERS_FOR_TOTP,
|
2022-11-22 15:15:52 +01:00
|
|
|
self::JSON_FRAGMENTS_FOR_DEFAULT_TOTP,
|
2022-08-01 08:24:49 +02:00
|
|
|
],
|
2022-11-22 15:15:52 +01:00
|
|
|
'HOTP_FULL_CUSTOM_URI' => [
|
2022-08-01 08:24:49 +02:00
|
|
|
[
|
|
|
|
'uri' => OtpTestData::HOTP_FULL_CUSTOM_URI,
|
|
|
|
],
|
2022-11-22 15:15:52 +01:00
|
|
|
self::JSON_FRAGMENTS_FOR_CUSTOM_HOTP,
|
2022-08-01 08:24:49 +02:00
|
|
|
],
|
2022-11-22 15:15:52 +01:00
|
|
|
'HOTP_SHORT_URI' => [
|
2022-08-01 08:24:49 +02:00
|
|
|
[
|
|
|
|
'uri' => OtpTestData::HOTP_SHORT_URI,
|
|
|
|
],
|
2022-11-22 15:15:52 +01:00
|
|
|
self::JSON_FRAGMENTS_FOR_DEFAULT_HOTP,
|
2022-08-01 08:24:49 +02:00
|
|
|
],
|
2022-11-22 15:15:52 +01:00
|
|
|
'ARRAY_OF_FULL_VALID_PARAMETERS_FOR_CUSTOM_HOTP' => [
|
2022-08-01 08:24:49 +02:00
|
|
|
OtpTestData::ARRAY_OF_FULL_VALID_PARAMETERS_FOR_CUSTOM_HOTP,
|
2022-11-22 15:15:52 +01:00
|
|
|
self::JSON_FRAGMENTS_FOR_CUSTOM_HOTP,
|
2022-08-01 08:24:49 +02:00
|
|
|
],
|
2022-11-22 15:15:52 +01:00
|
|
|
'ARRAY_OF_MINIMUM_VALID_PARAMETERS_FOR_HOTP' => [
|
2022-08-01 08:24:49 +02:00
|
|
|
OtpTestData::ARRAY_OF_MINIMUM_VALID_PARAMETERS_FOR_HOTP,
|
2022-11-22 15:15:52 +01:00
|
|
|
self::JSON_FRAGMENTS_FOR_DEFAULT_HOTP,
|
2022-08-01 08:24:49 +02:00
|
|
|
],
|
|
|
|
];
|
2021-11-14 01:52:46 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @test
|
|
|
|
*/
|
|
|
|
public function test_store_with_invalid_uri_returns_validation_error()
|
|
|
|
{
|
2022-03-31 08:38:35 +02:00
|
|
|
$response = $this->actingAs($this->user, 'api-guard')
|
2021-11-14 01:52:46 +01:00
|
|
|
->json('POST', '/api/v1/twofaccounts', [
|
2022-07-05 10:10:24 +02:00
|
|
|
'uri' => OtpTestData::INVALID_OTPAUTH_URI,
|
2021-11-15 00:21:07 +01:00
|
|
|
])
|
2021-11-14 01:52:46 +01:00
|
|
|
->assertStatus(422);
|
|
|
|
}
|
|
|
|
|
2021-11-22 01:09:54 +01:00
|
|
|
/**
|
|
|
|
* @test
|
|
|
|
*/
|
|
|
|
public function test_store_assigns_created_account_when_default_group_is_a_specific_one()
|
|
|
|
{
|
|
|
|
// Set the default group to a specific one
|
2023-03-08 09:41:18 +01:00
|
|
|
$this->user['preferences->defaultGroup'] = $this->userGroupA->id;
|
|
|
|
$this->user->save();
|
2021-11-22 01:09:54 +01:00
|
|
|
|
2022-03-31 08:38:35 +02:00
|
|
|
$response = $this->actingAs($this->user, 'api-guard')
|
2021-11-22 01:09:54 +01:00
|
|
|
->json('POST', '/api/v1/twofaccounts', [
|
2022-07-05 10:10:24 +02:00
|
|
|
'uri' => OtpTestData::TOTP_SHORT_URI,
|
2021-11-22 01:09:54 +01:00
|
|
|
])
|
|
|
|
->assertJsonFragment([
|
2023-03-08 09:41:18 +01:00
|
|
|
'group_id' => $this->userGroupA->id,
|
2021-11-22 01:09:54 +01:00
|
|
|
]);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @test
|
|
|
|
*/
|
|
|
|
public function test_store_assigns_created_account_when_default_group_is_the_active_one()
|
|
|
|
{
|
|
|
|
// Set the default group to be the active one
|
2023-03-08 09:41:18 +01:00
|
|
|
$this->user['preferences->defaultGroup'] = -1;
|
2021-11-22 01:09:54 +01:00
|
|
|
// Set the active group
|
2023-03-08 09:41:18 +01:00
|
|
|
$this->user['preferences->activeGroup'] = $this->userGroupA->id;
|
|
|
|
$this->user->save();
|
2021-11-22 01:09:54 +01:00
|
|
|
|
2022-03-31 08:38:35 +02:00
|
|
|
$response = $this->actingAs($this->user, 'api-guard')
|
2021-11-22 01:09:54 +01:00
|
|
|
->json('POST', '/api/v1/twofaccounts', [
|
2022-07-05 10:10:24 +02:00
|
|
|
'uri' => OtpTestData::TOTP_SHORT_URI,
|
2021-11-22 01:09:54 +01:00
|
|
|
])
|
|
|
|
->assertJsonFragment([
|
2023-03-08 09:41:18 +01:00
|
|
|
'group_id' => $this->userGroupA->id,
|
2021-11-22 01:09:54 +01:00
|
|
|
]);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @test
|
|
|
|
*/
|
|
|
|
public function test_store_assigns_created_account_when_default_group_is_no_group()
|
|
|
|
{
|
|
|
|
// Set the default group to No group
|
2023-03-08 09:41:18 +01:00
|
|
|
$this->user['preferences->defaultGroup'] = 0;
|
|
|
|
$this->user->save();
|
2021-11-22 01:09:54 +01:00
|
|
|
|
2022-03-31 08:38:35 +02:00
|
|
|
$response = $this->actingAs($this->user, 'api-guard')
|
2021-11-22 01:09:54 +01:00
|
|
|
->json('POST', '/api/v1/twofaccounts', [
|
2022-07-05 10:10:24 +02:00
|
|
|
'uri' => OtpTestData::TOTP_SHORT_URI,
|
2021-11-22 01:09:54 +01:00
|
|
|
])
|
|
|
|
->assertJsonFragment([
|
2022-11-22 15:15:52 +01:00
|
|
|
'group_id' => null,
|
2021-11-22 01:09:54 +01:00
|
|
|
]);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @test
|
|
|
|
*/
|
|
|
|
public function test_store_assigns_created_account_when_default_group_does_not_exist()
|
|
|
|
{
|
|
|
|
// Set the default group to a non-existing one
|
2023-03-08 09:41:18 +01:00
|
|
|
$this->user['preferences->defaultGroup'] = 1000;
|
|
|
|
$this->user->save();
|
2021-11-22 01:09:54 +01:00
|
|
|
|
2022-03-31 08:38:35 +02:00
|
|
|
$response = $this->actingAs($this->user, 'api-guard')
|
2021-11-22 01:09:54 +01:00
|
|
|
->json('POST', '/api/v1/twofaccounts', [
|
2022-07-05 10:10:24 +02:00
|
|
|
'uri' => OtpTestData::TOTP_SHORT_URI,
|
2021-11-22 01:09:54 +01:00
|
|
|
])
|
|
|
|
->assertJsonFragment([
|
2022-11-22 15:15:52 +01:00
|
|
|
'group_id' => null,
|
2021-11-22 01:09:54 +01:00
|
|
|
]);
|
|
|
|
}
|
|
|
|
|
2021-11-14 01:52:46 +01:00
|
|
|
/**
|
|
|
|
* @test
|
|
|
|
*/
|
|
|
|
public function test_update_totp_returns_success_with_updated_resource()
|
|
|
|
{
|
2022-03-31 08:38:35 +02:00
|
|
|
$response = $this->actingAs($this->user, 'api-guard')
|
2023-03-08 09:41:18 +01:00
|
|
|
->json('PUT', '/api/v1/twofaccounts/' . $this->twofaccountA->id, OtpTestData::ARRAY_OF_FULL_VALID_PARAMETERS_FOR_CUSTOM_TOTP)
|
2021-11-14 01:52:46 +01:00
|
|
|
->assertOk()
|
2021-11-15 00:21:07 +01:00
|
|
|
->assertJsonFragment(self::JSON_FRAGMENTS_FOR_CUSTOM_TOTP);
|
2021-11-14 01:52:46 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @test
|
|
|
|
*/
|
|
|
|
public function test_update_hotp_returns_success_with_updated_resource()
|
|
|
|
{
|
2022-03-31 08:38:35 +02:00
|
|
|
$response = $this->actingAs($this->user, 'api-guard')
|
2023-03-08 09:41:18 +01:00
|
|
|
->json('PUT', '/api/v1/twofaccounts/' . $this->twofaccountA->id, OtpTestData::ARRAY_OF_FULL_VALID_PARAMETERS_FOR_CUSTOM_HOTP)
|
2021-11-14 01:52:46 +01:00
|
|
|
->assertOk()
|
2021-11-15 00:21:07 +01:00
|
|
|
->assertJsonFragment(self::JSON_FRAGMENTS_FOR_CUSTOM_HOTP);
|
2021-11-14 01:52:46 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @test
|
|
|
|
*/
|
|
|
|
public function test_update_missing_twofaccount_returns_not_found()
|
|
|
|
{
|
2022-03-31 08:38:35 +02:00
|
|
|
$response = $this->actingAs($this->user, 'api-guard')
|
2022-07-05 10:10:24 +02:00
|
|
|
->json('PUT', '/api/v1/twofaccounts/1000', OtpTestData::ARRAY_OF_FULL_VALID_PARAMETERS_FOR_CUSTOM_TOTP)
|
2021-11-14 01:52:46 +01:00
|
|
|
->assertNotFound();
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @test
|
|
|
|
*/
|
|
|
|
public function test_update_twofaccount_with_invalid_data_returns_validation_error()
|
|
|
|
{
|
2021-12-02 13:15:53 +01:00
|
|
|
$twofaccount = TwoFAccount::factory()->create();
|
2021-11-14 01:52:46 +01:00
|
|
|
|
2022-03-31 08:38:35 +02:00
|
|
|
$response = $this->actingAs($this->user, 'api-guard')
|
2023-03-08 09:41:18 +01:00
|
|
|
->json('PUT', '/api/v1/twofaccounts/' . $this->twofaccountA->id, self::ARRAY_OF_INVALID_PARAMETERS)
|
2021-11-14 01:52:46 +01:00
|
|
|
->assertStatus(422);
|
|
|
|
}
|
|
|
|
|
2023-03-08 09:41:18 +01:00
|
|
|
/**
|
|
|
|
* @test
|
|
|
|
*/
|
|
|
|
public function test_update_twofaccount_of_another_user_is_forbidden()
|
|
|
|
{
|
|
|
|
$response = $this->actingAs($this->user, 'api-guard')
|
|
|
|
->json('PUT', '/api/v1/twofaccounts/' . $this->twofaccountC->id, OtpTestData::ARRAY_OF_FULL_VALID_PARAMETERS_FOR_CUSTOM_HOTP)
|
|
|
|
->assertForbidden()
|
|
|
|
->assertJsonStructure([
|
|
|
|
'message',
|
|
|
|
]);
|
|
|
|
}
|
|
|
|
|
2022-06-21 17:27:47 +02:00
|
|
|
/**
|
|
|
|
* @test
|
|
|
|
*/
|
2023-03-22 15:39:51 +01:00
|
|
|
public function test_migrate_valid_gauth_payload_returns_success_with_consistent_resources()
|
2022-06-21 17:27:47 +02:00
|
|
|
{
|
|
|
|
$response = $this->actingAs($this->user, 'api-guard')
|
2022-10-07 18:58:48 +02:00
|
|
|
->json('POST', '/api/v1/twofaccounts/migration', [
|
2022-12-09 10:52:17 +01:00
|
|
|
'payload' => MigrationTestData::GOOGLE_AUTH_MIGRATION_URI,
|
2022-10-14 14:01:01 +02:00
|
|
|
'withSecret' => 1,
|
2022-06-21 17:27:47 +02:00
|
|
|
])
|
|
|
|
->assertOk()
|
|
|
|
->assertJsonCount(2, $key = null)
|
|
|
|
->assertJsonFragment([
|
|
|
|
'id' => 0,
|
2022-07-05 10:10:24 +02:00
|
|
|
'service' => OtpTestData::SERVICE,
|
|
|
|
'account' => OtpTestData::ACCOUNT,
|
2022-06-21 17:27:47 +02:00
|
|
|
'otp_type' => 'totp',
|
2022-07-05 10:10:24 +02:00
|
|
|
'secret' => OtpTestData::SECRET,
|
|
|
|
'digits' => OtpTestData::DIGITS_DEFAULT,
|
|
|
|
'algorithm' => OtpTestData::ALGORITHM_DEFAULT,
|
|
|
|
'period' => OtpTestData::PERIOD_DEFAULT,
|
2022-11-22 15:15:52 +01:00
|
|
|
'counter' => null,
|
2022-06-21 17:27:47 +02:00
|
|
|
])
|
|
|
|
->assertJsonFragment([
|
|
|
|
'id' => 0,
|
2022-07-05 10:10:24 +02:00
|
|
|
'service' => OtpTestData::SERVICE . '_bis',
|
|
|
|
'account' => OtpTestData::ACCOUNT . '_bis',
|
2022-06-21 17:27:47 +02:00
|
|
|
'otp_type' => 'totp',
|
2022-07-05 10:10:24 +02:00
|
|
|
'secret' => OtpTestData::SECRET,
|
|
|
|
'digits' => OtpTestData::DIGITS_DEFAULT,
|
|
|
|
'algorithm' => OtpTestData::ALGORITHM_DEFAULT,
|
|
|
|
'period' => OtpTestData::PERIOD_DEFAULT,
|
2022-11-22 15:15:52 +01:00
|
|
|
'counter' => null,
|
2022-06-21 17:27:47 +02:00
|
|
|
]);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @test
|
|
|
|
*/
|
2023-03-22 15:39:51 +01:00
|
|
|
public function test_migrate_with_invalid_gauth_payload_returns_validation_error()
|
2022-06-21 17:27:47 +02:00
|
|
|
{
|
|
|
|
$response = $this->actingAs($this->user, 'api-guard')
|
2022-10-07 18:58:48 +02:00
|
|
|
->json('POST', '/api/v1/twofaccounts/migration', [
|
2022-12-09 10:52:17 +01:00
|
|
|
'uri' => MigrationTestData::INVALID_GOOGLE_AUTH_MIGRATION_URI,
|
2022-06-21 17:27:47 +02:00
|
|
|
])
|
|
|
|
->assertStatus(422);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @test
|
|
|
|
*/
|
2023-03-22 15:39:51 +01:00
|
|
|
public function test_migrate_payload_with_duplicates_returns_negative_ids()
|
2022-06-21 17:27:47 +02:00
|
|
|
{
|
2023-03-22 15:39:51 +01:00
|
|
|
$twofaccount = TwoFAccount::factory()->for($this->user)->create([
|
2022-11-22 15:15:52 +01:00
|
|
|
'otp_type' => 'totp',
|
|
|
|
'account' => OtpTestData::ACCOUNT,
|
|
|
|
'service' => OtpTestData::SERVICE,
|
|
|
|
'secret' => OtpTestData::SECRET,
|
|
|
|
'algorithm' => OtpTestData::ALGORITHM_DEFAULT,
|
|
|
|
'digits' => OtpTestData::DIGITS_DEFAULT,
|
|
|
|
'period' => OtpTestData::PERIOD_DEFAULT,
|
2022-07-05 10:10:24 +02:00
|
|
|
'legacy_uri' => OtpTestData::TOTP_SHORT_URI,
|
2022-11-22 15:15:52 +01:00
|
|
|
'icon' => '',
|
2022-06-21 17:27:47 +02:00
|
|
|
]);
|
|
|
|
|
|
|
|
$response = $this->actingAs($this->user, 'api-guard')
|
2023-03-22 15:39:51 +01:00
|
|
|
->json('POST', '/api/v1/twofaccounts/migration?withSecret=1', [
|
|
|
|
'payload' => MigrationTestData::GOOGLE_AUTH_MIGRATION_URI,
|
|
|
|
])
|
|
|
|
->assertOk()
|
|
|
|
->assertJsonFragment([
|
|
|
|
'id' => -1,
|
|
|
|
'service' => OtpTestData::SERVICE,
|
|
|
|
'account' => OtpTestData::ACCOUNT,
|
|
|
|
'otp_type' => 'totp',
|
|
|
|
'secret' => OtpTestData::SECRET,
|
|
|
|
'digits' => OtpTestData::DIGITS_DEFAULT,
|
|
|
|
'algorithm' => OtpTestData::ALGORITHM_DEFAULT,
|
|
|
|
'period' => OtpTestData::PERIOD_DEFAULT,
|
|
|
|
'counter' => null,
|
|
|
|
])
|
|
|
|
->assertJsonFragment([
|
|
|
|
'id' => 0,
|
|
|
|
'service' => OtpTestData::SERVICE . '_bis',
|
|
|
|
'account' => OtpTestData::ACCOUNT . '_bis',
|
|
|
|
'otp_type' => 'totp',
|
|
|
|
'secret' => OtpTestData::SECRET,
|
|
|
|
'digits' => OtpTestData::DIGITS_DEFAULT,
|
|
|
|
'algorithm' => OtpTestData::ALGORITHM_DEFAULT,
|
|
|
|
'period' => OtpTestData::PERIOD_DEFAULT,
|
|
|
|
'counter' => null,
|
|
|
|
]);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @test
|
|
|
|
*/
|
|
|
|
public function test_migrate_identify_duplicates_in_authenticated_user_twofaccounts_only()
|
|
|
|
{
|
|
|
|
$twofaccount = TwoFAccount::factory()->for($this->anotherUser)->create([
|
|
|
|
'otp_type' => 'totp',
|
|
|
|
'account' => OtpTestData::ACCOUNT,
|
|
|
|
'service' => OtpTestData::SERVICE,
|
|
|
|
'secret' => OtpTestData::SECRET,
|
|
|
|
'algorithm' => OtpTestData::ALGORITHM_DEFAULT,
|
|
|
|
'digits' => OtpTestData::DIGITS_DEFAULT,
|
|
|
|
'period' => OtpTestData::PERIOD_DEFAULT,
|
|
|
|
'legacy_uri' => OtpTestData::TOTP_SHORT_URI,
|
|
|
|
'icon' => '',
|
|
|
|
]);
|
|
|
|
|
|
|
|
$response = $this->actingAs($this->user, 'api-guard')
|
|
|
|
->json('POST', '/api/v1/twofaccounts/migration?withSecret=1', [
|
2022-12-09 10:52:17 +01:00
|
|
|
'payload' => MigrationTestData::GOOGLE_AUTH_MIGRATION_URI,
|
2022-06-21 17:27:47 +02:00
|
|
|
])
|
|
|
|
->assertOk()
|
|
|
|
->assertJsonFragment([
|
2023-03-22 15:39:51 +01:00
|
|
|
'id' => 0,
|
|
|
|
'account' => OtpTestData::ACCOUNT,
|
|
|
|
'service' => OtpTestData::SERVICE,
|
|
|
|
'otp_type' => 'totp',
|
|
|
|
'secret' => OtpTestData::SECRET,
|
|
|
|
'algorithm' => OtpTestData::ALGORITHM_DEFAULT,
|
|
|
|
'digits' => OtpTestData::DIGITS_DEFAULT,
|
|
|
|
'period' => OtpTestData::PERIOD_DEFAULT,
|
|
|
|
'icon' => null,
|
|
|
|
])
|
|
|
|
->assertJsonFragment([
|
|
|
|
'id' => 0,
|
|
|
|
'service' => OtpTestData::SERVICE . '_bis',
|
|
|
|
'account' => OtpTestData::ACCOUNT . '_bis',
|
|
|
|
'otp_type' => 'totp',
|
|
|
|
'secret' => OtpTestData::SECRET,
|
|
|
|
'digits' => OtpTestData::DIGITS_DEFAULT,
|
|
|
|
'algorithm' => OtpTestData::ALGORITHM_DEFAULT,
|
|
|
|
'period' => OtpTestData::PERIOD_DEFAULT,
|
|
|
|
'counter' => null,
|
2022-06-21 17:27:47 +02:00
|
|
|
]);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @test
|
|
|
|
*/
|
2023-03-22 15:39:51 +01:00
|
|
|
public function test_migrate_invalid_gauth_payload_returns_bad_request()
|
2022-06-21 17:27:47 +02:00
|
|
|
{
|
|
|
|
$response = $this->actingAs($this->user, 'api-guard')
|
2022-10-07 18:58:48 +02:00
|
|
|
->json('POST', '/api/v1/twofaccounts/migration', [
|
2022-12-09 10:52:17 +01:00
|
|
|
'payload' => MigrationTestData::GOOGLE_AUTH_MIGRATION_URI_WITH_INVALID_DATA,
|
2022-06-21 17:27:47 +02:00
|
|
|
])
|
|
|
|
->assertStatus(400)
|
|
|
|
->assertJsonStructure([
|
2022-11-22 15:15:52 +01:00
|
|
|
'message',
|
2022-06-21 17:27:47 +02:00
|
|
|
]);
|
|
|
|
}
|
|
|
|
|
2022-10-07 18:58:48 +02:00
|
|
|
/**
|
|
|
|
* @test
|
|
|
|
*/
|
2023-03-22 15:39:51 +01:00
|
|
|
public function test_migrate_valid_aegis_json_file_returns_success()
|
2022-10-07 18:58:48 +02:00
|
|
|
{
|
|
|
|
$file = LocalFile::fake()->validAegisJsonFile();
|
|
|
|
|
|
|
|
$response = $this->withHeaders(['Content-Type' => 'multipart/form-data'])
|
|
|
|
->actingAs($this->user, 'api-guard')
|
|
|
|
->json('POST', '/api/v1/twofaccounts/migration', [
|
2022-11-22 15:15:52 +01:00
|
|
|
'file' => $file,
|
2022-10-14 14:01:01 +02:00
|
|
|
'withSecret' => 1,
|
2022-10-07 18:58:48 +02:00
|
|
|
])
|
|
|
|
->assertOk()
|
2022-12-09 10:52:17 +01:00
|
|
|
->assertJsonCount(3, $key = null)
|
2022-10-07 18:58:48 +02:00
|
|
|
->assertJsonFragment([
|
|
|
|
'id' => 0,
|
2022-12-09 10:52:17 +01:00
|
|
|
'service' => OtpTestData::SERVICE,
|
|
|
|
'account' => OtpTestData::ACCOUNT,
|
2022-10-07 18:58:48 +02:00
|
|
|
'otp_type' => 'totp',
|
|
|
|
'secret' => OtpTestData::SECRET,
|
|
|
|
'digits' => OtpTestData::DIGITS_CUSTOM,
|
|
|
|
'algorithm' => OtpTestData::ALGORITHM_CUSTOM,
|
|
|
|
'period' => OtpTestData::PERIOD_CUSTOM,
|
2022-11-22 15:15:52 +01:00
|
|
|
'counter' => null,
|
2022-10-07 18:58:48 +02:00
|
|
|
])
|
|
|
|
->assertJsonFragment([
|
|
|
|
'id' => 0,
|
2022-12-09 10:52:17 +01:00
|
|
|
'service' => OtpTestData::SERVICE,
|
|
|
|
'account' => OtpTestData::ACCOUNT,
|
2022-10-07 18:58:48 +02:00
|
|
|
'otp_type' => 'hotp',
|
|
|
|
'secret' => OtpTestData::SECRET,
|
|
|
|
'digits' => OtpTestData::DIGITS_CUSTOM,
|
|
|
|
'algorithm' => OtpTestData::ALGORITHM_CUSTOM,
|
|
|
|
'period' => null,
|
|
|
|
'counter' => OtpTestData::COUNTER_CUSTOM,
|
|
|
|
])
|
|
|
|
->assertJsonFragment([
|
|
|
|
'id' => 0,
|
|
|
|
'service' => OtpTestData::STEAM,
|
2022-12-09 10:52:17 +01:00
|
|
|
'account' => OtpTestData::ACCOUNT,
|
2022-10-07 18:58:48 +02:00
|
|
|
'otp_type' => 'steamtotp',
|
|
|
|
'secret' => OtpTestData::STEAM_SECRET,
|
|
|
|
'digits' => OtpTestData::DIGITS_STEAM,
|
|
|
|
'algorithm' => OtpTestData::ALGORITHM_DEFAULT,
|
|
|
|
'period' => OtpTestData::PERIOD_DEFAULT,
|
2022-11-22 15:15:52 +01:00
|
|
|
'counter' => null,
|
2022-10-07 18:58:48 +02:00
|
|
|
]);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @test
|
2022-11-22 15:15:52 +01:00
|
|
|
*
|
2022-10-07 18:58:48 +02:00
|
|
|
* @dataProvider invalidAegisJsonFileProvider
|
|
|
|
*/
|
2023-03-22 15:39:51 +01:00
|
|
|
public function test_migrate_invalid_aegis_json_file_returns_bad_request($file)
|
2022-10-07 18:58:48 +02:00
|
|
|
{
|
|
|
|
$response = $this->withHeaders(['Content-Type' => 'multipart/form-data'])
|
|
|
|
->actingAs($this->user, 'api-guard')
|
|
|
|
->json('POST', '/api/v1/twofaccounts/migration', [
|
|
|
|
'file' => $file,
|
|
|
|
])
|
|
|
|
->assertStatus(400);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Provide invalid Aegis JSON files for import tests
|
|
|
|
*/
|
|
|
|
public function invalidAegisJsonFileProvider()
|
|
|
|
{
|
|
|
|
return [
|
2022-12-09 10:52:17 +01:00
|
|
|
'encryptedAegisJsonFile' => [
|
2022-11-22 15:15:52 +01:00
|
|
|
LocalFile::fake()->encryptedAegisJsonFile(),
|
2022-10-07 18:58:48 +02:00
|
|
|
],
|
2022-12-09 10:52:17 +01:00
|
|
|
'invalidAegisJsonFile' => [
|
2022-11-22 15:15:52 +01:00
|
|
|
LocalFile::fake()->invalidAegisJsonFile(),
|
2022-10-07 18:58:48 +02:00
|
|
|
],
|
|
|
|
];
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @test
|
2022-11-22 15:15:52 +01:00
|
|
|
*
|
2022-10-07 18:58:48 +02:00
|
|
|
* @dataProvider validPlainTextFileProvider
|
|
|
|
*/
|
2023-03-22 15:39:51 +01:00
|
|
|
public function test_migrate_valid_plain_text_file_returns_success($file)
|
2022-10-07 18:58:48 +02:00
|
|
|
{
|
|
|
|
$response = $this->withHeaders(['Content-Type' => 'multipart/form-data'])
|
|
|
|
->actingAs($this->user, 'api-guard')
|
|
|
|
->json('POST', '/api/v1/twofaccounts/migration', [
|
2022-11-22 15:15:52 +01:00
|
|
|
'file' => $file,
|
2022-10-14 14:01:01 +02:00
|
|
|
'withSecret' => 1,
|
2022-10-07 18:58:48 +02:00
|
|
|
])
|
|
|
|
->assertOk()
|
|
|
|
->assertJsonCount(3, $key = null)
|
|
|
|
->assertJsonFragment([
|
|
|
|
'id' => 0,
|
|
|
|
'service' => OtpTestData::SERVICE,
|
|
|
|
'account' => OtpTestData::ACCOUNT,
|
|
|
|
'otp_type' => 'totp',
|
|
|
|
'secret' => OtpTestData::SECRET,
|
|
|
|
'digits' => OtpTestData::DIGITS_CUSTOM,
|
|
|
|
'algorithm' => OtpTestData::ALGORITHM_CUSTOM,
|
|
|
|
'period' => OtpTestData::PERIOD_CUSTOM,
|
2022-11-22 15:15:52 +01:00
|
|
|
'counter' => null,
|
2022-10-07 18:58:48 +02:00
|
|
|
])
|
|
|
|
->assertJsonFragment([
|
|
|
|
'id' => 0,
|
|
|
|
'service' => OtpTestData::SERVICE,
|
|
|
|
'account' => OtpTestData::ACCOUNT,
|
|
|
|
'otp_type' => 'hotp',
|
|
|
|
'secret' => OtpTestData::SECRET,
|
|
|
|
'digits' => OtpTestData::DIGITS_CUSTOM,
|
|
|
|
'algorithm' => OtpTestData::ALGORITHM_CUSTOM,
|
|
|
|
'period' => null,
|
2022-11-22 15:15:52 +01:00
|
|
|
'counter' => OtpTestData::COUNTER_CUSTOM,
|
2022-10-07 18:58:48 +02:00
|
|
|
])
|
|
|
|
->assertJsonFragment([
|
|
|
|
'id' => 0,
|
|
|
|
'service' => OtpTestData::STEAM,
|
|
|
|
'account' => OtpTestData::ACCOUNT,
|
|
|
|
'otp_type' => 'steamtotp',
|
|
|
|
'secret' => OtpTestData::STEAM_SECRET,
|
|
|
|
'digits' => OtpTestData::DIGITS_STEAM,
|
|
|
|
'algorithm' => OtpTestData::ALGORITHM_DEFAULT,
|
|
|
|
'period' => OtpTestData::PERIOD_DEFAULT,
|
2022-11-22 15:15:52 +01:00
|
|
|
'counter' => null,
|
2022-10-07 18:58:48 +02:00
|
|
|
]);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Provide valid Plain Text files for import tests
|
|
|
|
*/
|
|
|
|
public function validPlainTextFileProvider()
|
|
|
|
{
|
|
|
|
return [
|
|
|
|
'validPlainTextFile' => [
|
2022-11-22 15:15:52 +01:00
|
|
|
LocalFile::fake()->validPlainTextFile(),
|
2022-10-07 18:58:48 +02:00
|
|
|
],
|
|
|
|
'validPlainTextFileWithNewLines' => [
|
2022-11-22 15:15:52 +01:00
|
|
|
LocalFile::fake()->validPlainTextFileWithNewLines(),
|
2022-10-07 18:58:48 +02:00
|
|
|
],
|
|
|
|
];
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @test
|
2022-11-22 15:15:52 +01:00
|
|
|
*
|
2022-10-07 18:58:48 +02:00
|
|
|
* @dataProvider invalidPlainTextFileProvider
|
|
|
|
*/
|
2023-03-22 15:39:51 +01:00
|
|
|
public function test_migrate_invalid_plain_text_file_returns_bad_request($file)
|
2022-10-07 18:58:48 +02:00
|
|
|
{
|
|
|
|
$response = $this->withHeaders(['Content-Type' => 'multipart/form-data'])
|
|
|
|
->actingAs($this->user, 'api-guard')
|
|
|
|
->json('POST', '/api/v1/twofaccounts/migration', [
|
|
|
|
'file' => $file,
|
|
|
|
])
|
|
|
|
->assertStatus(400);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Provide invalid Plain Text files for import tests
|
|
|
|
*/
|
|
|
|
public function invalidPlainTextFileProvider()
|
|
|
|
{
|
|
|
|
return [
|
2022-12-09 10:52:17 +01:00
|
|
|
'invalidPlainTextFileEmpty' => [
|
2022-11-22 15:15:52 +01:00
|
|
|
LocalFile::fake()->invalidPlainTextFileEmpty(),
|
2022-10-07 18:58:48 +02:00
|
|
|
],
|
2022-12-09 10:52:17 +01:00
|
|
|
'invalidPlainTextFileNoUri' => [
|
2022-11-22 15:15:52 +01:00
|
|
|
LocalFile::fake()->invalidPlainTextFileNoUri(),
|
2022-10-07 18:58:48 +02:00
|
|
|
],
|
2022-12-09 10:52:17 +01:00
|
|
|
'invalidPlainTextFileWithInvalidUri' => [
|
2022-11-22 15:15:52 +01:00
|
|
|
LocalFile::fake()->invalidPlainTextFileWithInvalidUri(),
|
2022-10-07 18:58:48 +02:00
|
|
|
],
|
2022-12-09 10:52:17 +01:00
|
|
|
'invalidPlainTextFileWithInvalidLine' => [
|
2022-11-22 15:15:52 +01:00
|
|
|
LocalFile::fake()->invalidPlainTextFileWithInvalidLine(),
|
2022-10-07 18:58:48 +02:00
|
|
|
],
|
|
|
|
];
|
|
|
|
}
|
|
|
|
|
2021-11-15 00:21:07 +01:00
|
|
|
/**
|
|
|
|
* @test
|
|
|
|
*/
|
|
|
|
public function test_reorder_returns_success()
|
|
|
|
{
|
2022-03-31 08:38:35 +02:00
|
|
|
$response = $this->actingAs($this->user, 'api-guard')
|
2021-11-15 00:21:07 +01:00
|
|
|
->json('POST', '/api/v1/twofaccounts/reorder', [
|
2023-03-08 09:41:18 +01:00
|
|
|
'orderedIds' => [$this->twofaccountB->id, $this->twofaccountA->id],
|
2022-12-09 10:52:17 +01:00
|
|
|
])
|
2021-11-15 00:21:07 +01:00
|
|
|
->assertStatus(200)
|
|
|
|
->assertJsonStructure([
|
2022-11-22 15:15:52 +01:00
|
|
|
'message',
|
2021-11-15 00:21:07 +01:00
|
|
|
]);
|
|
|
|
}
|
2021-11-14 01:52:46 +01:00
|
|
|
|
2021-11-15 00:21:07 +01:00
|
|
|
/**
|
|
|
|
* @test
|
|
|
|
*/
|
|
|
|
public function test_reorder_with_invalid_data_returns_validation_error()
|
|
|
|
{
|
2022-03-31 08:38:35 +02:00
|
|
|
$response = $this->actingAs($this->user, 'api-guard')
|
2021-11-15 00:21:07 +01:00
|
|
|
->json('POST', '/api/v1/twofaccounts/reorder', [
|
2022-12-09 10:52:17 +01:00
|
|
|
'orderedIds' => '3,2,1',
|
|
|
|
])
|
2021-11-15 00:21:07 +01:00
|
|
|
->assertStatus(422);
|
|
|
|
}
|
2021-11-14 01:52:46 +01:00
|
|
|
|
2023-03-08 09:41:18 +01:00
|
|
|
/**
|
|
|
|
* @test
|
|
|
|
*/
|
|
|
|
public function test_reorder_twofaccounts_of_another_user_is_forbidden()
|
|
|
|
{
|
|
|
|
$response = $this->actingAs($this->user, 'api-guard')
|
|
|
|
->json('POST', '/api/v1/twofaccounts/reorder', [
|
|
|
|
'orderedIds' => [$this->twofaccountB->id, $this->twofaccountD->id],
|
|
|
|
])
|
|
|
|
->assertForbidden()
|
|
|
|
->assertJsonStructure([
|
|
|
|
'message',
|
|
|
|
]);
|
|
|
|
}
|
|
|
|
|
2021-11-15 00:21:07 +01:00
|
|
|
/**
|
|
|
|
* @test
|
|
|
|
*/
|
|
|
|
public function test_preview_returns_success_with_resource()
|
|
|
|
{
|
2022-03-31 08:38:35 +02:00
|
|
|
$response = $this->actingAs($this->user, 'api-guard')
|
2021-11-15 00:21:07 +01:00
|
|
|
->json('POST', '/api/v1/twofaccounts/preview', [
|
2022-07-05 10:10:24 +02:00
|
|
|
'uri' => OtpTestData::TOTP_FULL_CUSTOM_URI,
|
2021-11-15 00:21:07 +01:00
|
|
|
])
|
|
|
|
->assertOk()
|
|
|
|
->assertJsonFragment(self::JSON_FRAGMENTS_FOR_CUSTOM_TOTP);
|
|
|
|
}
|
2021-11-14 01:52:46 +01:00
|
|
|
|
2021-11-15 00:21:07 +01:00
|
|
|
/**
|
|
|
|
* @test
|
|
|
|
*/
|
|
|
|
public function test_preview_with_invalid_data_returns_validation_error()
|
|
|
|
{
|
2022-03-31 08:38:35 +02:00
|
|
|
$response = $this->actingAs($this->user, 'api-guard')
|
2021-11-15 00:21:07 +01:00
|
|
|
->json('POST', '/api/v1/twofaccounts/preview', [
|
2022-07-05 10:10:24 +02:00
|
|
|
'uri' => OtpTestData::INVALID_OTPAUTH_URI,
|
2021-11-15 00:21:07 +01:00
|
|
|
])
|
|
|
|
->assertStatus(422);
|
|
|
|
}
|
2021-11-14 01:52:46 +01:00
|
|
|
|
2021-11-15 00:21:07 +01:00
|
|
|
/**
|
|
|
|
* @test
|
|
|
|
*/
|
|
|
|
public function test_preview_with_unreachable_image_returns_success()
|
|
|
|
{
|
2022-03-31 08:38:35 +02:00
|
|
|
$response = $this->actingAs($this->user, 'api-guard')
|
2021-11-15 00:21:07 +01:00
|
|
|
->json('POST', '/api/v1/twofaccounts/preview', [
|
2022-07-05 10:10:24 +02:00
|
|
|
'uri' => OtpTestData::TOTP_URI_WITH_UNREACHABLE_IMAGE,
|
2021-11-15 00:21:07 +01:00
|
|
|
])
|
|
|
|
->assertOk()
|
|
|
|
->assertJsonFragment([
|
2022-11-22 15:15:52 +01:00
|
|
|
'icon' => null,
|
2021-11-15 00:21:07 +01:00
|
|
|
]);
|
|
|
|
}
|
2021-11-14 01:52:46 +01:00
|
|
|
|
2023-03-18 17:33:43 +01:00
|
|
|
/**
|
|
|
|
* @test
|
|
|
|
*/
|
|
|
|
public function test_export_returns_json_migration_resource()
|
|
|
|
{
|
|
|
|
$this->twofaccountA = TwoFAccount::factory()->for($this->user)->create(self::JSON_FRAGMENTS_FOR_DEFAULT_TOTP);
|
|
|
|
$this->twofaccountB = TwoFAccount::factory()->for($this->user)->create(self::JSON_FRAGMENTS_FOR_DEFAULT_HOTP);
|
|
|
|
|
|
|
|
$this->actingAs($this->user, 'api-guard')
|
|
|
|
->json('GET', '/api/v1/twofaccounts/export?ids=' . $this->twofaccountA->id . ',' . $this->twofaccountB->id)
|
|
|
|
->assertOk()
|
|
|
|
->assertJsonStructure(self::VALID_EXPORT_STRUTURE)
|
|
|
|
->assertJsonFragment(self::JSON_FRAGMENTS_FOR_DEFAULT_TOTP)
|
|
|
|
->assertJsonFragment(self::JSON_FRAGMENTS_FOR_DEFAULT_HOTP);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @test
|
|
|
|
*/
|
|
|
|
public function test_export_too_many_ids_returns_bad_request()
|
|
|
|
{
|
|
|
|
TwoFAccount::factory()->count(102)->for($this->user)->create();
|
|
|
|
|
|
|
|
$ids = DB::table('twofaccounts')->where('user_id', $this->user->id)->pluck('id')->implode(',');
|
|
|
|
|
|
|
|
$response = $this->actingAs($this->user, 'api-guard')
|
|
|
|
->json('GET', '/api/v1/twofaccounts/export?ids=' . $ids)
|
|
|
|
->assertStatus(400)
|
|
|
|
->assertJsonStructure([
|
|
|
|
'message',
|
|
|
|
'reason',
|
|
|
|
]);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @test
|
|
|
|
*/
|
|
|
|
public function test_export_missing_twofaccount_returns_existing_ones_only()
|
|
|
|
{
|
|
|
|
$this->twofaccountA = TwoFAccount::factory()->for($this->user)->create(self::JSON_FRAGMENTS_FOR_DEFAULT_TOTP);
|
|
|
|
|
|
|
|
$response = $this->actingAs($this->user, 'api-guard')
|
|
|
|
->json('GET', '/api/v1/twofaccounts/export?ids=' . $this->twofaccountA->id . ',1000')
|
|
|
|
->assertJsonFragment(self::JSON_FRAGMENTS_FOR_DEFAULT_TOTP);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @test
|
|
|
|
*/
|
|
|
|
public function test_export_twofaccount_of_another_user_is_forbidden()
|
|
|
|
{
|
|
|
|
$response = $this->actingAs($this->user, 'api-guard')
|
|
|
|
->json('GET', '/api/v1/twofaccounts/export?ids=' . $this->twofaccountC->id)
|
|
|
|
->assertForbidden()
|
|
|
|
->assertJsonStructure([
|
|
|
|
'message',
|
|
|
|
]);
|
|
|
|
}
|
|
|
|
|
2021-11-14 01:52:46 +01:00
|
|
|
/**
|
|
|
|
* @test
|
|
|
|
*/
|
2021-11-15 00:21:07 +01:00
|
|
|
public function test_get_otp_using_totp_twofaccount_id_returns_consistent_resource()
|
2021-11-14 01:52:46 +01:00
|
|
|
{
|
2023-03-08 09:41:18 +01:00
|
|
|
$twofaccount = TwoFAccount::factory()->for($this->user)->create([
|
2022-11-22 15:15:52 +01:00
|
|
|
'otp_type' => 'totp',
|
|
|
|
'account' => OtpTestData::ACCOUNT,
|
|
|
|
'service' => OtpTestData::SERVICE,
|
|
|
|
'secret' => OtpTestData::SECRET,
|
|
|
|
'algorithm' => OtpTestData::ALGORITHM_DEFAULT,
|
|
|
|
'digits' => OtpTestData::DIGITS_DEFAULT,
|
|
|
|
'period' => OtpTestData::PERIOD_DEFAULT,
|
2022-07-05 10:10:24 +02:00
|
|
|
'legacy_uri' => OtpTestData::TOTP_SHORT_URI,
|
2022-11-22 15:15:52 +01:00
|
|
|
'icon' => '',
|
2021-11-14 01:52:46 +01:00
|
|
|
]);
|
|
|
|
|
2022-03-31 08:38:35 +02:00
|
|
|
$response = $this->actingAs($this->user, 'api-guard')
|
2021-11-15 00:21:07 +01:00
|
|
|
->json('GET', '/api/v1/twofaccounts/' . $twofaccount->id . '/otp')
|
|
|
|
->assertOk()
|
|
|
|
->assertJsonStructure(self::VALID_OTP_RESOURCE_STRUCTURE_FOR_TOTP)
|
|
|
|
->assertJsonFragment([
|
|
|
|
'otp_type' => 'totp',
|
2022-11-22 15:15:52 +01:00
|
|
|
'period' => OtpTestData::PERIOD_DEFAULT,
|
2021-11-15 00:21:07 +01:00
|
|
|
]);
|
|
|
|
}
|
2021-11-14 01:52:46 +01:00
|
|
|
|
2021-11-15 00:21:07 +01:00
|
|
|
/**
|
|
|
|
* @test
|
|
|
|
*/
|
|
|
|
public function test_get_otp_by_posting_totp_uri_returns_consistent_resource()
|
|
|
|
{
|
2022-03-31 08:38:35 +02:00
|
|
|
$response = $this->actingAs($this->user, 'api-guard')
|
2021-11-15 00:21:07 +01:00
|
|
|
->json('POST', '/api/v1/twofaccounts/otp', [
|
2022-07-05 10:10:24 +02:00
|
|
|
'uri' => OtpTestData::TOTP_FULL_CUSTOM_URI,
|
2021-11-14 01:52:46 +01:00
|
|
|
])
|
2021-11-15 00:21:07 +01:00
|
|
|
->assertOk()
|
|
|
|
->assertJsonStructure(self::VALID_OTP_RESOURCE_STRUCTURE_FOR_TOTP)
|
|
|
|
->assertJsonFragment([
|
|
|
|
'otp_type' => 'totp',
|
2022-11-22 15:15:52 +01:00
|
|
|
'period' => OtpTestData::PERIOD_CUSTOM,
|
2021-11-14 01:52:46 +01:00
|
|
|
]);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @test
|
|
|
|
*/
|
2021-11-15 00:21:07 +01:00
|
|
|
public function test_get_otp_by_posting_totp_parameters_returns_consistent_resource()
|
2021-11-14 01:52:46 +01:00
|
|
|
{
|
2022-03-31 08:38:35 +02:00
|
|
|
$response = $this->actingAs($this->user, 'api-guard')
|
2022-07-05 10:10:24 +02:00
|
|
|
->json('POST', '/api/v1/twofaccounts/otp', OtpTestData::ARRAY_OF_FULL_VALID_PARAMETERS_FOR_CUSTOM_TOTP)
|
2021-11-15 00:21:07 +01:00
|
|
|
->assertOk()
|
|
|
|
->assertJsonStructure(self::VALID_OTP_RESOURCE_STRUCTURE_FOR_TOTP)
|
2021-11-14 01:52:46 +01:00
|
|
|
->assertJsonFragment([
|
2021-11-15 00:21:07 +01:00
|
|
|
'otp_type' => 'totp',
|
2022-11-22 15:15:52 +01:00
|
|
|
'period' => OtpTestData::PERIOD_CUSTOM,
|
2021-11-14 01:52:46 +01:00
|
|
|
]);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @test
|
|
|
|
*/
|
2021-11-15 00:21:07 +01:00
|
|
|
public function test_get_otp_using_hotp_twofaccount_id_returns_consistent_resource()
|
2021-11-14 01:52:46 +01:00
|
|
|
{
|
2023-03-08 09:41:18 +01:00
|
|
|
$twofaccount = TwoFAccount::factory()->for($this->user)->create([
|
2022-11-22 15:15:52 +01:00
|
|
|
'otp_type' => 'hotp',
|
|
|
|
'account' => OtpTestData::ACCOUNT,
|
|
|
|
'service' => OtpTestData::SERVICE,
|
|
|
|
'secret' => OtpTestData::SECRET,
|
|
|
|
'algorithm' => OtpTestData::ALGORITHM_DEFAULT,
|
|
|
|
'digits' => OtpTestData::DIGITS_DEFAULT,
|
|
|
|
'period' => null,
|
2022-07-05 10:10:24 +02:00
|
|
|
'legacy_uri' => OtpTestData::HOTP_SHORT_URI,
|
2022-11-22 15:15:52 +01:00
|
|
|
'icon' => '',
|
2021-11-15 00:21:07 +01:00
|
|
|
]);
|
2021-11-14 01:52:46 +01:00
|
|
|
|
2022-03-31 08:38:35 +02:00
|
|
|
$response = $this->actingAs($this->user, 'api-guard')
|
2021-11-15 00:21:07 +01:00
|
|
|
->json('GET', '/api/v1/twofaccounts/' . $twofaccount->id . '/otp')
|
|
|
|
->assertOk()
|
|
|
|
->assertJsonStructure(self::VALID_OTP_RESOURCE_STRUCTURE_FOR_HOTP)
|
|
|
|
->assertJsonFragment([
|
|
|
|
'otp_type' => 'hotp',
|
2022-11-22 15:15:52 +01:00
|
|
|
'counter' => OtpTestData::COUNTER_DEFAULT + 1,
|
2021-11-14 01:52:46 +01:00
|
|
|
]);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @test
|
|
|
|
*/
|
2021-11-15 00:21:07 +01:00
|
|
|
public function test_get_otp_by_posting_hotp_uri_returns_consistent_resource()
|
2021-11-14 01:52:46 +01:00
|
|
|
{
|
2022-03-31 08:38:35 +02:00
|
|
|
$response = $this->actingAs($this->user, 'api-guard')
|
2021-11-15 00:21:07 +01:00
|
|
|
->json('POST', '/api/v1/twofaccounts/otp', [
|
2022-07-05 10:10:24 +02:00
|
|
|
'uri' => OtpTestData::HOTP_FULL_CUSTOM_URI,
|
2021-11-15 00:21:07 +01:00
|
|
|
])
|
|
|
|
->assertOk()
|
|
|
|
->assertJsonStructure(self::VALID_OTP_RESOURCE_STRUCTURE_FOR_HOTP)
|
|
|
|
->assertJsonFragment([
|
|
|
|
'otp_type' => 'hotp',
|
2022-11-22 15:15:52 +01:00
|
|
|
'counter' => OtpTestData::COUNTER_CUSTOM + 1,
|
2021-11-14 01:52:46 +01:00
|
|
|
]);
|
2021-11-15 00:21:07 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @test
|
|
|
|
*/
|
|
|
|
public function test_get_otp_by_posting_hotp_parameters_returns_consistent_resource()
|
|
|
|
{
|
2022-03-31 08:38:35 +02:00
|
|
|
$response = $this->actingAs($this->user, 'api-guard')
|
2022-07-05 10:10:24 +02:00
|
|
|
->json('POST', '/api/v1/twofaccounts/otp', OtpTestData::ARRAY_OF_FULL_VALID_PARAMETERS_FOR_CUSTOM_HOTP)
|
2021-11-15 00:21:07 +01:00
|
|
|
->assertOk()
|
|
|
|
->assertJsonStructure(self::VALID_OTP_RESOURCE_STRUCTURE_FOR_HOTP)
|
2021-11-14 01:52:46 +01:00
|
|
|
->assertJsonFragment([
|
2021-11-15 00:21:07 +01:00
|
|
|
'otp_type' => 'hotp',
|
2022-11-22 15:15:52 +01:00
|
|
|
'counter' => OtpTestData::COUNTER_CUSTOM + 1,
|
2021-11-14 01:52:46 +01:00
|
|
|
]);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @test
|
|
|
|
*/
|
2021-11-15 00:21:07 +01:00
|
|
|
public function test_get_otp_by_posting_multiple_inputs_returns_bad_request()
|
2021-11-14 01:52:46 +01:00
|
|
|
{
|
2022-03-31 08:38:35 +02:00
|
|
|
$response = $this->actingAs($this->user, 'api-guard')
|
2021-11-15 00:21:07 +01:00
|
|
|
->json('POST', '/api/v1/twofaccounts/otp', [
|
2022-07-05 10:10:24 +02:00
|
|
|
'uri' => OtpTestData::HOTP_FULL_CUSTOM_URI,
|
2021-11-15 00:21:07 +01:00
|
|
|
'key' => 'value',
|
|
|
|
])
|
|
|
|
->assertStatus(400)
|
2021-11-14 01:52:46 +01:00
|
|
|
->assertJsonStructure([
|
2021-11-15 00:21:07 +01:00
|
|
|
'message',
|
|
|
|
'reason',
|
2021-11-14 01:52:46 +01:00
|
|
|
]);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @test
|
|
|
|
*/
|
2021-11-15 00:21:07 +01:00
|
|
|
public function test_get_otp_using_indecipherable_twofaccount_id_returns_bad_request()
|
2021-11-14 01:52:46 +01:00
|
|
|
{
|
2022-07-30 17:51:02 +02:00
|
|
|
Settings::set('useEncryption', true);
|
2021-11-15 00:21:07 +01:00
|
|
|
|
2023-03-08 09:41:18 +01:00
|
|
|
$twofaccount = TwoFAccount::factory()->for($this->user)->create();
|
2021-11-15 00:21:07 +01:00
|
|
|
|
|
|
|
DB::table('twofaccounts')
|
|
|
|
->where('id', $twofaccount->id)
|
|
|
|
->update([
|
|
|
|
'secret' => '**encrypted**',
|
|
|
|
]);
|
2021-11-14 01:52:46 +01:00
|
|
|
|
2022-03-31 08:38:35 +02:00
|
|
|
$response = $this->actingAs($this->user, 'api-guard')
|
2021-11-15 00:21:07 +01:00
|
|
|
->json('GET', '/api/v1/twofaccounts/' . $twofaccount->id . '/otp')
|
|
|
|
->assertStatus(400)
|
2021-11-14 01:52:46 +01:00
|
|
|
->assertJsonStructure([
|
2021-11-15 00:21:07 +01:00
|
|
|
'message',
|
2021-11-14 01:52:46 +01:00
|
|
|
]);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @test
|
|
|
|
*/
|
2021-11-15 00:21:07 +01:00
|
|
|
public function test_get_otp_using_missing_twofaccount_id_returns_not_found()
|
2021-11-14 01:52:46 +01:00
|
|
|
{
|
2022-03-31 08:38:35 +02:00
|
|
|
$response = $this->actingAs($this->user, 'api-guard')
|
2021-11-15 00:21:07 +01:00
|
|
|
->json('GET', '/api/v1/twofaccounts/1000/otp')
|
|
|
|
->assertNotFound();
|
2021-11-14 01:52:46 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @test
|
|
|
|
*/
|
2021-11-15 00:21:07 +01:00
|
|
|
public function test_get_otp_by_posting_invalid_uri_returns_validation_error()
|
2021-11-14 01:52:46 +01:00
|
|
|
{
|
2022-03-31 08:38:35 +02:00
|
|
|
$response = $this->actingAs($this->user, 'api-guard')
|
2021-11-15 00:21:07 +01:00
|
|
|
->json('POST', '/api/v1/twofaccounts/otp', [
|
2022-07-05 10:10:24 +02:00
|
|
|
'uri' => OtpTestData::INVALID_OTPAUTH_URI,
|
2021-11-15 00:21:07 +01:00
|
|
|
])
|
|
|
|
->assertStatus(422);
|
2021-11-14 01:52:46 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @test
|
|
|
|
*/
|
2021-11-15 00:21:07 +01:00
|
|
|
public function test_get_otp_by_posting_invalid_parameters_returns_validation_error()
|
2021-11-14 01:52:46 +01:00
|
|
|
{
|
2022-03-31 08:38:35 +02:00
|
|
|
$response = $this->actingAs($this->user, 'api-guard')
|
2021-11-15 00:21:07 +01:00
|
|
|
->json('POST', '/api/v1/twofaccounts/otp', self::ARRAY_OF_INVALID_PARAMETERS)
|
|
|
|
->assertStatus(422);
|
2021-11-14 01:52:46 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @test
|
|
|
|
*/
|
2023-03-08 09:41:18 +01:00
|
|
|
public function test_get_otp_of_another_user_twofaccount_is_forbidden()
|
2021-11-14 01:52:46 +01:00
|
|
|
{
|
2023-03-08 09:41:18 +01:00
|
|
|
$response = $this->actingAs($this->user, 'api-guard')
|
2023-03-10 22:59:46 +01:00
|
|
|
->json('GET', '/api/v1/twofaccounts/' . $this->twofaccountC->id . '/otp')
|
2023-03-08 09:41:18 +01:00
|
|
|
->assertForbidden()
|
|
|
|
->assertJsonStructure([
|
|
|
|
'message',
|
|
|
|
]);
|
|
|
|
}
|
2021-11-15 00:21:07 +01:00
|
|
|
|
2023-03-08 09:41:18 +01:00
|
|
|
/**
|
|
|
|
* @test
|
|
|
|
*/
|
|
|
|
public function test_count_returns_right_number_of_twofaccounts()
|
|
|
|
{
|
2022-03-31 08:38:35 +02:00
|
|
|
$response = $this->actingAs($this->user, 'api-guard')
|
2021-11-15 00:21:07 +01:00
|
|
|
->json('GET', '/api/v1/twofaccounts/count')
|
|
|
|
->assertStatus(200)
|
|
|
|
->assertExactJson([
|
2023-03-08 09:41:18 +01:00
|
|
|
'count' => 2,
|
2021-11-14 01:52:46 +01:00
|
|
|
]);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @test
|
|
|
|
*/
|
2021-11-15 00:21:07 +01:00
|
|
|
public function test_withdraw_returns_success()
|
2021-11-14 01:52:46 +01:00
|
|
|
{
|
2022-03-31 08:38:35 +02:00
|
|
|
$response = $this->actingAs($this->user, 'api-guard')
|
2023-03-08 09:41:18 +01:00
|
|
|
->json('PATCH', '/api/v1/twofaccounts/withdraw?ids=1,2')
|
2021-11-15 00:21:07 +01:00
|
|
|
->assertOk()
|
2021-11-14 01:52:46 +01:00
|
|
|
->assertJsonStructure([
|
2021-11-15 00:21:07 +01:00
|
|
|
'message',
|
2021-11-14 01:52:46 +01:00
|
|
|
]);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @test
|
|
|
|
*/
|
2021-11-15 00:21:07 +01:00
|
|
|
public function test_withdraw_too_many_ids_returns_bad_request()
|
2021-11-14 01:52:46 +01:00
|
|
|
{
|
2023-03-08 09:41:18 +01:00
|
|
|
TwoFAccount::factory()->count(102)->for($this->user)->create();
|
|
|
|
|
|
|
|
$ids = DB::table('twofaccounts')->where('user_id', $this->user->id)->pluck('id')->implode(',');
|
2021-11-15 00:21:07 +01:00
|
|
|
|
2022-03-31 08:38:35 +02:00
|
|
|
$response = $this->actingAs($this->user, 'api-guard')
|
2021-11-15 00:21:07 +01:00
|
|
|
->json('PATCH', '/api/v1/twofaccounts/withdraw?ids=' . $ids)
|
|
|
|
->assertStatus(400)
|
2021-11-14 01:52:46 +01:00
|
|
|
->assertJsonStructure([
|
2021-11-15 00:21:07 +01:00
|
|
|
'message',
|
|
|
|
'reason',
|
2021-11-14 01:52:46 +01:00
|
|
|
]);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @test
|
|
|
|
*/
|
2021-11-15 00:21:07 +01:00
|
|
|
public function test_destroy_twofaccount_returns_success()
|
2021-11-14 01:52:46 +01:00
|
|
|
{
|
2022-03-31 08:38:35 +02:00
|
|
|
$response = $this->actingAs($this->user, 'api-guard')
|
2023-03-08 09:41:18 +01:00
|
|
|
->json('DELETE', '/api/v1/twofaccounts/' . $this->twofaccountA->id)
|
2021-11-15 00:21:07 +01:00
|
|
|
->assertNoContent();
|
2021-11-14 01:52:46 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @test
|
|
|
|
*/
|
2021-11-15 00:21:07 +01:00
|
|
|
public function test_destroy_missing_twofaccount_returns_not_found()
|
2021-11-14 01:52:46 +01:00
|
|
|
{
|
2022-03-31 08:38:35 +02:00
|
|
|
$response = $this->actingAs($this->user, 'api-guard')
|
2021-11-15 00:21:07 +01:00
|
|
|
->json('DELETE', '/api/v1/twofaccounts/1000')
|
|
|
|
->assertNotFound();
|
2021-11-14 01:52:46 +01:00
|
|
|
}
|
|
|
|
|
2023-03-08 09:41:18 +01:00
|
|
|
/**
|
|
|
|
* @test
|
|
|
|
*/
|
|
|
|
public function test_destroy_twofaccount_of_another_user_is_forbidden()
|
|
|
|
{
|
|
|
|
$response = $this->actingAs($this->user, 'api-guard')
|
|
|
|
->json('DELETE', '/api/v1/twofaccounts/' . $this->twofaccountC->id)
|
|
|
|
->assertForbidden()
|
|
|
|
->assertJsonStructure([
|
|
|
|
'message',
|
|
|
|
]);
|
|
|
|
}
|
|
|
|
|
2021-11-14 01:52:46 +01:00
|
|
|
/**
|
|
|
|
* @test
|
|
|
|
*/
|
2021-11-15 00:21:07 +01:00
|
|
|
public function test_batch_destroy_twofaccount_returns_success()
|
2021-11-14 01:52:46 +01:00
|
|
|
{
|
2023-03-08 09:41:18 +01:00
|
|
|
TwoFAccount::factory()->count(3)->for($this->user)->create();
|
|
|
|
|
2022-03-31 08:38:35 +02:00
|
|
|
$response = $this->actingAs($this->user, 'api-guard')
|
2023-03-08 09:41:18 +01:00
|
|
|
->json('DELETE', '/api/v1/twofaccounts?ids=' . $this->twofaccountA->id . ',' . $this->twofaccountB->id)
|
2021-11-15 00:21:07 +01:00
|
|
|
->assertNoContent();
|
2021-11-14 01:52:46 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @test
|
|
|
|
*/
|
2021-11-15 00:21:07 +01:00
|
|
|
public function test_batch_destroy_too_many_twofaccounts_returns_bad_request()
|
2021-11-14 01:52:46 +01:00
|
|
|
{
|
2023-03-08 09:41:18 +01:00
|
|
|
TwoFAccount::factory()->count(102)->for($this->user)->create();
|
|
|
|
|
|
|
|
$ids = DB::table('twofaccounts')->where('user_id', $this->user->id)->pluck('id')->implode(',');
|
2021-11-14 01:52:46 +01:00
|
|
|
|
2022-03-31 08:38:35 +02:00
|
|
|
$response = $this->actingAs($this->user, 'api-guard')
|
2021-11-15 00:21:07 +01:00
|
|
|
->json('DELETE', '/api/v1/twofaccounts?ids=' . $ids)
|
|
|
|
->assertStatus(400)
|
|
|
|
->assertJsonStructure([
|
|
|
|
'message',
|
|
|
|
'reason',
|
|
|
|
]);
|
2021-11-14 01:52:46 +01:00
|
|
|
}
|
2023-03-08 09:41:18 +01:00
|
|
|
|
|
|
|
/**
|
|
|
|
* @test
|
|
|
|
*/
|
|
|
|
public function test_batch_destroy_twofaccount_of_another_user_is_forbidden()
|
|
|
|
{
|
|
|
|
TwoFAccount::factory()->count(2)->for($this->anotherUser)->create();
|
|
|
|
|
|
|
|
$ids = DB::table('twofaccounts')
|
|
|
|
->where('user_id', $this->anotherUser->id)
|
|
|
|
->pluck('id')
|
|
|
|
->implode(',');
|
|
|
|
|
|
|
|
$response = $this->actingAs($this->user, 'api-guard')
|
|
|
|
->json('DELETE', '/api/v1/twofaccounts?ids=' . $ids)
|
|
|
|
->assertForbidden()
|
|
|
|
->assertJsonStructure([
|
|
|
|
'message',
|
|
|
|
]);
|
|
|
|
}
|
2022-11-22 15:15:52 +01:00
|
|
|
}
|