extern/2FAuth
1
0
Fork 0
mirror of https://github.com/Bubka/2FAuth.git synced 2025-03-28 07:56:03 +01:00
Code Issues Packages Projects Releases Wiki Activity

Complete tests rewriting for main controllers

Browse Source
This commit is contained in:
Bubka 2021-11-15 00:21:07 +01:00
parent 627944a285
commit 22442f7af6
8 changed files with 854 additions and 1606 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
tests/Api/v1/Controllers/GroupControllerTest.php
View File

@ -126,8 +126,8 @@ public function test_update_returns_updated_group_resource()
$response = $this->actingAs($this->user, 'api')
->json('PUT', '/api/v1/groups/' . $group->id, [
'name' => 'name updated',
])
'name' => 'name updated',
])
->assertOk()
->assertExactJson([
'id' => 1,
@ -144,8 +144,8 @@ public function test_update_missing_group_returns_not_found()
{
$response = $this->actingAs($this->user, 'api')
->json('PUT', '/api/v1/groups/1000', [
'name' => 'testUpdate',
])
'name' => 'testUpdate',
])
->assertNotFound()
->assertJsonStructure([
'message'
@ -162,8 +162,8 @@ public function test_update_with_invalid_data_returns_validation_error()
$response = $this->actingAs($this->user, 'api')
->json('PUT', '/api/v1/groups/' . $group->id, [
'name' => null,
])
'name' => null,
])
->assertStatus(422);
}
@ -178,8 +178,8 @@ public function test_assign_accounts_returns_updated_group_resource()
$response = $this->actingAs($this->user, 'api')
->json('POST', '/api/v1/groups/' . $group->id . '/assign', [
'ids' => [1,2],
])
'ids' => [1,2],
])
->assertOk()
->assertExactJson([
'id' => $group->id,
@ -198,8 +198,8 @@ public function test_assign_accounts_to_missing_group_returns_not_found()
$response = $this->actingAs($this->user, 'api')
->json('POST', '/api/v1/groups/1000/assign', [
'ids' => [1,2],
])
'ids' => [1,2],
])
->assertNotFound()
->assertJsonStructure([
'message'
@ -217,8 +217,8 @@ public function test_assign_invalid_accounts_returns_validation_error()
$response = $this->actingAs($this->user, 'api')
->json('POST', '/api/v1/groups/' . $group->id . '/assign', [
'ids' => 1,
])
'ids' => 1,
])
->assertStatus(422);
}
@ -233,7 +233,7 @@ public function test_get_assigned_accounts_returns_twofaccounts_collection()
$assign = $this->actingAs($this->user, 'api')
->json('POST', '/api/v1/groups/' . $group->id . '/assign', [
'ids' => [1,2],
'ids' => [1,2],
]);
$response = $this->actingAs($this->user, 'api')
@ -266,7 +266,7 @@ public function test_get_assigned_accounts_returns_twofaccounts_collection_with_
$assign = $this->actingAs($this->user, 'api')
->json('POST', '/api/v1/groups/' . $group->id . '/assign', [
'ids' => [1,2],
'ids' => [1,2],
]);
$response = $this->actingAs($this->user, 'api')

8
tests/Api/v1/Controllers/IconControllerTest.php
View File

@ -20,8 +20,8 @@ public function test_upload_icon_returns_filename()
$file = UploadedFile::fake()->image('testIcon.jpg');
$response = $this->json('POST', '/api/v1/icons', [
'icon' => $file,
])
'icon' => $file,
])
->assertCreated()
->assertJsonStructure([
'filename'
@ -35,8 +35,8 @@ public function test_upload_icon_returns_filename()
public function test_upload_with_invalid_data_returns_validation_error()
{
$response = $this->json('POST', '/api/v1/icons', [
'icon' => null,
])
'icon' => null,
])
->assertStatus(422);
}

5
tests/Api/v1/Controllers/QrcodeControllerTest.php
View File

@ -93,11 +93,10 @@ public function test_decode_qrcode_return_success()
*/
public function test_decode_missing_qrcode_return_validation_error()
{
$response = $this->actingAs($this->user, 'api')
->json('POST', '/api/v1/qrcode/decode', [
'qrcode' => '',
])
'qrcode' => '',
])
->assertStatus(422);
}

261
tests/Api/v1/Controllers/SettingControllerTest.php Normal file
View File

@ -0,0 +1,261 @@
<?php
namespace Tests\Api\v1\Controllers;
use App\User;
use App\Group;
use Tests\FeatureTestCase;
use App\TwoFAccount;
class SettingControllerTest extends FeatureTestCase
{
/**
* @var \App\User
*/
protected $user;
private const SETTING_JSON_STRUCTURE = [
'key',
'value'
];
private const TWOFAUTH_NATIVE_SETTING = 'showTokenAsDot';
private const TWOFAUTH_NATIVE_SETTING_DEFAULT_VALUE = false;
private const TWOFAUTH_NATIVE_SETTING_CHANGED_VALUE = true;
private const USER_DEFINED_SETTING = 'mySetting';
private const USER_DEFINED_SETTING_VALUE = 'mySetting';
private const USER_DEFINED_SETTING_CHANGED_VALUE = 'mySetting';
/**
* @test
*/
public function setUp(): void
{
parent::setUp();
$this->user = factory(User::class)->create();
}
/**
* @test
*/
public function test_index_returns_setting_collection()
{
$response = $this->actingAs($this->user, 'api')
->json('GET', '/api/v1/settings')
->assertOk()
->assertJsonStructure([
'*' => self::SETTING_JSON_STRUCTURE
]);
}
/**
* @test
*/
public function test_show_native_unchanged_setting_returns_consistent_value()
{
$response = $this->actingAs($this->user, 'api')
->json('GET', '/api/v1/settings/' . self::TWOFAUTH_NATIVE_SETTING)
->assertOk()
->assertExactJson([
'key' => self::TWOFAUTH_NATIVE_SETTING,
'value' => self::TWOFAUTH_NATIVE_SETTING_DEFAULT_VALUE,
]);
}
/**
* @test
*/
public function test_show_native_changed_setting_returns_consistent_value()
{
$settingService = resolve('App\Services\SettingServiceInterface');
$settingService->set(self::TWOFAUTH_NATIVE_SETTING, self::TWOFAUTH_NATIVE_SETTING_CHANGED_VALUE);
$response = $this->actingAs($this->user, 'api')
->json('GET', '/api/v1/settings/' . self::TWOFAUTH_NATIVE_SETTING)
->assertOk()
->assertExactJson([
'key' => self::TWOFAUTH_NATIVE_SETTING,
'value' => self::TWOFAUTH_NATIVE_SETTING_CHANGED_VALUE,
]);
}
/**
* @test
*/
public function test_show_custom_user_setting_returns_consistent_value()
{
$settingService = resolve('App\Services\SettingServiceInterface');
$settingService->set(self::USER_DEFINED_SETTING, self::USER_DEFINED_SETTING_VALUE);
$response = $this->actingAs($this->user, 'api')
->json('GET', '/api/v1/settings/' . self::USER_DEFINED_SETTING)
->assertOk()
->assertExactJson([
'key' => self::USER_DEFINED_SETTING,
'value' => self::USER_DEFINED_SETTING_VALUE,
]);
}
/**
* @test
*/
public function test_show_missing_setting_returns_not_found()
{
$response = $this->actingAs($this->user, 'api')
->json('GET', '/api/v1/settings/missing')
->assertNotFound();
}
/**
* @test
*/
public function test_store_custom_user_setting_returns_success()
{
$response = $this->actingAs($this->user, 'api')
->json('POST', '/api/v1/settings', [
'key' => self::USER_DEFINED_SETTING,
'value' => self::USER_DEFINED_SETTING_VALUE,
])
->assertCreated()
->assertExactJson([
'key' => self::USER_DEFINED_SETTING,
'value' => self::USER_DEFINED_SETTING_VALUE,
]);
}
/**
* @test
*/
public function test_store_invalid_custom_user_setting_returns_validation_error()
{
$response = $this->actingAs($this->user, 'api')
->json('POST', '/api/v1/settings', [
'key' => null,
'value' => null,
])
->assertStatus(422);
}
/**
* @test
*/
public function test_store_existing_custom_user_setting_returns_validation_error()
{
$settingService = resolve('App\Services\SettingServiceInterface');
$settingService->set(self::USER_DEFINED_SETTING, self::USER_DEFINED_SETTING_VALUE);
$response = $this->actingAs($this->user, 'api')
->json('POST', '/api/v1/settings', [
'key' => self::USER_DEFINED_SETTING,
'value' => self::USER_DEFINED_SETTING_VALUE,
])
->assertStatus(422);
}
/**
* @test
*/
public function test_update_unchanged_native_setting_returns_updated_setting()
{
$response = $this->actingAs($this->user, 'api')
->json('PUT', '/api/v1/settings/' . self::TWOFAUTH_NATIVE_SETTING, [
'key' => self::TWOFAUTH_NATIVE_SETTING,
'value' => self::TWOFAUTH_NATIVE_SETTING_CHANGED_VALUE,
])
->assertOk()
->assertExactJson([
'key' => self::TWOFAUTH_NATIVE_SETTING,
'value' => self::TWOFAUTH_NATIVE_SETTING_CHANGED_VALUE,
]);
}
/**
* @test
*/
public function test_update_custom_user_setting_returns_updated_setting()
{
$settingService = resolve('App\Services\SettingServiceInterface');
$settingService->set(self::USER_DEFINED_SETTING, self::USER_DEFINED_SETTING_VALUE);
$response = $this->actingAs($this->user, 'api')
->json('PUT', '/api/v1/settings/' . self::USER_DEFINED_SETTING, [
'key' => self::USER_DEFINED_SETTING,
'value' => self::USER_DEFINED_SETTING_CHANGED_VALUE,
])
->assertOk()
->assertExactJson([
'key' => self::USER_DEFINED_SETTING,
'value' => self::USER_DEFINED_SETTING_CHANGED_VALUE,
]);
}
/**
* @test
*/
public function test_update_missing_user_setting_returns_created_setting()
{
$response = $this->actingAs($this->user, 'api')
->json('PUT', '/api/v1/settings/' . self::USER_DEFINED_SETTING, [
'key' => self::USER_DEFINED_SETTING,
'value' => self::USER_DEFINED_SETTING_CHANGED_VALUE,
])
->assertOk()
->assertExactJson([
'key' => self::USER_DEFINED_SETTING,
'value' => self::USER_DEFINED_SETTING_CHANGED_VALUE,
]);
}
/**
* @test
*/
public function test_destroy_user_setting_returns_success()
{
$settingService = resolve('App\Services\SettingServiceInterface');
$settingService->set(self::USER_DEFINED_SETTING, self::USER_DEFINED_SETTING_VALUE);
$response = $this->actingAs($this->user, 'api')
->json('DELETE', '/api/v1/settings/' . self::USER_DEFINED_SETTING)
->assertNoContent();
}
/**
* @test
*/
public function test_destroy_native_setting_returns_bad_request()
{
$response = $this->actingAs($this->user, 'api')
->json('DELETE', '/api/v1/settings/' . self::TWOFAUTH_NATIVE_SETTING)
->assertStatus(400)
->assertJsonStructure([
'message',
'reason',
]);
}
/**
* @test
*/
public function test_destroy_missing_user_setting_returns_not_found()
{
$response = $this->actingAs($this->user, 'api')
->json('DELETE', '/api/v1/settings/' . self::USER_DEFINED_SETTING)
->assertNotFound();
}
}

1259
tests/Api/v1/Controllers/TwoFAccountControllerTest.php
View File

File diff suppressed because it is too large Load Diff

7
tests/Api/v1/Requests/UserPatchPwdRequestTest.php
View File

@ -47,6 +47,7 @@ public function provideValidData() : array
[[
'currentPassword' => 'newPassword',
'password' => 'newPassword',
'password_confirmation' => 'newPassword',
]],
];
}
@ -71,26 +72,32 @@ public function provideInvalidData() : array
[[
'currentPassword' => '', // required
'password' => 'newPassword',
'password_confirmation' => 'newPassword',
]],
[[
'currentPassword' => 'currentPassword',
'password' => '', // required
'password_confirmation' => 'newPassword',
]],
[[
'currentPassword' => 'newPassword',
'password' => 'anotherPassword', // confirmed
'password_confirmation' => 'newPassword',
]],
[[
'currentPassword' => 'pwd',
'password' => 'pwd', // min:8
'password_confirmation' => 'newPassword',
]],
[[
'currentPassword' => 'pwd',
'password' => true, // string
'password_confirmation' => 'newPassword',
]],
[[
'currentPassword' => 'pwd',
'password' => 10, // string
'password_confirmation' => 'newPassword',
]],
];
}

73
tests/Unit/Settings/OptionTest.php
View File

@ -1,73 +0,0 @@
<?php
namespace Tests\Unit\Settings;
use App\User;
use Tests\TestCase;
class OptionTest extends TestCase
{
/** @var \App\User */
protected $user;
/**
* @test
*/
public function setUp(): void
{
parent::setUp();
$this->user = factory(User::class)->create();
}
/**
* test Settings storage via API
*
* @test
*/
public function testSettingsStorage()
{
$response = $this->actingAs($this->user, 'api')
->json('POST', '/api/settings/options', [
'setting_1' => 'value_1',
'setting_2' => true,
'setting_3' => false,
])
->assertStatus(200)
->assertJson([
'message' => __('settings.forms.setting_saved'),
'settings' => [
'setting_1' => 'value_1',
'setting_2' => true,
'setting_3' => false,
]
]);
}
/**
* test Settings list fetching via API
*
* @test
*/
public function testSettingsIndexListing()
{
option(['setting_1' => 'value_1']);
option(['setting_2' => true]);
option(['setting_3' => false]);
$response = $this->actingAs($this->user, 'api')
->json('GET', '/api/settings/options')
->assertStatus(200)
->assertJson([
'settings' => [
'setting_1' => 'value_1',
'setting_2' => true,
'setting_3' => false,
]
]);
}
}

819
tests/Unit/TwoFAccountTest.php
View File

@ -1,819 +0,0 @@
<?php
namespace Tests\Unit;
use App\User;
use Tests\TestCase;
use App\TwoFAccount;
use Illuminate\Support\Facades\DB;
use Illuminate\Support\Facades\Storage;
class TwoFAccountTest extends TestCase
{
/** @var \App\User */
protected $user;
/**
* @test
*/
public function setUp(): void
{
parent::setUp();
$this->user = factory(User::class)->create();
}
/**
* test Totp TwoFAccount display via API
*
* @test
*/
public function testTotpTwofaccountDisplay()
{
Storage::put('test.png', 'emptied to prevent missing resource replaced by null by the model getter');
$twofaccount = factory(TwoFAccount::class)->create([
'service' => 'testTOTP',
'account' => 'test@test.com',
'uri' => 'otpauth://totp/test@test.com?secret=A4GRFHVVRBGY7UIW&issuer=test',
'icon' => 'test.png'
]);
$response = $this->actingAs($this->user, 'api')
->json('GET', '/api/twofaccounts/' . $twofaccount->id)
->assertStatus(200)
->assertJsonFragment([
'service' => 'testTOTP',
'account' => 'test@test.com',
'icon' => 'test.png',
'group_id' => null,
'isConsistent' => true,
'otpType' => 'totp',
'digits' => 6,
'totpPeriod' => 30,
'imageLink' => null,
])
->assertJsonMissing([
'uri' => 'otpauth://totp/test@test.com?secret=A4GRFHVVRBGY7UIW&issuer=test',
'secret' => 'A4GRFHVVRBGY7UIW',
'algorithm' => 'sha1',
]);
}
/**
* test Hotp TwoFAccount display via API
*
* @test
*/
public function testHotpTwofaccountDisplayWithCounterIncrement()
{
$twofaccount = factory(TwoFAccount::class)->create([
'service' => 'testTOTP',
'account' => 'test@test.com',
'uri' => 'otpauth://hotp/test@test.com?secret=A4GRFHVVRBGY7UIW&issuer=test&counter=1',
]);
$response = $this->actingAs($this->user, 'api')
->json('POST', '/api/twofaccounts/token', ['id' => $twofaccount->id])
->assertStatus(200);
$response = $this->actingAs($this->user, 'api')
->json('GET', '/api/twofaccounts/' . $twofaccount->id)
->assertStatus(200)
->assertJsonFragment([
'service' => 'testTOTP',
'account' => 'test@test.com',
'group_id' => null,
'isConsistent' => true,
'otpType' => 'hotp',
'digits' => 6,
'hotpCounter' => 2,
'imageLink' => null,
])
->assertJsonMissing([
'uri' => 'otpauth://hotp/test@test.com?secret=A4GRFHVVRBGY7UIW&issuer=test',
'secret' => 'A4GRFHVVRBGY7UIW',
'algorithm' => 'sha1',
]);
}
/**
* test TwoFAccount display via API
*
* @test
*/
public function testTwofaccountDisplayWithSensitive()
{
$twofaccount = factory(TwoFAccount::class)->create([
'service' => 'testTOTP',
'account' => 'test@test.com',
'uri' => 'otpauth://totp/test@test.com?secret=A4GRFHVVRBGY7UIW',
]);
$response = $this->actingAs($this->user, 'api')
->json('GET', '/api/twofaccounts/' . $twofaccount->id . '/withSensitive')
->assertStatus(200)
->assertJsonFragment([
'uri' => 'otpauth://totp/test@test.com?secret=A4GRFHVVRBGY7UIW',
'secret' => 'A4GRFHVVRBGY7UIW',
'algorithm' => 'sha1',
]);
}
/**
* test missing TwoFAccount display via API
*
* @test
*/
public function testMissingTwofaccountDisplay()
{
$response = $this->actingAs($this->user, 'api')
->json('GET', '/api/twofaccounts/1000')
->assertStatus(404);
}
/**
* test TwoFAccount preview via API
*
* @test
*/
public function testTwofaccountPreview()
{
Storage::put('test.png', 'emptied to prevent missing resource replaced by null by the model getter');
$response = $this->actingAs($this->user, 'api')
->json('POST', '/api/twofaccounts/preview', [
'uri' => 'otpauth://totp/service:account?secret=A4GRFHVVRBGY7UIW&issuer=service&image=https%3A%2F%2Fen.opensuse.org%2Fimages%2F4%2F44%2FButton-filled-colour.png',
])
->assertStatus(200)
->assertJsonFragment([
'service' => 'service',
'account' => 'account',
'uri' => 'otpauth://totp/service:account?secret=A4GRFHVVRBGY7UIW&issuer=service&image=https%3A%2F%2Fen.opensuse.org%2Fimages%2F4%2F44%2FButton-filled-colour.png',
'secret' => 'A4GRFHVVRBGY7UIW',
'algorithm' => 'sha1',
'otpType' => 'totp',
'digits' => 6,
'totpPeriod' => 30,
'hotpCounter' => null,
'imageLink' => 'https://en.opensuse.org/images/4/44/Button-filled-colour.png',
])
->assertJsonStructure([
'icon'
]);
}
/**
* test TwoFAccount preview with unreachable image parameter via API
*
* @test
*/
public function testTwofaccountPreviewWithUnreachableImage()
{
$response = $this->actingAs($this->user, 'api')
->json('POST', '/api/twofaccounts/preview', [
'uri' => 'otpauth://totp/service:account?secret=A4GRFHVVRBGY7UIW&issuer=service&image=https%3A%2F%2Fen.opensuse.org%2Fimage.png',
])
->assertStatus(200)
->assertJsonMissing([
'icon'
]);
}
/**
* test TwoFAccount creation via API
*
* @test
*/
public function testTwofaccountCreationSubmittedByQuickForm()
{
$response = $this->actingAs($this->user, 'api')
->json('POST', '/api/twofaccounts', [
'service' => 'testCreation',
'account' => 'test@example.org',
'uri' => 'otpauth://totp/test@test.com?secret=A4GRFHZVRBGY7UIW&issuer=test',
'icon' => 'test.png',
])
->assertStatus(201)
->assertJsonFragment([
'service' => 'testCreation',
'account' => 'test@example.org',
'icon' => 'test.png',
])
->assertJsonMissing([
'uri' => 'otpauth://totp/test@test.com?secret=A4GRFHVVRBGY7UIW&issuer=test',
]);
}
/**
* test Twofaccount Creation Submitted By Advanced Form Without Otp Option via API
*
* @test
*/
public function testTwofaccountCreationSubmittedByAdvancedFormWithoutOtpOption()
{
$response = $this->actingAs($this->user, 'api')
->json('POST', '/api/twofaccounts', [
'service' => 'testCreation',
'account' => 'test@example.org',
'icon' => 'test.png',
'secret' => 'A4GRFHVVRBGY7UIW',
'secretIsBase32Encoded' => 1,
'otpType' => 'totp',
'algorithm' => null,
'digits' => null,
'totpPeriod' => null,
'hotpCounter' => null,
'imageLink' => null,
])
->assertStatus(201)
->assertJsonFragment([
'service' => 'testCreation',
'account' => 'test@example.org',
'icon' => 'test.png',
'digits' => 6,
'totpPeriod' => 30,
'hotpCounter' => null,
'imageLink' => null,
])
->assertJsonMissing([
'uri' => 'otpauth://totp/test@test.com?secret=A4GRFHVVRBGY7UIW&issuer=test',
'algorithm' => null,
'secret' => 'A4GRFHVVRBGY7UIW',
]);
}
/**
* test Twofaccount Creation Submitted By Advanced Form with Otp Option via API
*
* @test
*/
public function testTwofaccountCreationSubmittedByAdvancedFormWithOtpOption()
{
$response = $this->actingAs($this->user, 'api')
->json('POST', '/api/twofaccounts', [
'service' => 'testCreation',
'account' => 'test@example.org',
'icon' => 'test.png',
'secret' => 'A4GRFHVVRBGY7UIW',
'secretIsBase32Encoded' => 1,
'otpType' => 'totp',
'algorithm' => 'sha256',
'digits' => 8,
'totpPeriod' => 40,
'hotpCounter' => null,
])
->assertStatus(201)
->assertJsonFragment([
'service' => 'testCreation',
'account' => 'test@example.org',
'icon' => 'test.png',
'digits' => 8,
'totpPeriod' => 40,
'hotpCounter' => null,
])
->assertJsonMissing([
'uri' => '',
'algorithm' => null,
'secret' => 'A4GRFHVVRBGY7UIW',
]);
}
/**
* test TwoFAccount creation when fiels are empty via API
*
* @test
*/
public function testTwofaccountCreationWithEmptyRequest()
{
$response = $this->actingAs($this->user, 'api')
->json('POST', '/api/twofaccounts', [
'service' => '',
'account' => '',
'uri' => '',
'icon' => '',
])
->assertStatus(422);
}
/**
* test TwoFAccount creation with an invalid TOTP uri via API
*
* @test
*/
public function testTwofaccountCreationWithInvalidTotp()
{
$response = $this->actingAs($this->user, 'api')
->json('POST', '/api/twofaccounts', [
'service' => 'testCreation',
'account' => 'test@example.org',
'uri' => 'invalidTOTP',
'icon' => 'test.png',
])
->assertStatus(422);
}
/**
* test show account when uri field remains encrypted via API
*
* @test
*/
public function testShowAccountWithUndecipheredUri()
{
$response = $this->actingAs($this->user, 'api')
->json('POST', '/api/twofaccounts', [
'service' => 'testCreation',
'account' => 'test@example.org',
'uri' => 'otpauth://totp/test@test.com?secret=A4GRFHZVRBGY7UIW&issuer=test',
'icon' => 'test.png',
])
->assertStatus(201);
DB::table('twofaccounts')
->where('id', 1)
->update([
'uri' => '**encrypted**',
]);
$response = $this->actingAs($this->user, 'api')
->json('GET', '/api/twofaccounts/1')
->assertStatus(200)
->assertJsonFragment([
'isConsistent' => false,
]);
}
/**
* test totp token generation for a given existing account via API
*
* @test
*/
public function testTotpTokenGenerationWithAccountId()
{
$twofaccount = factory(TwoFAccount::class)->create([
'service' => 'testService',
'account' => 'testAccount',
'uri' => 'otpauth://totp/testService:testAccount?secret=A4GRFHVVRBGY7UIW&issuer=testService'
]);
$response = $this->actingAs($this->user, 'api')
->json('POST', '/api/twofaccounts/token', ['id' => $twofaccount->id])
->assertStatus(200)
->assertJsonStructure([
'token',
'totpTimestamp',
'totpPeriod',
]);
}
/**
* test hotp token generation for a given existing account via API
*
* @test
*/
public function testHotpTokenGenerationWithAccountId()
{
$twofaccount = factory(TwoFAccount::class)->create([
'service' => 'testService',
'account' => 'testAccount',
'uri' => 'otpauth://hotp/testService:testAccount?secret=A4GRFHVVRBGY7UIW&issuer=testService&counter=1'
]);
$response = $this->actingAs($this->user, 'api')
->json('POST', '/api/twofaccounts/token', ['id' => $twofaccount->id])
->assertStatus(200)
->assertJsonStructure([
'token',
]);
}
/**
* test token generation by providing an URI via API
*
* @test
*/
public function testTokenGenerationWithUri()
{
$uri = 'otpauth://totp/service:account?secret=A4GRFHVVRBGY7UIW&issuer=service';
$response = $this->actingAs($this->user, 'api')
->json('POST', '/api/twofaccounts/token', ['otp' => ['uri' => $uri]])
->assertStatus(200)
->assertJsonStructure([
'token',
'totpTimestamp',
'totpPeriod',
]);
}
/**
* test totp token generation by providing an array of otp attributes without URI via API
*
* @test
*/
public function testTotpTokenGenerationWithAttributesArray()
{
$response = $this->actingAs($this->user, 'api')
->json('POST', '/api/twofaccounts/token', ['otp' => [
'service' => 'service',
'account' => 'account',
'otpType' => 'totp',
'secret' => 'A4GRFHVVRBGY7UIW',
'secretIsBase32Encoded' => 1,
'digits' => 6,
'totpPeriod' => 30,
'algorithm' => 'sha1',
'uri' => ''
]])
->assertStatus(200)
->assertJsonStructure([
'token',
'totpTimestamp',
'totpPeriod',
]);
}
/**
* test hotp token generation by providing an array of otp attributes without URI via API
*
* @test
*/
public function testHotpTokenGenerationWithAttributesArray()
{
$response = $this->actingAs($this->user, 'api')
->json('POST', '/api/twofaccounts/token', ['otp' => [
'service' => 'service',
'account' => 'account',
'otpType' => 'hotp',
'secret' => 'A4GRFHVVRBGY7UIW',
'secretIsBase32Encoded' => 1,
'digits' => 6,
'hotpCounter' => 1,
'algorithm' => 'sha1',
'uri' => ''
]])
->assertStatus(200)
->assertJsonStructure([
'token',
'hotpCounter',
]);
}
/**
* test token generation by providing an array of otp attributes with a bad otp type via API
*
* @test
*/
public function testTokenGenerationWithBadOtptypeAttribute()
{
$response = $this->actingAs($this->user, 'api')
->json('POST', '/api/twofaccounts/token', ['otp' => [
'service' => 'service',
'account' => 'account',
'otpType' => 'otp',
'secret' => 'A4GRFHVVRBGY7UIW',
'secretIsBase32Encoded' => 1,
'digits' => 6,
'totpPeriod' => 30,
'algorithm' => 'sha1',
'uri' => ''
]])
->assertStatus(422)
->assertJsonStructure([
'errors' => [
'otpType'
]
]);
}
/**
* test token generation by providing an array of otp attributes without secret via API
*
* @test
*/
public function testTokenGenerationWithMissingSecretAttribute()
{
$response = $this->actingAs($this->user, 'api')
->json('POST', '/api/twofaccounts/token', ['otp' => [
'service' => 'service',
'account' => 'account',
'otpType' => 'totp',
'secret' => 'A4GRFHVVRBGY7UIW',
'secretIsBase32Encoded' => 1,
'digits' => 'x',
'totpPeriod' => 'y',
'algorithm' => 'sha1',
'uri' => ''
]])
->assertStatus(422)
->assertJsonStructure([
'errors' => [
'qrcode'
]
]);
}
/**
* test token generation by providing an array of bad attributes via API
*
* @test
*/
public function testTokenGenerationWithBadAttribute()
{
$response = $this->actingAs($this->user, 'api')
->json('POST', '/api/twofaccounts/token', ['otp' => [
'service' => 'service',
'account' => 'account',
'otpType' => 'totp',
'secret' => '',
'secretIsBase32Encoded' => 1,
'digits' => 6,
'totpPeriod' => 30,
'algorithm' => 'sha1',
'uri' => ''
]])
->assertStatus(422)
->assertJsonStructure([
'errors' => [
'secret'
]
]);
}
/**
* test TwoFAccount TOTP update via API
*
* @test
*/
public function testTwofaccountTotpUpdate()
{
$twofaccount = factory(TwoFAccount::class)->create();
$response = $this->actingAs($this->user, 'api')
->json('PUT', '/api/twofaccounts/' . $twofaccount->id, [
'service' => 'service',
'account' => 'account',
'icon' => 'testUpdate.png',
'otpType' => 'totp',
'secret' => 'A4GRFHVVRBGY7UIW',
'secretIsBase32Encoded' => 1,
'digits' => 8,
'totpPeriod' => 40,
'algorithm' => 'sha256',
'uri' => ''
])
->assertStatus(200)
->assertJsonFragment([
'id' => 1,
'service' => 'service',
'account' => 'account',
'icon' => 'testUpdate.png',
'otpType' => 'totp',
'digits' => 8,
'totpPeriod' => 40
])
->assertJsonMissing([
'uri' => $twofaccount->uri,
'secret' => 'A4GRFHVVRBGY7UIW',
'algorithm' => 'sha256',
]);
$response = $this->actingAs($this->user, 'api')
->json('GET', '/api/twofaccounts/' . $twofaccount->id . '/withSensitive')
->assertStatus(200)
->assertJsonFragment([
'secret' => 'A4GRFHVVRBGY7UIW',
'algorithm' => 'sha256',
])
->assertJsonStructure([
'uri',
]);
}
/**
* test TwoFAccount HOTP update via API
*
* @test
*/
public function testTwofaccountHotpUpdate()
{
$twofaccount = factory(TwoFAccount::class)->create([
'service' => 'service',
'account' => 'account',
'uri' => 'otpauth://hotp/service:account?counter=1&secret=A4GRFHVVRBGY7UIW'
]);
$response = $this->actingAs($this->user, 'api')
->json('PUT', '/api/twofaccounts/' . $twofaccount->id, [
'service' => 'testUpdate.com',
'account' => 'testUpdate',
'icon' => 'testUpdate.png',
'otpType' => 'hotp',
'secret' => 'BBBBFFFFEEEEAAAA',
'secretIsBase32Encoded' => 1,
'digits' => 8,
'hotpCounter' => 5,
'algorithm' => 'sha256',
'uri' => ''
])
->assertStatus(200)
->assertJsonFragment([
'id' => 1,
'service' => 'testUpdate.com',
'account' => 'testUpdate',
'icon' => 'testUpdate.png',
'otpType' => 'hotp',
'digits' => 8,
'hotpCounter' => 5
])
->assertJsonMissing([
'uri' => $twofaccount->uri,
'secret' => 'BBBBFFFFEEEEAAAA',
'algorithm' => 'sha256',
]);
$response = $this->actingAs($this->user, 'api')
->json('GET', '/api/twofaccounts/' . $twofaccount->id . '/withSensitive')
->assertStatus(200)
->assertJsonFragment([
'secret' => 'BBBBFFFFEEEEAAAA',
'algorithm' => 'sha256',
])
->assertJsonStructure([
'uri',
]);
}
/**
* test TwoFAccount update via API
*
* @test
*/
public function testTwofaccountUpdateOfMissingTwoFAccount()
{
$twofaccount = factory(TwoFAccount::class)->create();
$id = $twofaccount->id;
$twofaccount->delete();
$response = $this->actingAs($this->user, 'api')
->json('PUT', '/api/twofaccounts/' . $id, [
'service' => 'testUpdate.com',
'account' => 'testUpdate',
'icon' => 'testUpdate.png',
'otpType' => 'hotp',
'secret' => 'BBBBFFFFEEEEAAAA',
'secretIsBase32Encoded' => 1,
'digits' => 8,
'hotpCounter' => 5,
'algorithm' => 'sha256',
'uri' => '',
'imageLink' => 'http://www.image.net/file.png'
])
->assertStatus(404);
}
/**
* test TwoFAccount index fetching via API
*
* @test
*/
public function testTwofaccountIndexListing()
{
$twofaccount = factory(TwoFAccount::class, 3)->create();
$response = $this->actingAs($this->user, 'api')
->json('GET', '/api/twofaccounts')
->assertStatus(200)
->assertJsonCount(3, $key = null)
->assertJsonStructure([
'*' => [
'id',
'service',
'account',
'icon',
'isConsistent',
'order_column',
'group_id',
'otpType'
]
]
);
}
/**
* test TwoFAccount index fetching via API
*
* @test
*/
public function testTwofaccountCount()
{
$twofaccount = factory(TwoFAccount::class, 3)->create();
$response = $this->actingAs($this->user, 'api')
->json('GET', '/api/twofaccounts/count')
->assertStatus(200)
->assertJson([
'count' => 3
]
);
}
/**
* test TwoFAccount deletion via API
*
* @test
*/
public function testTwofaccountDeletion()
{
$twofaccount = factory(TwoFAccount::class)->create();
$response = $this->actingAs($this->user, 'api')
->json('DELETE', '/api/twofaccounts/' . $twofaccount->id)
->assertStatus(204);
}
/**
* test TwoFAccounts batch deletion via API
*
* @test
*/
public function testTwofaccountBatchDestroy()
{
factory(TwoFAccount::class, 3)->create();
$ids = \Illuminate\Support\Facades\DB::table('twofaccounts')->value('id');
$response = $this->actingAs($this->user, 'api')
->json('DELETE', '/api/twofaccounts/batch', [
'data' => $ids])
->assertStatus(204);
}
/**
* test TwoFAccounts reorder
*
* @test
*/
public function testTwofaccountReorder()
{
factory(TwoFAccount::class, 3)->create();
$response = $this->actingAs($this->user, 'api')
->json('PATCH', '/api/twofaccounts/reorder', [
'orderedIds' => [3,2,1]])
->assertStatus(200);
}
/**
* test show QR code via API
*
* @test
*/
public function testShowQrcode()
{
$twofaccount = factory(TwoFAccount::class)->create();
$response = $this->actingAs($this->user, 'api')
->json('GET', '/api/qrcode/' . $twofaccount->id)
->assertJsonStructure([
'qrcode',
])
->assertStatus(200);
$this->assertStringStartsWith('data:image/png;base64', $response->getData()->qrcode);
}
}