extern/2FAuth
1
0
Fork 0
mirror of https://github.com/Bubka/2FAuth.git synced 2025-06-23 21:41:44 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fix TwoFAccount model unit tests to match its new definition

Browse Source
This commit is contained in:
Bubka 2020-11-17 15:47:15 +01:00
parent efff5ecd1f
commit 55ec97e332
1 changed files with 162 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

196
tests/Unit/TwoFAccountTest.php
View File

@ -38,10 +38,9 @@ class TwoFAccountTest extends TestCase
'service' => 'testTOTP',
'account' => 'test@test.com',
'uri' => 'otpauth://totp/test@test.com?secret=A4GRFHVVRBGY7UIW&issuer=test',
'icon' => 'test.png',
'icon' => 'test.png'
]);
$response = $this->actingAs($this->user, 'api')
->json('GET', '/api/twofaccounts/' . $twofaccount->id)
->assertStatus(200)
@ -49,9 +48,43 @@ class TwoFAccountTest extends TestCase
'service' => 'testTOTP',
'account' => 'test@test.com',
'icon' => 'test.png',
'group_id' => null,
'isConsistent' => true,
'otpType' => 'totp',
'digits' => 6,
'totpPeriod' => 30,
'hotpCounter' => null,
'imageLink' => null,
])
->assertJsonMissing([
'uri' => 'otpauth://totp/test@test.com?secret=A4GRFHVVRBGY7UIW&issuer=test',
'secret' => 'A4GRFHVVRBGY7UIW',
'algorithm' => 'sha1',
]);
}
/**
* test TwoFAccount display via API
*
* @test
*/
public function testTwoFAccountDisplayWithSensitive()
{
$twofaccount = factory(TwoFAccount::class)->create([
'service' => 'testTOTP',
'account' => 'test@test.com',
'uri' => 'otpauth://totp/test@test.com?secret=A4GRFHVVRBGY7UIW',
]);
$response = $this->actingAs($this->user, 'api')
->json('GET', '/api/twofaccounts/' . $twofaccount->id . '/withSensitive')
->assertStatus(200)
->assertJsonFragment([
'uri' => 'otpauth://totp/test@test.com?secret=A4GRFHVVRBGY7UIW',
'secret' => 'A4GRFHVVRBGY7UIW',
'algorithm' => 'sha1',
]);
}
@ -132,11 +165,11 @@ class TwoFAccountTest extends TestCase
/**
* test otpType is null in case of invalid uri via API
* test show account when uri field remains encrypted via API
*
* @test
*/
public function testOtpTypeIsNullForAccountWithInvalidUri()
public function testShowAccountWithUndecipheredUri()
{
$response = $this->actingAs($this->user, 'api')
->json('POST', '/api/twofaccounts', [
@ -150,54 +183,88 @@ class TwoFAccountTest extends TestCase
DB::table('twofaccounts')
->where('id', 1)
->update([
'uri' => 'iCanHasCheeseBurger',
'uri' => '**encrypted**',
]);
$response = $this->actingAs($this->user, 'api')
->json('GET', '/api/twofaccounts/1')
->assertStatus(200)
->assertJsonFragment([
'otpType' => null,
]);
->assertStatus(422);
}
/**
* test TOTP generation for a given existing account via API
* test token generation for a given existing account via API
*
* @test
*/
public function testTOTPgenerationWithProvidedAccountId()
public function testTokenGenerationWithAccountId()
{
$twofaccount = factory(TwoFAccount::class)->create([
'service' => 'testTOTP',
'account' => 'test@test.com',
'uri' => 'otpauth://totp/test@test.com?secret=A4GRFHVVRBGY7UIW&issuer=test'
'service' => 'testService',
'account' => 'testAccount',
'uri' => 'otpauth://totp/testService:testAccount?secret=A4GRFHVVRBGY7UIW&issuer=testService'
]);
$response = $this->actingAs($this->user, 'api')
->json('POST', '/api/twofaccounts/otp', ['data' => $twofaccount->id])
->json('POST', '/api/twofaccounts/otp', ['id' => $twofaccount->id])
->assertStatus(200)
->assertJsonStructure([
'otp',
'token',
'totpTimestamp'
]);
}
/**
* test TOTP generation as preview via API
* test token generation by providing an URI via API
*
* @test
*/
public function testTOTPgenerationPreview()
public function testTokenGenerationWithUri()
{
$uri = 'otpauth://totp/test@test.com?secret=A4GRFHVVRBGY7UIW&issuer=test';
$uri = 'otpauth://totp/service:account?secret=A4GRFHVVRBGY7UIW&issuer=service';
$response = $this->actingAs($this->user, 'api')
->json('POST', '/api/twofaccounts/otp', ['data' => $uri])
->json('POST', '/api/twofaccounts/otp', ['otp' => ['uri' => $uri]])
->assertStatus(200)
->assertJsonFragment([
'service' => 'service',
'account' => 'account',
])
->assertJsonStructure([
'otp',
'token',
'totpTimestamp'
]);
}
/**
* test token generation by providing an array of otp attributes without URI via API
*
* @test
*/
public function testTokenGenerationWithAttributesArray()
{
$response = $this->actingAs($this->user, 'api')
->json('POST', '/api/twofaccounts/otp', ['otp' => [
'service' => 'service',
'account' => 'account',
'otpType' => 'totp',
'secret' => 'A4GRFHVVRBGY7UIW',
'secretIsBase32Encoded' => 1,
'digits' => 6,
'totpPeriod' => 30,
'algorithm' => 'sha1',
'uri' => ''
]])
->assertStatus(200)
->assertJsonFragment([
'service' => 'service',
'account' => 'account',
])
->assertJsonStructure([
'token',
'totpTimestamp'
]);
}
@ -213,19 +280,44 @@ class TwoFAccountTest extends TestCase
$response = $this->actingAs($this->user, 'api')
->json('PUT', '/api/twofaccounts/' . $twofaccount->id, [
'service' => 'testUpdate',
'account' => 'testUpdate@test.com',
'service' => 'service',
'account' => 'account',
'icon' => 'testUpdate.png',
'otpType' => 'totp',
'secret' => 'A4GRFHVVRBGY7UIW',
'secretIsBase32Encoded' => 1,
'digits' => 8,
'totpPeriod' => 40,
'algorithm' => 'sha256',
'uri' => '',
'imageLink' => 'http://www.image.net/file.png'
])
->assertStatus(200)
->assertJsonFragment([
'id' => 1,
'service' => 'testUpdate',
'account' => 'testUpdate@test.com',
'service' => 'service',
'account' => 'account',
'icon' => 'testUpdate.png',
'otpType' => 'totp',
'digits' => 8,
'totpPeriod' => 40,
'imageLink' => 'http://www.image.net/file.png'
])
->assertJsonMissing([
'uri' => $twofaccount->uri,
'secret' => 'A4GRFHVVRBGY7UIW',
'algorithm' => 'sha256',
]);
$response = $this->actingAs($this->user, 'api')
->json('GET', '/api/twofaccounts/' . $twofaccount->id . '/withSensitive')
->assertStatus(200)
->assertJsonFragment([
'secret' => 'A4GRFHVVRBGY7UIW',
'algorithm' => 'sha256',
])
->assertJsonStructure([
'uri',
]);
}
@ -238,9 +330,9 @@ class TwoFAccountTest extends TestCase
public function testTwoFAccountHOTPUpdate()
{
$twofaccount = factory(TwoFAccount::class)->create([
'service' => 'test.com',
'account' => 'test',
'uri' => 'otpauth://hotp/service?counter=1&secret=A4GRFHVVRBGY7UIW'
'service' => 'service',
'account' => 'account',
'uri' => 'otpauth://hotp/service:account?counter=1&secret=A4GRFHVVRBGY7UIW'
]);
$response = $this->actingAs($this->user, 'api')
@ -248,7 +340,14 @@ class TwoFAccountTest extends TestCase
'service' => 'testUpdate.com',
'account' => 'testUpdate',
'icon' => 'testUpdate.png',
'counter' => 5
'otpType' => 'hotp',
'secret' => 'BBBBFFFFEEEEAAAA',
'secretIsBase32Encoded' => 1,
'digits' => 8,
'hotpCounter' => 5,
'algorithm' => 'sha256',
'uri' => '',
'imageLink' => 'http://www.image.net/file.png'
])
->assertStatus(200)
->assertJsonFragment([
@ -256,7 +355,26 @@ class TwoFAccountTest extends TestCase
'service' => 'testUpdate.com',
'account' => 'testUpdate',
'icon' => 'testUpdate.png',
'counter' => 5,
'otpType' => 'hotp',
'digits' => 8,
'hotpCounter' => 5,
'imageLink' => 'http://www.image.net/file.png'
])
->assertJsonMissing([
'uri' => $twofaccount->uri,
'secret' => 'BBBBFFFFEEEEAAAA',
'algorithm' => 'sha256',
]);
$response = $this->actingAs($this->user, 'api')
->json('GET', '/api/twofaccounts/' . $twofaccount->id . '/withSensitive')
->assertStatus(200)
->assertJsonFragment([
'secret' => 'BBBBFFFFEEEEAAAA',
'algorithm' => 'sha256',
])
->assertJsonStructure([
'uri',
]);
}
@ -274,8 +392,17 @@ class TwoFAccountTest extends TestCase
$response = $this->actingAs($this->user, 'api')
->json('PUT', '/api/twofaccounts/' . $id, [
'service' => 'testUpdate',
'icon' => 'name.png'
'service' => 'testUpdate.com',
'account' => 'testUpdate',
'icon' => 'testUpdate.png',
'otpType' => 'hotp',
'secret' => 'BBBBFFFFEEEEAAAA',
'secretIsBase32Encoded' => 1,
'digits' => 8,
'hotpCounter' => 5,
'algorithm' => 'sha256',
'uri' => '',
'imageLink' => 'http://www.image.net/file.png'
])
->assertStatus(404);
}
@ -288,7 +415,7 @@ class TwoFAccountTest extends TestCase
*/
public function testTwoFAccountIndexListing()
{
factory(TwoFAccount::class, 3)->create();
$twofaccount = factory(TwoFAccount::class, 3)->create();
$response = $this->actingAs($this->user, 'api')
->json('GET', '/api/twofaccounts')
@ -301,7 +428,8 @@ class TwoFAccountTest extends TestCase
'account',
'icon',
'created_at',
'updated_at'
'updated_at',
'isConsistent'
]
]
);