extern/2FAuth
1
0
Fork 0
mirror of https://github.com/Bubka/2FAuth.git synced 2025-06-24 05:51:48 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fix TwoFAccount model unit tests to match its new definition

Browse Source
This commit is contained in:
Bubka 2020-11-17 15:47:15 +01:00
parent efff5ecd1f
commit 55ec97e332
1 changed files with 162 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

196
tests/Unit/TwoFAccountTest.php
View File

@ -38,10 +38,9 @@ class TwoFAccountTest extends TestCase
'service' => 'testTOTP', 'service' => 'testTOTP',
'account' => 'test@test.com', 'account' => 'test@test.com',
'uri' => 'otpauth://totp/test@test.com?secret=A4GRFHVVRBGY7UIW&issuer=test', 'uri' => 'otpauth://totp/test@test.com?secret=A4GRFHVVRBGY7UIW&issuer=test',
'icon' => 'test.png', 'icon' => 'test.png'
]); ]);
$response = $this->actingAs($this->user, 'api') $response = $this->actingAs($this->user, 'api')
->json('GET', '/api/twofaccounts/' . $twofaccount->id) ->json('GET', '/api/twofaccounts/' . $twofaccount->id)
->assertStatus(200) ->assertStatus(200)
@ -49,9 +48,43 @@ class TwoFAccountTest extends TestCase
'service' => 'testTOTP', 'service' => 'testTOTP',
'account' => 'test@test.com', 'account' => 'test@test.com',
'icon' => 'test.png', 'icon' => 'test.png',
'group_id' => null,
'isConsistent' => true,
'otpType' => 'totp',
'digits' => 6,
'totpPeriod' => 30,
'hotpCounter' => null,
'imageLink' => null,
]) ])
->assertJsonMissing([ ->assertJsonMissing([
'uri' => 'otpauth://totp/test@test.com?secret=A4GRFHVVRBGY7UIW&issuer=test', 'uri' => 'otpauth://totp/test@test.com?secret=A4GRFHVVRBGY7UIW&issuer=test',
'secret' => 'A4GRFHVVRBGY7UIW',
'algorithm' => 'sha1',
]);
}
/**
* test TwoFAccount display via API
*
* @test
*/
public function testTwoFAccountDisplayWithSensitive()
{
$twofaccount = factory(TwoFAccount::class)->create([
'service' => 'testTOTP',
'account' => 'test@test.com',
'uri' => 'otpauth://totp/test@test.com?secret=A4GRFHVVRBGY7UIW',
]);
$response = $this->actingAs($this->user, 'api')
->json('GET', '/api/twofaccounts/' . $twofaccount->id . '/withSensitive')
->assertStatus(200)
->assertJsonFragment([
'uri' => 'otpauth://totp/test@test.com?secret=A4GRFHVVRBGY7UIW',
'secret' => 'A4GRFHVVRBGY7UIW',
'algorithm' => 'sha1',
]); ]);
} }
@ -132,11 +165,11 @@ class TwoFAccountTest extends TestCase
/** /**
* test otpType is null in case of invalid uri via API * test show account when uri field remains encrypted via API
* *
* @test * @test
*/ */
public function testOtpTypeIsNullForAccountWithInvalidUri() public function testShowAccountWithUndecipheredUri()
{ {
$response = $this->actingAs($this->user, 'api') $response = $this->actingAs($this->user, 'api')
->json('POST', '/api/twofaccounts', [ ->json('POST', '/api/twofaccounts', [
@ -150,54 +183,88 @@ class TwoFAccountTest extends TestCase
DB::table('twofaccounts') DB::table('twofaccounts')
->where('id', 1) ->where('id', 1)
->update([ ->update([
'uri' => 'iCanHasCheeseBurger', 'uri' => '**encrypted**',
]); ]);
$response = $this->actingAs($this->user, 'api') $response = $this->actingAs($this->user, 'api')
->json('GET', '/api/twofaccounts/1') ->json('GET', '/api/twofaccounts/1')
->assertStatus(200) ->assertStatus(422);
->assertJsonFragment([
'otpType' => null,
]);
} }
/** /**
* test TOTP generation for a given existing account via API * test token generation for a given existing account via API
* *
* @test * @test
*/ */
public function testTOTPgenerationWithProvidedAccountId() public function testTokenGenerationWithAccountId()
{ {
$twofaccount = factory(TwoFAccount::class)->create([ $twofaccount = factory(TwoFAccount::class)->create([
'service' => 'testTOTP', 'service' => 'testService',
'account' => 'test@test.com', 'account' => 'testAccount',
'uri' => 'otpauth://totp/test@test.com?secret=A4GRFHVVRBGY7UIW&issuer=test' 'uri' => 'otpauth://totp/testService:testAccount?secret=A4GRFHVVRBGY7UIW&issuer=testService'
]); ]);
$response = $this->actingAs($this->user, 'api') $response = $this->actingAs($this->user, 'api')
->json('POST', '/api/twofaccounts/otp', ['data' => $twofaccount->id]) ->json('POST', '/api/twofaccounts/otp', ['id' => $twofaccount->id])
->assertStatus(200) ->assertStatus(200)
->assertJsonStructure([ ->assertJsonStructure([
'otp', 'token',
'totpTimestamp'
]); ]);
} }
/** /**
* test TOTP generation as preview via API * test token generation by providing an URI via API
* *
* @test * @test
*/ */
public function testTOTPgenerationPreview() public function testTokenGenerationWithUri()
{ {
$uri = 'otpauth://totp/test@test.com?secret=A4GRFHVVRBGY7UIW&issuer=test'; $uri = 'otpauth://totp/service:account?secret=A4GRFHVVRBGY7UIW&issuer=service';
$response = $this->actingAs($this->user, 'api') $response = $this->actingAs($this->user, 'api')
->json('POST', '/api/twofaccounts/otp', ['data' => $uri]) ->json('POST', '/api/twofaccounts/otp', ['otp' => ['uri' => $uri]])
->assertStatus(200) ->assertStatus(200)
->assertJsonFragment([
'service' => 'service',
'account' => 'account',
])
->assertJsonStructure([ ->assertJsonStructure([
'otp', 'token',
'totpTimestamp'
]);
}
/**
* test token generation by providing an array of otp attributes without URI via API
*
* @test
*/
public function testTokenGenerationWithAttributesArray()
{
$response = $this->actingAs($this->user, 'api')
->json('POST', '/api/twofaccounts/otp', ['otp' => [
'service' => 'service',
'account' => 'account',
'otpType' => 'totp',
'secret' => 'A4GRFHVVRBGY7UIW',
'secretIsBase32Encoded' => 1,
'digits' => 6,
'totpPeriod' => 30,
'algorithm' => 'sha1',
'uri' => ''
]])
->assertStatus(200)
->assertJsonFragment([
'service' => 'service',
'account' => 'account',
])
->assertJsonStructure([
'token',
'totpTimestamp'
]); ]);
} }
@ -213,19 +280,44 @@ class TwoFAccountTest extends TestCase
$response = $this->actingAs($this->user, 'api') $response = $this->actingAs($this->user, 'api')
->json('PUT', '/api/twofaccounts/' . $twofaccount->id, [ ->json('PUT', '/api/twofaccounts/' . $twofaccount->id, [
'service' => 'testUpdate', 'service' => 'service',
'account' => 'testUpdate@test.com', 'account' => 'account',
'icon' => 'testUpdate.png', 'icon' => 'testUpdate.png',
'otpType' => 'totp',
'secret' => 'A4GRFHVVRBGY7UIW',
'secretIsBase32Encoded' => 1,
'digits' => 8,
'totpPeriod' => 40,
'algorithm' => 'sha256',
'uri' => '',
'imageLink' => 'http://www.image.net/file.png'
]) ])
->assertStatus(200) ->assertStatus(200)
->assertJsonFragment([ ->assertJsonFragment([
'id' => 1, 'id' => 1,
'service' => 'testUpdate', 'service' => 'service',
'account' => 'testUpdate@test.com', 'account' => 'account',
'icon' => 'testUpdate.png', 'icon' => 'testUpdate.png',
'otpType' => 'totp',
'digits' => 8,
'totpPeriod' => 40,
'imageLink' => 'http://www.image.net/file.png'
]) ])
->assertJsonMissing([ ->assertJsonMissing([
'uri' => $twofaccount->uri, 'uri' => $twofaccount->uri,
'secret' => 'A4GRFHVVRBGY7UIW',
'algorithm' => 'sha256',
]);
$response = $this->actingAs($this->user, 'api')
->json('GET', '/api/twofaccounts/' . $twofaccount->id . '/withSensitive')
->assertStatus(200)
->assertJsonFragment([
'secret' => 'A4GRFHVVRBGY7UIW',
'algorithm' => 'sha256',
])
->assertJsonStructure([
'uri',
]); ]);
} }
@ -238,9 +330,9 @@ class TwoFAccountTest extends TestCase
public function testTwoFAccountHOTPUpdate() public function testTwoFAccountHOTPUpdate()
{ {
$twofaccount = factory(TwoFAccount::class)->create([ $twofaccount = factory(TwoFAccount::class)->create([
'service' => 'test.com', 'service' => 'service',
'account' => 'test', 'account' => 'account',
'uri' => 'otpauth://hotp/service?counter=1&secret=A4GRFHVVRBGY7UIW' 'uri' => 'otpauth://hotp/service:account?counter=1&secret=A4GRFHVVRBGY7UIW'
]); ]);
$response = $this->actingAs($this->user, 'api') $response = $this->actingAs($this->user, 'api')
@ -248,7 +340,14 @@ class TwoFAccountTest extends TestCase
'service' => 'testUpdate.com', 'service' => 'testUpdate.com',
'account' => 'testUpdate', 'account' => 'testUpdate',
'icon' => 'testUpdate.png', 'icon' => 'testUpdate.png',
'counter' => 5 'otpType' => 'hotp',
'secret' => 'BBBBFFFFEEEEAAAA',
'secretIsBase32Encoded' => 1,
'digits' => 8,
'hotpCounter' => 5,
'algorithm' => 'sha256',
'uri' => '',
'imageLink' => 'http://www.image.net/file.png'
]) ])
->assertStatus(200) ->assertStatus(200)
->assertJsonFragment([ ->assertJsonFragment([
@ -256,7 +355,26 @@ class TwoFAccountTest extends TestCase
'service' => 'testUpdate.com', 'service' => 'testUpdate.com',
'account' => 'testUpdate', 'account' => 'testUpdate',
'icon' => 'testUpdate.png', 'icon' => 'testUpdate.png',
'counter' => 5, 'otpType' => 'hotp',
'digits' => 8,
'hotpCounter' => 5,
'imageLink' => 'http://www.image.net/file.png'
])
->assertJsonMissing([
'uri' => $twofaccount->uri,
'secret' => 'BBBBFFFFEEEEAAAA',
'algorithm' => 'sha256',
]);
$response = $this->actingAs($this->user, 'api')
->json('GET', '/api/twofaccounts/' . $twofaccount->id . '/withSensitive')
->assertStatus(200)
->assertJsonFragment([
'secret' => 'BBBBFFFFEEEEAAAA',
'algorithm' => 'sha256',
])
->assertJsonStructure([
'uri',
]); ]);
} }
@ -274,8 +392,17 @@ class TwoFAccountTest extends TestCase
$response = $this->actingAs($this->user, 'api') $response = $this->actingAs($this->user, 'api')
->json('PUT', '/api/twofaccounts/' . $id, [ ->json('PUT', '/api/twofaccounts/' . $id, [
'service' => 'testUpdate', 'service' => 'testUpdate.com',
'icon' => 'name.png' 'account' => 'testUpdate',
'icon' => 'testUpdate.png',
'otpType' => 'hotp',
'secret' => 'BBBBFFFFEEEEAAAA',
'secretIsBase32Encoded' => 1,
'digits' => 8,
'hotpCounter' => 5,
'algorithm' => 'sha256',
'uri' => '',
'imageLink' => 'http://www.image.net/file.png'
]) ])
->assertStatus(404); ->assertStatus(404);
} }
@ -288,7 +415,7 @@ class TwoFAccountTest extends TestCase
*/ */
public function testTwoFAccountIndexListing() public function testTwoFAccountIndexListing()
{ {
factory(TwoFAccount::class, 3)->create(); $twofaccount = factory(TwoFAccount::class, 3)->create();
$response = $this->actingAs($this->user, 'api') $response = $this->actingAs($this->user, 'api')
->json('GET', '/api/twofaccounts') ->json('GET', '/api/twofaccounts')
@ -301,7 +428,8 @@ class TwoFAccountTest extends TestCase
'account', 'account',
'icon', 'icon',
'created_at', 'created_at',
'updated_at' 'updated_at',
'isConsistent'
] ]
] ]
); );