extern/2FAuth
1
0
Fork 0
mirror of https://github.com/Bubka/2FAuth.git synced 2024-11-25 09:44:04 +01:00
Code Issues Packages Projects Releases Wiki Activity

Update tests to match new webauthn package

Browse Source
This commit is contained in:
Bubka 2022-11-17 17:00:28 +01:00
parent 235b5f0b1e
commit 616a9348b2
4 changed files with 159 additions and 213 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
database/factories/UserFactory.php
View File

@ -7,6 +7,9 @@
class UserFactory extends Factory class UserFactory extends Factory
{ {
const USER_PASSWORD = 'password';
/** /**
* Define the model's default state. * Define the model's default state.
* *
@ -18,7 +21,7 @@ public function definition()
'name' => $this->faker->name(), 'name' => $this->faker->name(),
'email' => $this->faker->unique()->safeEmail(), 'email' => $this->faker->unique()->safeEmail(),
'email_verified_at' => now(), 'email_verified_at' => now(),
'password' => bcrypt('password'), 'password' => bcrypt(self::USER_PASSWORD),
'remember_token' => Str::random(10), 'remember_token' => Str::random(10),
]; ];
} }

164
tests/Feature/Http/Auth/WebAuthnLoginControllerTest.php
View File

@ -5,10 +5,7 @@
use App\Models\User; use App\Models\User;
use Tests\FeatureTestCase; use Tests\FeatureTestCase;
use Illuminate\Support\Facades\DB; use Illuminate\Support\Facades\DB;
use Illuminate\Support\Str; use Laragear\WebAuthn\Http\Requests\AssertedRequest;
use Webauthn\TrustPath\EmptyTrustPath;
use DarkGhostHunter\Larapass\Eloquent\WebAuthnCredential;
use DarkGhostHunter\Larapass\WebAuthn\WebAuthnAssertValidator;
class WebAuthnLoginControllerTest extends FeatureTestCase class WebAuthnLoginControllerTest extends FeatureTestCase
{ {
@ -17,6 +14,9 @@ class WebAuthnLoginControllerTest extends FeatureTestCase
*/ */
protected $user; protected $user;
const CREDENTIAL_ID = 's06aG41wsIYh5X1YUhB-SlH8y3F2RzdJZVse8iXRXOCd3oqQdEyCOsBawzxrYBtJRQA2azAMEN_q19TUp6iMgg';
const PUBLIC_KEY = 'eyJpdiI6ImYyUHlJOEJML0pwTXJ2UDkveTQwZFE9PSIsInZhbHVlIjoiQWFSYi9LVEszazlBRUZsWHp0cGNRNktGeEQ3aTBsbU9zZ1g5MEgrWFJJNmgraElsNU9hV0VsRVlWc3NoUVVHUjRRdlcxTS9pVklnOWtVYWY5TFJQTTFhR1Rxb1ZzTFkxTWE4VUVvK1lyU3pYQ1M3VlBMWWxZcDVaYWFnK25iaXVyWGR6ZFRmMFVoSmdPZ3UvSnptbVZER0FYdEEyYmNYcW43RkV5aTVqSjNwZEFsUjhUYSs0YjU2Z2V2bUJXa0E0aVB1VC8xSjdJZ2llRGlHY2RwOGk3MmNPTyt6eDFDWUs1dVBOSWp1ZUFSeUlkclgwRW16RE9sUUpDSWV6Sk50TSIsIm1hYyI6IjI3ODQ5NzcxZGY1MzMwYTNiZjAwZmEwMDJkZjYzMGU4N2UzZjZlOGM0ZWE3NDkyYWMxMThhNmE5NWZiMTVjNGEiLCJ0YWciOiIifQ==';
const USER_ID = '3b758ac868b74307a7e96e69ae187339';
/** /**
* @test * @test
@ -32,137 +32,45 @@ public function setUp(): void
/** /**
* @test * @test
*/ */
public function test_user_login_returns_success() public function test_webauthn_login_uses_login_and_returns_no_content()
{ {
$this->user = User::factory()->create([ $this->user = User::factory()->create();
'name' => 'john',
'email' => 'john.doe@mail.com',
'password' => '$2y$10$FLIykVJWDsYSVMJyaFZZfe4tF5uBTnGsosJBL.ZfAAHsYgc27FSdi',
]);
$uuid = Str::uuid();
DB::table('web_authn_credentials')->insert([ $mock = $this->mock(AssertedRequest::class)->makePartial()->shouldIgnoreMissing();
'id' => 'dGVzdF9jcmVkZW50aWFsX2lk', $mock->shouldReceive([
'user_id' => $this->user->id, 'has' => false,
'type' => 'public_key', 'login' => $this->user,
'transports' => json_encode([]),
'attestation_type' => 'none',
'trust_path' => json_encode(['type' => EmptyTrustPath::class]),
'aaguid' => $uuid->toString(),
'public_key' => 'public_key',
'counter' => 0,
'user_handle' => 'test_user_handle',
'created_at' => now()->toDateTimeString(),
'updated_at' => now()->toDateTimeString(),
]); ]);
$data = [ $this->json('POST', '/webauthn/login')
'id' => 'dGVzdF9jcmVkZW50aWFsX2lk',
'rawId' => 'ZEdWemRGOWpjbVZrWlc1MGFXRnNYMmxr',
'type' => 'test_type',
'response' => [
'authenticatorData' => 'test',
'clientDataJSON' => 'test',
'signature' => 'test',
'userHandle' => 'test',
],
];
$this->mock(WebAuthnAssertValidator::class)
->shouldReceive('validate')
->with($data)
->andReturnUsing(function ($data) {
$credentials = WebAuthnCredential::find($data['id']);
$credentials->setAttribute('counter', 1)->save();
return $credentials->toCredentialSource();
});
$this->json('POST', '/webauthn/login', $data)
->assertNoContent(); ->assertNoContent();
$this->assertAuthenticatedAs($this->user);
} }
/** /**
* @test * @test
*/ */
public function test_user_login_without_userhandle_returns_success() public function test_webauthn_invalid_login_returns_error()
{ {
$this->user = User::factory()->create([ $this->user = User::factory()->create();
'name' => 'john',
'email' => 'john.doe@mail.com',
'password' => '$2y$10$FLIykVJWDsYSVMJyaFZZfe4tF5uBTnGsosJBL.ZfAAHsYgc27FSdi',
]);
$uuid = Str::uuid();
DB::table('web_authn_credentials')->insert([ $mock = $this->mock(AssertedRequest::class)->makePartial()->shouldIgnoreMissing();
'id' => 'dGVzdF9jcmVkZW50aWFsX2lk', $mock->shouldReceive([
'user_id' => $this->user->id, 'has' => false,
'type' => 'public_key', 'login' => null,
'transports' => json_encode([]),
'attestation_type' => 'none',
'trust_path' => json_encode(['type' => EmptyTrustPath::class]),
'aaguid' => $uuid->toString(),
'public_key' => 'public_key',
'counter' => 0,
'user_handle' => 'test_user_handle',
'created_at' => now()->toDateTimeString(),
'updated_at' => now()->toDateTimeString(),
]); ]);
$data = [ $this->json('POST', '/webauthn/login')
'id' => 'dGVzdF9jcmVkZW50aWFsX2lk', ->assertNoContent(422);
'rawId' => 'ZEdWemRGOWpjbVZrWlc1MGFXRnNYMmxr',
'type' => 'test_type',
'response' => [
'authenticatorData' => 'test',
'clientDataJSON' => 'test',
'signature' => 'test',
'userHandle' => '',
],
];
$this->mock(WebAuthnAssertValidator::class)
->shouldReceive('validate')
->with([
'id' => 'dGVzdF9jcmVkZW50aWFsX2lk',
'rawId' => 'ZEdWemRGOWpjbVZrWlc1MGFXRnNYMmxr',
'type' => 'test_type',
'response' => [
'authenticatorData' => 'test',
'clientDataJSON' => 'test',
'signature' => 'test',
'userHandle' => 'dGVzdF91c2VyX2hhbmRsZQ==',
],
])
->andReturnUsing(function ($data) {
$credentials = WebAuthnCredential::find($data['id']);
$credentials->setAttribute('counter', 1)->save();
return $credentials->toCredentialSource();
});
$this->json('POST', '/webauthn/login', $data)
->assertNoContent();
$this->assertAuthenticatedAs($this->user);
} }
/** /**
* @test * @test
*/ */
public function test_user_login_with_missing_data_returns_validation_error() public function test_webauthn_login_with_missing_data_returns_validation_error()
{ {
$this->user = User::factory()->create([ $this->user = User::factory()->create();
'name' => 'john',
'email' => 'john.doe@mail.com',
'password' => '$2y$10$FLIykVJWDsYSVMJyaFZZfe4tF5uBTnGsosJBL.ZfAAHsYgc27FSdi',
]);
$data = [ $data = [
'id' => '', 'id' => '',
@ -194,19 +102,35 @@ public function test_user_login_with_missing_data_returns_validation_error()
*/ */
public function test_get_options_returns_success() public function test_get_options_returns_success()
{ {
$this->user = User::factory()->create([ $this->user = User::factory()->create();
'name' => 'john',
'email' => 'john.doe@mail.com', DB::table('webauthn_credentials')->insert([
'password' => '$2y$10$FLIykVJWDsYSVMJyaFZZfe4tF5uBTnGsosJBL.ZfAAHsYgc27FSdi', 'id' => self::CREDENTIAL_ID,
'authenticatable_type' => \App\Models\User::class,
'authenticatable_id' => $this->user->id,
'user_id' => self::USER_ID,
'counter' => 0,
'rp_id' => 'http://localhost',
'origin' => 'http://localhost',
'aaguid' => '00000000-0000-0000-0000-000000000000',
'attestation_format' => 'none',
'public_key' => self::PUBLIC_KEY,
'updated_at' => now(),
'created_at' => now(),
]); ]);
$response = $this->json('POST', '/webauthn/login/options', []) $response = $this->json('POST', '/webauthn/login/options')
->assertOk() ->assertOk()
->assertJsonStructure([ ->assertJsonStructure([
'challenge', 'challenge',
'rpId',
'userVerification', 'userVerification',
'timeout', 'timeout',
])
->assertJsonFragment([
'allowCredentials' => [[
'id' => self::CREDENTIAL_ID,
'type' => 'public-key'
]],
]); ]);
} }
@ -216,7 +140,7 @@ public function test_get_options_returns_success()
*/ */
public function test_get_options_with_no_registred_user_returns_error() public function test_get_options_with_no_registred_user_returns_error()
{ {
$this->json('POST', '/webauthn/login/options', []) $this->json('POST', '/webauthn/login/options')
->assertStatus(400) ->assertStatus(400)
->assertJsonStructure([ ->assertJsonStructure([
'message', 'message',

71
tests/Feature/Http/Auth/WebAuthnManageControllerTest.php
View File

@ -7,15 +7,22 @@
use Illuminate\Support\Facades\DB; use Illuminate\Support\Facades\DB;
use Illuminate\Support\Str; use Illuminate\Support\Str;
use Webauthn\TrustPath\EmptyTrustPath; use Webauthn\TrustPath\EmptyTrustPath;
use Illuminate\Foundation\Testing\WithoutMiddleware;
class WebAuthnManageControllerTest extends FeatureTestCase class WebAuthnManageControllerTest extends FeatureTestCase
{ {
// use WithoutMiddleware;
/** /**
* @var \App\Models\User * @var \App\Models\User
*/ */
protected $user; protected $user;
public const CREDENTIAL_ID = '-VOLFKPY-_FuMI_sJ7gMllK76L3VoRUINj6lL_Z3qDg';
public const CREDENTIAL_ID_RAW = '+VOLFKPY+/FuMI/sJ7gMllK76L3VoRUINj6lL/Z3qDg=';
/** /**
* @test * @test
*/ */
@ -32,20 +39,19 @@ public function setUp(): void
*/ */
public function test_index_returns_success_with_credentials() public function test_index_returns_success_with_credentials()
{ {
DB::table('web_authn_credentials')->insert([ DB::table('webauthn_credentials')->insert([
'id' => 'test_credential_id', 'id' => self::CREDENTIAL_ID,
'user_id' => $this->user->id, 'authenticatable_type' => \App\Models\User::class,
'type' => 'public_key', 'authenticatable_id' => $this->user->id,
'transports' => json_encode([]), 'user_id' => 'e8af6f703f8042aa91c30cf72289aa07',
'attestation_type' => 'none', 'counter' => 0,
'trust_path' => json_encode(['type' => EmptyTrustPath::class]), 'rp_id' => 'http://localhost',
'aaguid' => Str::uuid(), 'origin' => 'http://localhost',
'public_key' => 'public_key_bar', 'aaguid' => '00000000-0000-0000-0000-000000000000',
'counter' => 0, 'attestation_format' => 'none',
'user_handle' => 'test_id', 'public_key' => 'eyJpdiI6Imp0U0NVeFNNbW45KzEvMXpad2p2SUE9PSIsInZhbHVlIjoic0VxZ2I1WnlHM2lJakhkWHVkK2kzMWtibk1IN2ZlaExGT01qOElXMDdRTjhnVlR0TDgwOHk1S0xQUy9BQ1JCWHRLNzRtenNsMml1dVQydWtERjFEU0h0bkJGT2RwUXE1M1JCcVpablE2Y2VGV2YvVEE2RGFIRUE5L0x1K0JIQXhLVE1aNVNmN3AxeHdjRUo2V0hwREZSRTJYaThNNnB1VnozMlVXZEVPajhBL3d3ODlkTVN3bW54RTEwSG0ybzRQZFFNNEFrVytUYThub2IvMFRtUlBZamoyZElWKzR1bStZQ1IwU3FXbkYvSm1FU2FlMTFXYUo0SG9kc1BDME9CNUNKeE9IelE5d2dmNFNJRXBKNUdlVzJ3VHUrQWJZRFluK0hib0xvVTdWQ0ZISjZmOWF3by83aVJES1dxbU9Zd1lhRTlLVmhZSUdlWmlBOUFtcTM2ZVBaRWNKNEFSQUhENk5EaC9hN3REdnVFbm16WkRxekRWOXd4cVcvZFdKa2tlWWJqZWlmZnZLS0F1VEVCZEZQcXJkTExiNWRyQmxsZWtaSDRlT3VVS0ZBSXFBRG1JMjRUMnBKRXZxOUFUa2xxMjg2TEplUzdscVo2UytoVU5SdXk1OE1lcFN6aU05ZkVXTkdIM2tKM3Q5bmx1TGtYb1F5bGxxQVR3K3BVUVlia1VybDFKRm9lZDViNzYraGJRdmtUb2FNTEVGZmZYZ3lYRDRiOUVjRnJpcTVvWVExOHJHSTJpMnVBZ3E0TmljbUlKUUtXY2lSWDh1dE5MVDNRUzVRSkQrTjVJUU8rSGhpeFhRRjJvSEdQYjBoVT0iLCJtYWMiOiI5MTdmNWRkZGE5OTEwNzQ3MjhkYWVhYjRlNjk0MWZlMmI5OTQ4YzlmZWI1M2I4OGVkMjE1MjMxNjUwOWRmZTU2IiwidGFnIjoiIn0=',
'created_at' => now()->toDateTimeString(), 'updated_at' => now(),
'updated_at' => now()->toDateTimeString(), 'created_at' => now(),
'disabled_at' => null,
]); ]);
$response = $this->actingAs($this->user, 'web-guard') $response = $this->actingAs($this->user, 'web-guard')
@ -54,9 +60,7 @@ public function test_index_returns_success_with_credentials()
->assertJsonStructure([ ->assertJsonStructure([
'*' => [ '*' => [
'id', 'id',
'name', 'alias',
'type',
'transports'
] ]
]); ]);
} }
@ -67,25 +71,24 @@ public function test_index_returns_success_with_credentials()
*/ */
public function test_rename_returns_success_with_new_name() public function test_rename_returns_success_with_new_name()
{ {
DB::table('web_authn_credentials')->insert([ DB::table('webauthn_credentials')->insert([
'id' => 'test_credential_id', 'id' => self::CREDENTIAL_ID,
'name' => 'MyCredential', 'authenticatable_type' => \App\Models\User::class,
'user_id' => $this->user->id, 'authenticatable_id' => $this->user->id,
'type' => 'public_key', 'user_id' => 'e8af6f703f8042aa91c30cf72289aa07',
'transports' => json_encode([]), 'alias' => 'MyNewCredential',
'attestation_type' => 'none', 'counter' => 0,
'trust_path' => json_encode(['type' => EmptyTrustPath::class]), 'rp_id' => 'http://localhost',
'aaguid' => Str::uuid(), 'origin' => 'http://localhost',
'public_key' => 'public_key_bar', 'aaguid' => '00000000-0000-0000-0000-000000000000',
'counter' => 0, 'attestation_format' => 'none',
'user_handle' => 'test_id', 'public_key' => 'eyJpdiI6Imp0U0NVeFNNbW45KzEvMXpad2p2SUE9PSIsInZhbHVlIjoic0VxZ2I1WnlHM2lJakhkWHVkK2kzMWtibk1IN2ZlaExGT01qOElXMDdRTjhnVlR0TDgwOHk1S0xQUy9BQ1JCWHRLNzRtenNsMml1dVQydWtERjFEU0h0bkJGT2RwUXE1M1JCcVpablE2Y2VGV2YvVEE2RGFIRUE5L0x1K0JIQXhLVE1aNVNmN3AxeHdjRUo2V0hwREZSRTJYaThNNnB1VnozMlVXZEVPajhBL3d3ODlkTVN3bW54RTEwSG0ybzRQZFFNNEFrVytUYThub2IvMFRtUlBZamoyZElWKzR1bStZQ1IwU3FXbkYvSm1FU2FlMTFXYUo0SG9kc1BDME9CNUNKeE9IelE5d2dmNFNJRXBKNUdlVzJ3VHUrQWJZRFluK0hib0xvVTdWQ0ZISjZmOWF3by83aVJES1dxbU9Zd1lhRTlLVmhZSUdlWmlBOUFtcTM2ZVBaRWNKNEFSQUhENk5EaC9hN3REdnVFbm16WkRxekRWOXd4cVcvZFdKa2tlWWJqZWlmZnZLS0F1VEVCZEZQcXJkTExiNWRyQmxsZWtaSDRlT3VVS0ZBSXFBRG1JMjRUMnBKRXZxOUFUa2xxMjg2TEplUzdscVo2UytoVU5SdXk1OE1lcFN6aU05ZkVXTkdIM2tKM3Q5bmx1TGtYb1F5bGxxQVR3K3BVUVlia1VybDFKRm9lZDViNzYraGJRdmtUb2FNTEVGZmZYZ3lYRDRiOUVjRnJpcTVvWVExOHJHSTJpMnVBZ3E0TmljbUlKUUtXY2lSWDh1dE5MVDNRUzVRSkQrTjVJUU8rSGhpeFhRRjJvSEdQYjBoVT0iLCJtYWMiOiI5MTdmNWRkZGE5OTEwNzQ3MjhkYWVhYjRlNjk0MWZlMmI5OTQ4YzlmZWI1M2I4OGVkMjE1MjMxNjUwOWRmZTU2IiwidGFnIjoiIn0=',
'created_at' => now()->toDateTimeString(), 'updated_at' => now(),
'updated_at' => now()->toDateTimeString(), 'created_at' => now(),
'disabled_at' => null,
]); ]);
$response = $this->actingAs($this->user, 'web-guard') $response = $this->actingAs($this->user, 'web-guard')
->json('PATCH', '/webauthn/credentials/test_credential_id/name',[ ->json('PATCH', '/webauthn/credentials/'.self::CREDENTIAL_ID.'/name',[
'name' => 'MyNewCredential', 'name' => 'MyNewCredential',
]) ])
->assertStatus(200) ->assertStatus(200)
@ -101,7 +104,7 @@ public function test_rename_returns_success_with_new_name()
public function test_rename_invalid_data_returns_validation_error() public function test_rename_invalid_data_returns_validation_error()
{ {
$response = $this->actingAs($this->user, 'web-guard') $response = $this->actingAs($this->user, 'web-guard')
->json('PATCH', '/webauthn/credentials/test_credential_id/name', [ ->json('PATCH', '/webauthn/credentials/'.self::CREDENTIAL_ID.'/name', [
'name' => null, 'name' => null,
]) ])
->assertStatus(422); ->assertStatus(422);

132
tests/Feature/Http/Auth/WebAuthnRecoveryControllerTest.php
View File

@ -6,6 +6,7 @@
use Tests\FeatureTestCase; use Tests\FeatureTestCase;
use Illuminate\Support\Facades\DB; use Illuminate\Support\Facades\DB;
use Illuminate\Support\Facades\Date; use Illuminate\Support\Facades\Date;
use Database\Factories\UserFactory;
class WebAuthnRecoveryControllerTest extends FeatureTestCase class WebAuthnRecoveryControllerTest extends FeatureTestCase
{ {
@ -13,6 +14,15 @@ class WebAuthnRecoveryControllerTest extends FeatureTestCase
* @var \App\Models\User * @var \App\Models\User
*/ */
protected $user; protected $user;
/**
* @var
*/
protected $now;
const STORED_TOKEN_VALUE = '$2y$10$P6q8rl8te5QaO1EdpyJcNO0s9VFlVgf62KaItQhrPTskxfyu97mlW';
const ACTUAL_TOKEN_VALUE = '9e583e3fb6c32034164ac62415c9657dcbd1fb861b434340b08a94c2075cac66';
const CREDENTIAL_ID = '-VOLFKPY-_FuMI_sJ7gMllK76L3VoRUINj6lL_Z3qDg';
/** /**
@ -23,39 +33,42 @@ public function setUp(): void
parent::setUp(); parent::setUp();
$this->user = User::factory()->create(); $this->user = User::factory()->create();
}
Date::setTestNow($this->now = Date::create(2022, 11, 16, 9, 4));
/** DB::table('webauthn_recoveries')->insert([
* @test
*/
public function test_options_returns_success()
{
$token = '$2y$10$hgGTVVTRLsSYSlAHpyydBu6m4ZuRheBqTTUfRE/aG89DaqEyo.HPu';
Date::setTestNow($now = Date::create(2020, 01, 01, 16, 30));
DB::table('web_authn_recoveries')->insert([
'email' => $this->user->email, 'email' => $this->user->email,
'token' => $token, 'token' => self::STORED_TOKEN_VALUE,
'created_at' => $now->toDateTimeString(), 'created_at' => $this->now->toDateTimeString(),
]); ]);
$response = $this->json('POST', '/webauthn/recover/options', [
'token' => 'test_token',
'email' => $this->user->email,
])
->assertStatus(200);
} }
/** /**
* @test * @test
*/ */
public function test_options_with_invalid_token_returns_error() public function test_recover_with_invalid_token_returns_validation_error()
{ {
$response = $this->json('POST', '/webauthn/recover/options', [ $response = $this->json('POST', '/webauthn/recover', [
'token' => 'myToken', 'token' => 'bad_token',
'email' => $this->user->email, 'email' => $this->user->email,
'password' => UserFactory::USER_PASSWORD,
])
->assertStatus(422)
->assertJsonMissingValidationErrors('email')
->assertJsonValidationErrors('token');
}
/**
* @test
*/
public function test_recover_with_invalid_password_returns_authentication_error()
{
$response = $this->json('POST', '/webauthn/recover', [
'token' => self::ACTUAL_TOKEN_VALUE,
'email' => $this->user->email,
'password' => 'bad_password',
]) ])
->assertStatus(401); ->assertStatus(401);
} }
@ -64,52 +77,55 @@ public function test_options_with_invalid_token_returns_error()
/** /**
* @test * @test
*/ */
public function test_options_without_inputs_returns_validation_errors() public function test_recover_returns_success()
{ {
$response = $this->json('POST', '/webauthn/recover/options', [ $response = $this->json('POST', '/webauthn/recover', [
'token' => '', 'token' => self::ACTUAL_TOKEN_VALUE,
'email' => '', 'email' => $this->user->email,
'password' => UserFactory::USER_PASSWORD,
])
->assertStatus(200);
$this->assertDatabaseMissing('webauthn_recoveries', [
'token' => self::STORED_TOKEN_VALUE,
]); ]);
$response->assertStatus(422) $this->assertDatabaseMissing('options', [
->assertJsonValidationErrors(['token']) 'key' => 'useWebauthnOnly',
->assertJsonValidationErrors(['email']); ]);
} }
/** /**
* @test * @test
*/ */
// public function test_recover_returns_success() public function test_revoke_all_credentials_clear_registered_credentials()
// {
// $token = '$2y$10$hgGTVVTRLsSYSlAHpyydBu6m4ZuRheBqTTUfRE/aG89DaqEyo.HPu';
// Date::setTestNow($now = Date::create(2020, 01, 01, 16, 30));
// DB::table('web_authn_recoveries')->insert([
// 'email' => $this->user->email,
// 'token' => $token,
// 'created_at' => $now->toDateTimeString(),
// ]);
// $response = $this->json('POST', '/webauthn/recover', [], [
// 'token' => $token,
// 'email' => $this->user->email,
// ])
// ->assertStatus(200);
// }
/**
* @test
*/
public function test_recover_with_invalid_token_returns_validation_error()
{ {
$response = $this->json('POST', '/webauthn/recover', [], [ DB::table('webauthn_credentials')->insert([
'token' => 'toekn', 'id' => self::CREDENTIAL_ID,
'email' => $this->user->email, 'authenticatable_type' => \App\Models\User::class,
]) 'authenticatable_id' => $this->user->id,
->assertStatus(422) 'user_id' => 'e8af6f703f8042aa91c30cf72289aa07',
->assertJsonValidationErrors(['email']); 'counter' => 0,
} 'rp_id' => 'http://localhost',
'origin' => 'http://localhost',
'aaguid' => '00000000-0000-0000-0000-000000000000',
'attestation_format' => 'none',
'public_key' => 'eyJpdiI6Imp0U0NVeFNNbW45KzEvMXpad2p2SUE9PSIsInZhbHVlIjoic0VxZ2I1WnlHM2lJakhkWHVkK2kzMWtibk1IN2ZlaExGT01qOElXMDdRTjhnVlR0TDgwOHk1S0xQUy9BQ1JCWHRLNzRtenNsMml1dVQydWtERjFEU0h0bkJGT2RwUXE1M1JCcVpablE2Y2VGV2YvVEE2RGFIRUE5L0x1K0JIQXhLVE1aNVNmN3AxeHdjRUo2V0hwREZSRTJYaThNNnB1VnozMlVXZEVPajhBL3d3ODlkTVN3bW54RTEwSG0ybzRQZFFNNEFrVytUYThub2IvMFRtUlBZamoyZElWKzR1bStZQ1IwU3FXbkYvSm1FU2FlMTFXYUo0SG9kc1BDME9CNUNKeE9IelE5d2dmNFNJRXBKNUdlVzJ3VHUrQWJZRFluK0hib0xvVTdWQ0ZISjZmOWF3by83aVJES1dxbU9Zd1lhRTlLVmhZSUdlWmlBOUFtcTM2ZVBaRWNKNEFSQUhENk5EaC9hN3REdnVFbm16WkRxekRWOXd4cVcvZFdKa2tlWWJqZWlmZnZLS0F1VEVCZEZQcXJkTExiNWRyQmxsZWtaSDRlT3VVS0ZBSXFBRG1JMjRUMnBKRXZxOUFUa2xxMjg2TEplUzdscVo2UytoVU5SdXk1OE1lcFN6aU05ZkVXTkdIM2tKM3Q5bmx1TGtYb1F5bGxxQVR3K3BVUVlia1VybDFKRm9lZDViNzYraGJRdmtUb2FNTEVGZmZYZ3lYRDRiOUVjRnJpcTVvWVExOHJHSTJpMnVBZ3E0TmljbUlKUUtXY2lSWDh1dE5MVDNRUzVRSkQrTjVJUU8rSGhpeFhRRjJvSEdQYjBoVT0iLCJtYWMiOiI5MTdmNWRkZGE5OTEwNzQ3MjhkYWVhYjRlNjk0MWZlMmI5OTQ4YzlmZWI1M2I4OGVkMjE1MjMxNjUwOWRmZTU2IiwidGFnIjoiIn0=',
'updated_at' => now(),
'created_at' => now(),
]);
$response = $this->json('POST', '/webauthn/recover', [
'token' => self::ACTUAL_TOKEN_VALUE,
'email' => $this->user->email,
'password' => UserFactory::USER_PASSWORD,
'revokeAll' => true
])
->assertStatus(200);
$this->assertDatabaseMissing('webauthn_credentials', [
'authenticatable_id' => $this->user->id,
]);
}
} }