Add test for Webauthn login with userVerification=preferred (see #117)

This commit is contained in:
Bubka 2023-03-17 17:09:38 +01:00
parent 2eaaf2bea8
commit 997f13add9
2 changed files with 43 additions and 3 deletions

View File

@ -2,7 +2,7 @@
return [ return [
'user_verification' => env('WEBAUTHN_USER_VERIFICATION', 'discouraged'), 'user_verification' => env('WEBAUTHN_USER_VERIFICATION', 'preferred'),
/* /*
|-------------------------------------------------------------------------- |--------------------------------------------------------------------------

View File

@ -303,7 +303,47 @@ public function test_too_many_invalid_login_attempts_returns_too_many_request_er
/** /**
* @test * @test
*/ */
public function test_get_options_for_securelogin_returns_success() public function test_get_options_returns_success()
{
Config::set('webauthn.user_verification', WebAuthn::USER_VERIFICATION_PREFERRED);
$this->user = User::factory()->create(['email' => self::EMAIL]);
DB::table('webauthn_credentials')->insert([
'id' => self::CREDENTIAL_ID,
'authenticatable_type' => \App\Models\User::class,
'authenticatable_id' => $this->user->id,
'user_id' => self::USER_ID,
'counter' => 0,
'rp_id' => 'http://localhost',
'origin' => 'http://localhost',
'aaguid' => '00000000-0000-0000-0000-000000000000',
'attestation_format' => 'none',
'public_key' => self::PUBLIC_KEY,
'updated_at' => now(),
'created_at' => now(),
]);
$response = $this->json('POST', '/webauthn/login/options', [
'email' => $this->user->email,
])
->assertOk()
->assertJsonStructure([
'challenge',
'timeout',
])
->assertJsonFragment([
'allowCredentials' => [[
'id' => self::CREDENTIAL_ID,
'type' => 'public-key',
]],
]);
}
/**
* @test
*/
public function test_get_options_for_securelogin_returns_required_userVerification()
{ {
Config::set('webauthn.user_verification', WebAuthn::USER_VERIFICATION_REQUIRED); Config::set('webauthn.user_verification', WebAuthn::USER_VERIFICATION_REQUIRED);
@ -345,7 +385,7 @@ public function test_get_options_for_securelogin_returns_success()
/** /**
* @test * @test
*/ */
public function test_get_options_for_fastlogin_returns_success() public function test_get_options_for_fastlogin_returns_discouraged_userVerification()
{ {
Config::set('webauthn.user_verification', WebAuthn::USER_VERIFICATION_DISCOURAGED); Config::set('webauthn.user_verification', WebAuthn::USER_VERIFICATION_DISCOURAGED);