From f30b928debdf5b4438999565ae7dc68f85e90fa1 Mon Sep 17 00:00:00 2001 From: Bubka <858858+Bubka@users.noreply.github.com> Date: Tue, 21 Jun 2022 17:27:47 +0200 Subject: [PATCH] Add tests for Google Auth import feature --- .../Controllers/TwoFAccountControllerTest.php | 100 ++++++++++++++++++ .../Requests/TwoFAccountImportRequestTest.php | 97 +++++++++++++++++ .../Services/TwoFAccountServiceTest.php | 69 ++++++++++++ tests/Unit/Exceptions/HandlerTest.php | 3 + 4 files changed, 269 insertions(+) create mode 100644 tests/Api/v1/Requests/TwoFAccountImportRequestTest.php diff --git a/tests/Api/v1/Controllers/TwoFAccountControllerTest.php b/tests/Api/v1/Controllers/TwoFAccountControllerTest.php index e29c794f..f49addf1 100644 --- a/tests/Api/v1/Controllers/TwoFAccountControllerTest.php +++ b/tests/Api/v1/Controllers/TwoFAccountControllerTest.php @@ -8,6 +8,7 @@ use App\Models\TwoFAccount; use Illuminate\Support\Facades\DB; use Illuminate\Support\Facades\Storage; +use Illuminate\Http\UploadedFile; /** @@ -159,6 +160,10 @@ class TwoFAccountControllerTest extends FeatureTestCase 'otp_type' => 'totp', 'secret' => self::SECRET, ]; + private const GOOGLE_AUTH_MIGRATION_URI = 'otpauth-migration://offline?data=CiQKCgcNEp61iE2P0RYSB2FjY291bnQaB3NlcnZpY2UgASgBMAIKLAoKBw0SnrWITY/RFhILYWNjb3VudF9iaXMaC3NlcnZpY2VfYmlzIAEoATACEAEYASAA'; + private const INVALID_GOOGLE_AUTH_MIGRATION_URI = 'otpauthmigration://offline?data=CiQKCgcNEp61iE2P0RYSB2FjY291bnQaB3NlcnZpY2UgASgBMAIKLAoKBw0SnrWITY/RFhILYWNjb3VudF9iaXMaC3NlcnZpY2VfYmlzIAEoATACEAEYASAA'; + private const GOOGLE_AUTH_MIGRATION_URI_WITH_INVALID_DATA = 'otpauth-migration://offline?data=CiQKCgcNEp61iE2P0RYSB2FjY291bnQaB3NlcnZpY'; + /** * @test @@ -565,6 +570,101 @@ public function test_update_twofaccount_with_invalid_data_returns_validation_err } + /** + * @test + */ + public function test_import_valid_gauth_data_returns_success_with_consistent_resources() + { + $response = $this->actingAs($this->user, 'api-guard') + ->json('POST', '/api/v1/twofaccounts/import', [ + 'uri' => self::GOOGLE_AUTH_MIGRATION_URI, + ]) + ->assertOk() + ->assertJsonCount(2, $key = null) + ->assertJsonFragment([ + 'id' => 0, + 'service' => self::SERVICE, + 'account' => self::ACCOUNT, + 'otp_type' => 'totp', + 'secret' => self::SECRET, + 'digits' => self::DIGITS_DEFAULT, + 'algorithm' => self::ALGORITHM_DEFAULT, + 'period' => self::PERIOD_DEFAULT, + 'counter' => null + ]) + ->assertJsonFragment([ + 'id' => 0, + 'service' => self::SERVICE . '_bis', + 'account' => self::ACCOUNT . '_bis', + 'otp_type' => 'totp', + 'secret' => self::SECRET, + 'digits' => self::DIGITS_DEFAULT, + 'algorithm' => self::ALGORITHM_DEFAULT, + 'period' => self::PERIOD_DEFAULT, + 'counter' => null + ]); + } + + + /** + * @test + */ + public function test_import_with_invalid_uri_returns_validation_error() + { + $response = $this->actingAs($this->user, 'api-guard') + ->json('POST', '/api/v1/twofaccounts', [ + 'uri' => self::INVALID_GOOGLE_AUTH_MIGRATION_URI, + ]) + ->assertStatus(422); + } + + + /** + * @test + */ + public function test_import_gauth_data_with_duplicates_returns_negative_ids() + { + $twofaccount = TwoFAccount::factory()->create([ + 'otp_type' => 'totp', + 'account' => self::ACCOUNT, + 'service' => self::SERVICE, + 'secret' => self::SECRET, + 'algorithm' => self::ALGORITHM_DEFAULT, + 'digits' => self::DIGITS_DEFAULT, + 'period' => self::PERIOD_DEFAULT, + 'legacy_uri' => self::TOTP_SHORT_URI, + 'icon' => '', + ]); + + $response = $this->actingAs($this->user, 'api-guard') + ->json('POST', '/api/v1/twofaccounts/import', [ + 'uri' => self::GOOGLE_AUTH_MIGRATION_URI, + ]) + ->assertOk() + ->assertJsonFragment([ + 'id' => -1, + 'service' => self::SERVICE, + 'account' => self::ACCOUNT, + ]); + } + + + /** + * @test + */ + public function test_import_invalid_gauth_data_returns_bad_request() + { + $response = $this->actingAs($this->user, 'api-guard') + ->json('POST', '/api/v1/twofaccounts/import', [ + 'uri' => self::GOOGLE_AUTH_MIGRATION_URI_WITH_INVALID_DATA, + ]) + ->assertStatus(400) + ->assertJsonStructure([ + 'message' + ]); + } + + /** * @test */ diff --git a/tests/Api/v1/Requests/TwoFAccountImportRequestTest.php b/tests/Api/v1/Requests/TwoFAccountImportRequestTest.php new file mode 100644 index 00000000..5b4ec14d --- /dev/null +++ b/tests/Api/v1/Requests/TwoFAccountImportRequestTest.php @@ -0,0 +1,97 @@ +once() + ->andReturn(true); + + $request = new TwoFAccountImportRequest(); + + $this->assertTrue($request->authorize()); + } + + /** + * @dataProvider provideValidData + */ + public function test_valid_data(array $data) : void + { + $request = new TwoFAccountImportRequest(); + $validator = Validator::make($data, $request->rules()); + + $this->assertFalse($validator->fails()); + } + + /** + * Provide Valid data for validation test + */ + public function provideValidData() : array + { + return [ + [[ + 'uri' => 'otpauth-migration://offline?data=AEoATACEAEYASAA' + ]], + ]; + } + + /** + * @dataProvider provideInvalidData + */ + public function test_invalid_data(array $data) : void + { + $request = new TwoFAccountImportRequest(); + $validator = Validator::make($data, $request->rules()); + + $this->assertTrue($validator->fails()); + } + + /** + * Provide invalid data for validation test + */ + public function provideInvalidData() : array + { + return [ + [[ + 'uri' => null // required + ]], + [[ + 'uri' => '' // required + ]], + [[ + 'uri' => true // string + ]], + [[ + 'uri' => 8 // string + ]], + [[ + 'uri' => 'otpXauth-migration://offline?data=fYmlzIAEoATACEAEYASAA' // regex + ]], + [[ + 'uri' => 'otpauth-migration:/offline?data=fYmlzIAEoATACEAEYASAA' // regex + ]], + [[ + 'uri' => 'otpauth-migration://offlinedata=fYmlzIAEoATACEAEYASAA' // regex + ]], + [[ + 'uri' => 'otpauth-migration://offline?dat=fYmlzIAEoATACEAEYASAA' // regex + ]], + ]; + } + +} \ No newline at end of file diff --git a/tests/Feature/Services/TwoFAccountServiceTest.php b/tests/Feature/Services/TwoFAccountServiceTest.php index fb2c9a39..4e494fec 100644 --- a/tests/Feature/Services/TwoFAccountServiceTest.php +++ b/tests/Feature/Services/TwoFAccountServiceTest.php @@ -97,6 +97,8 @@ class TwoFAccountServiceTest extends FeatureTestCase 'otp_type' => 'hotp', 'secret' => self::SECRET, ]; + private const GOOGLE_AUTH_MIGRATION_URI = 'otpauth-migration://offline?data=CiQKCgcNEp61iE2P0RYSB2FjY291bnQaB3NlcnZpY2UgASgBMAIKLAoKBw0SnrWITY/RFhILYWNjb3VudF9iaXMaC3NlcnZpY2VfYmlzIAEoATACEAEYASAA'; + private const GOOGLE_AUTH_MIGRATION_URI_WITH_INVALID_DATA = 'otpauth-migration://offline?data=CiQKCgcNEp61iE2P0RYSB2FjY291bnQaB3NlcnZpY'; /** @@ -759,4 +761,71 @@ public function test_delete_single_id() ]); } + + /** + * @test + */ + public function test_convert_migration_from_gauth_returns_correct_accounts() + { + $twofaccounts = $this->twofaccountService->convertMigrationFromGA(self::GOOGLE_AUTH_MIGRATION_URI); + + $this->assertCount(2, $twofaccounts); + + $this->assertEquals('totp', $twofaccounts->first()->otp_type); + $this->assertEquals(self::SERVICE, $twofaccounts->first()->service); + $this->assertEquals(self::ACCOUNT, $twofaccounts->first()->account); + $this->assertEquals(self::SECRET, $twofaccounts->first()->secret); + $this->assertEquals(self::DIGITS_DEFAULT, $twofaccounts->first()->digits); + $this->assertEquals(self::PERIOD_DEFAULT, $twofaccounts->first()->period); + $this->assertEquals(null, $twofaccounts->first()->counter); + $this->assertEquals(self::ALGORITHM_DEFAULT, $twofaccounts->first()->algorithm); + + $this->assertEquals('totp', $twofaccounts->last()->otp_type); + $this->assertEquals(self::SERVICE.'_bis', $twofaccounts->last()->service); + $this->assertEquals(self::ACCOUNT.'_bis', $twofaccounts->last()->account); + $this->assertEquals(self::SECRET, $twofaccounts->last()->secret); + $this->assertEquals(self::DIGITS_DEFAULT, $twofaccounts->last()->digits); + $this->assertEquals(self::PERIOD_DEFAULT, $twofaccounts->last()->period); + $this->assertEquals(null, $twofaccounts->last()->counter); + $this->assertEquals(self::ALGORITHM_DEFAULT, $twofaccounts->last()->algorithm); + } + + + /** + * @test + */ + public function test_convert_migration_from_gauth_returns_flagged_duplicates() + { + $parameters = [ + 'service' => self::SERVICE, + 'account' => self::ACCOUNT, + 'icon' => self::ICON, + 'otp_type' => 'totp', + 'secret' => self::SECRET, + 'digits' => self::DIGITS_DEFAULT, + 'algorithm' => self::ALGORITHM_DEFAULT, + 'period' => self::PERIOD_DEFAULT, + ]; + $twofaccount = $this->twofaccountService->createFromParameters($parameters); + + $parameters['service'] = self::SERVICE.'_bis'; + $parameters['account'] = self::ACCOUNT.'_bis'; + $twofaccount = $this->twofaccountService->createFromParameters($parameters); + + $twofaccounts = $this->twofaccountService->convertMigrationFromGA(self::GOOGLE_AUTH_MIGRATION_URI); + + $this->assertEquals(-1, $twofaccounts->first()->id); + $this->assertEquals(-1, $twofaccounts->last()->id); + } + + + /** + * @test + */ + public function test_convert_invalid_migration_from_gauth_returns_InvalidGoogleAuthMigration_excpetion() + { + $this->expectException(\App\Exceptions\InvalidGoogleAuthMigration::class); + $twofaccounts = $this->twofaccountService->convertMigrationFromGA(self::GOOGLE_AUTH_MIGRATION_URI_WITH_INVALID_DATA); + } + } \ No newline at end of file diff --git a/tests/Unit/Exceptions/HandlerTest.php b/tests/Unit/Exceptions/HandlerTest.php index dfb7f6b9..7b6fde66 100644 --- a/tests/Unit/Exceptions/HandlerTest.php +++ b/tests/Unit/Exceptions/HandlerTest.php @@ -58,6 +58,9 @@ public function provideExceptionsforBadRequest() : array [ '\App\Exceptions\DbEncryptionException' ], + [ + '\App\Exceptions\InvalidGoogleAuthMigration' + ], ]; }