Home Explore Help
Sign In
SMusatov
/
zammad
mirror of https://github.com/zammad/zammad.git
1
0
Fork 0
Files
Tree: 1563f7edd6
Branches Tags
zammad
/
spec
/
lib
/
auth
/
two_factor
/
authentication_method_spec.rb

authentication_method_spec.rb 4.7 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126 
  1. # Copyright (C) 2012-2024 Zammad Foundation, https://zammad-foundation.org/
    2. 

  2. 

  3. require 'rails_helper'
    4. 

  4. require 'rotp'
    5. 

  5. 

  6. RSpec.describe Auth::TwoFactor::AuthenticationMethod, current_user_id: 1 do
    7. 

  7.   subject(:instance) { described_class.new(user) }
    8. 

  8. 

  9.   let(:user) { create(:user) }
    10. 

  10. 

  11.   shared_examples 'responding to provided instance method' do |method|
    12. 

  12.     it "responds to '.#{method}'" do
    13. 

  13.       expect(instance).to respond_to(method)
    14. 

  14.     end
    15. 

  15.   end
    16. 

  16. 

  17.   shared_examples "raising 'NotImplemented' error for base methods" do |method, args = []|
    18. 

  18.     it "raises 'NotImplemented' error for '.#{method}'" do
    19. 

  19.       expect { instance.method(method).call(*args) }.to raise_error(NotImplementedError)
    20. 

  20.     end
    21. 

  21.   end
    22. 

  22. 

  23.   shared_examples 'returning expected value' do |method, value, args = [], assertion: 'be'|
    24. 

  24.     it "returns expected value for '.#{method}'", if: assertion == 'eq' do
    25. 

  25.       expect(instance.method(method).call(*args)).to eq(value)
    26. 

  26.     end
    27. 

  27. 

  28.     it "returns expected value for '.#{method}'", if: assertion == 'be' do
    29. 

  29.       expect(instance.method(method).call(*args)).to be(value)
    30. 

  30.     end
    31. 

  31.   end
    32. 

  32. 

  33.   it_behaves_like 'responding to provided instance method', :verify
    34. 

  34.   it_behaves_like 'responding to provided instance method', :available?
    35. 

  35.   it_behaves_like 'responding to provided instance method', :enabled?
    36. 

  36.   it_behaves_like 'responding to provided instance method', :method_name
    37. 

  37.   it_behaves_like 'responding to provided instance method', :related_setting_name
    38. 

  38.   it_behaves_like 'responding to provided instance method', :initiate_configuration
    39. 

  39.   it_behaves_like 'responding to provided instance method', :create_user_config
    40. 

  40.   it_behaves_like 'responding to provided instance method', :destroy_user_config
    41. 

  41. 

  42.   it_behaves_like "raising 'NotImplemented' error for base methods", :verify, [ nil, nil ]
    43. 

  43.   it_behaves_like "raising 'NotImplemented' error for base methods", :initiate_configuration
    44. 

  44. 

  45.   it_behaves_like 'returning expected value', :available?, true
    46. 

  46.   it_behaves_like 'returning expected value', :enabled?, nil
    47. 

  47.   it_behaves_like 'returning expected value', :method_name, 'authentication_method', assertion: 'eq'
    48. 

  48.   it_behaves_like 'returning expected value', :related_setting_name, 'two_factor_authentication_method_authentication_method', assertion: 'eq'
    49. 

  49. 

  50.   describe '#create_user_config' do
    51. 

  51.     let(:secret) { ROTP::Base32.random_base32 }
    52. 

  52.     let(:data) do
    53. 

  53.       {
    54. 

  54.         secret:           secret,
    55. 

  55.         provisioning_uri: ROTP::TOTP.new(secret, issuer: 'Zammad CI').provisioning_uri(user.login),
    56. 

  56.       }
    57. 

  57.     end
    58. 

  58. 

  59.     it 'saves two factor configuration for the user' do
    60. 

  60.       instance.create_user_config(data)
    61. 

  61. 

  62.       expect(user.two_factor_preferences).to include(User::TwoFactorPreference)
    63. 

  63.     end
    64. 

  64. 

  65.     context 'with existing configuration' do
    66. 

  66.       let!(:two_factor_pref) { create(:user_two_factor_preference, :security_keys, method: 'authentication_method', user: user) }
    67. 

  67.       let(:data) do
    68. 

  68.         {
    69. 

  69.           'credentials' => [
    70. 

  70.             *two_factor_pref.configuration[:credentials],
    71. 

  71.             {
    72. 

  72.               'external_id' => Faker::Alphanumeric.alpha(number: 70),
    73. 

  73.               'public_key'  => Faker::Alphanumeric.alpha(number: 128),
    74. 

  74.               'nickname'    => Faker::Lorem.unique.word,
    75. 

  75.               'sign_count'  => '0',
    76. 

  76.               'created_at'  => Time.zone.now,
    77. 

  77.             },
    78. 

  78.           ]
    79. 

  79.         }
    80. 

  80.       end
    81. 

  81. 

  82.       it 'updates two factor configuration for the user' do
    83. 

  83.         instance.create_user_config(data)
    84. 

  84. 

  85.         expect(two_factor_pref.reload.configuration).to eq(data)
    86. 

  86.       end
    87. 

  87.     end
    88. 

  88.   end
    89. 

  89. 

  90.   describe '#update_user_config' do
    91. 

  91.     let!(:two_factor_pref) { create(:user_two_factor_preference, :authenticator_app, method: 'authentication_method', user: user) }
    92. 

  92.     let(:secret)           { ROTP::Base32.random_base32 }
    93. 

  93.     let(:data) do
    94. 

  94.       {
    95. 

  95.         'code'             => two_factor_pref.configuration[:code],
    96. 

  96.         'secret'           => secret,
    97. 

  97.         'provisioning_uri' => ROTP::TOTP.new(secret, issuer: 'Zammad CI').provisioning_uri(user.login),
    98. 

  98.       }
    99. 

  99.     end
    100. 

  100. 

  101.     it 'updates two factor configuration for the user' do
    102. 

  102.       instance.update_user_config(data)
    103. 

  103. 

  104.       expect(two_factor_pref.reload.configuration).to eq(data)
    105. 

  105.     end
    106. 

  106.   end
    107. 

  107. 

  108.   describe '#destroy_user_config' do
    109. 

  109.     before { create(:user_two_factor_preference, :authenticator_app, method: 'authentication_method', user: user) }
    110. 

  110. 

  111.     it 'removes two factor configuration for the user' do
    112. 

  112.       instance.destroy_user_config
    113. 

  113. 

  114.       expect(user.reload.two_factor_preferences).to be_empty
    115. 

  115.     end
    116. 

  116. 

  117.     context 'with existing recovery codes' do
    118. 

  118.       it 'deletes recovery code', :aggregate_failures do
    119. 

  119.         instance.destroy_user_config
    120. 

  120. 

  121.         expect(user.reload.two_factor_preferences.authentication_methods).to be_empty
    122. 

  122.         expect(user.reload.two_factor_preferences.recovery_codes).to be_nil
    123. 

  123.       end
    124. 

  124.     end
    125. 

  125.   end
    126. 

  126. end
    127.