2022-12-31 10:22:38 +01:00
|
|
|
package tests
|
|
|
|
|
|
|
|
|
|
import (
|
2023-10-24 09:27:34 +02:00
|
|
|
"testing"
|
|
|
|
|
|
2022-12-31 10:22:38 +01:00
|
|
|
"github.com/google/uuid"
|
|
|
|
|
"github.com/stretchr/testify/assert"
|
2023-04-11 23:18:47 +02:00
|
|
|
"github.com/stretchr/testify/suite"
|
2023-01-30 19:59:42 +01:00
|
|
|
"github.com/twofas/2fas-server/tests"
|
2022-12-31 10:22:38 +01:00
|
|
|
)
|
|
|
|
|
|
2023-04-11 23:18:47 +02:00
|
|
|
func TestBrowserExtensionTwoFactorAuthTestSuite(t *testing.T) {
|
|
|
|
|
suite.Run(t, new(BrowserExtensionTwoFactorAuthTestSuite))
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
type BrowserExtensionTwoFactorAuthTestSuite struct {
|
|
|
|
|
suite.Suite
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (s *BrowserExtensionTwoFactorAuthTestSuite) SetupTest() {
|
2023-10-24 09:27:34 +02:00
|
|
|
tests.RemoveAllMobileDevices(s.T())
|
|
|
|
|
tests.RemoveAllBrowserExtensions(s.T())
|
|
|
|
|
tests.RemoveAllBrowserExtensionsDevices(s.T())
|
2023-04-11 23:18:47 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (s *BrowserExtensionTwoFactorAuthTestSuite) TestRequest2FaToken() {
|
|
|
|
|
browserExtension := tests.CreateBrowserExtension(s.T(), "go-ext")
|
2022-12-31 10:22:38 +01:00
|
|
|
|
|
|
|
|
var tokenRequest *tests.AuthTokenRequestResponse
|
|
|
|
|
request2FaTokenPayload := []byte(`{"domain":"https://facebook.com/path/nested"}`)
|
2023-10-24 09:27:34 +02:00
|
|
|
tests.DoAPISuccessPost(s.T(), "browser_extensions/"+browserExtension.Id+"/commands/request_2fa_token", request2FaTokenPayload, &tokenRequest)
|
2022-12-31 10:22:38 +01:00
|
|
|
|
2023-04-11 23:18:47 +02:00
|
|
|
assert.Equal(s.T(), browserExtension.Id, tokenRequest.ExtensionId)
|
2022-12-31 10:22:38 +01:00
|
|
|
|
|
|
|
|
var tokenRequestById *tests.AuthTokenRequestResponse
|
2023-10-24 09:27:34 +02:00
|
|
|
tests.DoAPISuccessGet(s.T(), "browser_extensions/"+browserExtension.Id+"/2fa_requests/"+tokenRequest.Id, &tokenRequestById)
|
2023-04-11 23:18:47 +02:00
|
|
|
assert.Equal(s.T(), tokenRequest.Id, tokenRequestById.Id)
|
|
|
|
|
assert.Equal(s.T(), "https://facebook.com", tokenRequestById.Domain)
|
2022-12-31 10:22:38 +01:00
|
|
|
}
|
|
|
|
|
|
2023-04-11 23:18:47 +02:00
|
|
|
func (s *BrowserExtensionTwoFactorAuthTestSuite) TestFindAll2FaRequestsForBrowserExtension() {
|
|
|
|
|
browserExtension := tests.CreateBrowserExtension(s.T(), "go-ext")
|
2022-12-31 10:22:38 +01:00
|
|
|
|
|
|
|
|
facebook2FaTokenRequest := []byte(`{"domain":"facebook.com"}`)
|
2023-10-24 09:27:34 +02:00
|
|
|
tests.DoAPISuccessPost(s.T(), "browser_extensions/"+browserExtension.Id+"/commands/request_2fa_token", facebook2FaTokenRequest, nil)
|
2022-12-31 10:22:38 +01:00
|
|
|
|
|
|
|
|
google2FaTokenRequest := []byte(`{"domain":"google.com"}`)
|
2023-10-24 09:27:34 +02:00
|
|
|
tests.DoAPISuccessPost(s.T(), "browser_extensions/"+browserExtension.Id+"/commands/request_2fa_token", google2FaTokenRequest, nil)
|
2022-12-31 10:22:38 +01:00
|
|
|
|
|
|
|
|
var tokenRequestsCollection []*tests.AuthTokenRequestResponse
|
2023-10-24 09:27:34 +02:00
|
|
|
tests.DoAPISuccessGet(s.T(), "browser_extensions/"+browserExtension.Id+"/2fa_requests", &tokenRequestsCollection)
|
2022-12-31 10:22:38 +01:00
|
|
|
|
2023-04-11 23:18:47 +02:00
|
|
|
assert.Len(s.T(), tokenRequestsCollection, 2)
|
2022-12-31 10:22:38 +01:00
|
|
|
}
|
|
|
|
|
|
2023-04-11 23:18:47 +02:00
|
|
|
func (s *BrowserExtensionTwoFactorAuthTestSuite) TestClose2FaTokenRequest() {
|
2022-12-31 10:22:38 +01:00
|
|
|
var tokenRequest *tests.AuthTokenRequestResponse
|
2023-04-11 23:18:47 +02:00
|
|
|
browserExtension := tests.CreateBrowserExtension(s.T(), "go-ext")
|
2022-12-31 10:22:38 +01:00
|
|
|
tokenRequestPayload := []byte(`{"domain":"facebook.com"}`)
|
2023-10-24 09:27:34 +02:00
|
|
|
tests.DoAPISuccessPost(s.T(), "browser_extensions/"+browserExtension.Id+"/commands/request_2fa_token", tokenRequestPayload, &tokenRequest)
|
2022-12-31 10:22:38 +01:00
|
|
|
closeTokenRequestPayload := []byte(`{"status":"completed"}`)
|
2023-10-24 09:27:34 +02:00
|
|
|
tests.DoAPISuccessPost(s.T(), "browser_extensions/"+browserExtension.Id+"/2fa_requests/"+tokenRequest.Id+"/commands/close_2fa_request", closeTokenRequestPayload, nil)
|
2022-12-31 10:22:38 +01:00
|
|
|
|
|
|
|
|
var closedTokenRequest *tests.AuthTokenRequestResponse
|
2023-10-24 09:27:34 +02:00
|
|
|
tests.DoAPISuccessGet(s.T(), "browser_extensions/"+browserExtension.Id+"/2fa_requests/"+tokenRequest.Id, &closedTokenRequest)
|
2023-04-11 23:18:47 +02:00
|
|
|
assert.Equal(s.T(), "completed", closedTokenRequest.Status)
|
2022-12-31 10:22:38 +01:00
|
|
|
}
|
|
|
|
|
|
2023-04-11 23:18:47 +02:00
|
|
|
func (s *BrowserExtensionTwoFactorAuthTestSuite) TestCloseNotExisting2FaTokenRequest() {
|
2022-12-31 10:22:38 +01:00
|
|
|
notExistingTokenRequestId := uuid.New()
|
2023-04-11 23:18:47 +02:00
|
|
|
browserExtension := tests.CreateBrowserExtension(s.T(), "go-ext")
|
2022-12-31 10:22:38 +01:00
|
|
|
|
|
|
|
|
closeTokenRequestPayload := []byte(`{"status":"completed"}`)
|
2023-10-24 09:27:34 +02:00
|
|
|
tests.DoAPIPostAndAssertCode(s.T(), 404, "browser_extensions/"+browserExtension.Id+"/2fa_requests/"+notExistingTokenRequestId.String()+"/commands/close_2fa_request", closeTokenRequestPayload, nil)
|
2022-12-31 10:22:38 +01:00
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
2023-04-11 23:18:47 +02:00
|
|
|
func (s *BrowserExtensionTwoFactorAuthTestSuite) TestDoNotReturnClosed2FaRequests() {
|
2022-12-31 10:22:38 +01:00
|
|
|
var tokenRequest *tests.AuthTokenRequestResponse
|
2023-04-11 23:18:47 +02:00
|
|
|
browserExtension := tests.CreateBrowserExtension(s.T(), "go-ext")
|
2022-12-31 10:22:38 +01:00
|
|
|
tokenRequestPayload := []byte(`{"domain":"facebook.com"}`)
|
2023-10-24 09:27:34 +02:00
|
|
|
tests.DoAPISuccessPost(s.T(), "browser_extensions/"+browserExtension.Id+"/commands/request_2fa_token", tokenRequestPayload, &tokenRequest)
|
2022-12-31 10:22:38 +01:00
|
|
|
|
|
|
|
|
closeTokenRequestPayload := []byte(`{"status":"completed"}`)
|
2023-10-24 09:27:34 +02:00
|
|
|
tests.DoAPISuccessPost(s.T(), "browser_extensions/"+browserExtension.Id+"/2fa_requests/"+tokenRequest.Id+"/commands/close_2fa_request", closeTokenRequestPayload, nil)
|
2022-12-31 10:22:38 +01:00
|
|
|
|
|
|
|
|
var response []*tests.AuthTokenRequestResponse
|
2023-10-24 09:27:34 +02:00
|
|
|
tests.DoAPISuccessGet(s.T(), "browser_extensions/"+browserExtension.Id+"/2fa_requests", &response)
|
2023-04-11 23:18:47 +02:00
|
|
|
assert.Len(s.T(), response, 0)
|
2022-12-31 10:22:38 +01:00
|
|
|
}
|
|
|
|
|
|
2023-04-11 23:18:47 +02:00
|
|
|
func (s *BrowserExtensionTwoFactorAuthTestSuite) TestTerminate2FaRequest() {
|
2022-12-31 10:22:38 +01:00
|
|
|
var tokenRequest *tests.AuthTokenRequestResponse
|
2023-04-11 23:18:47 +02:00
|
|
|
browserExtension := tests.CreateBrowserExtension(s.T(), "go-ext")
|
2022-12-31 10:22:38 +01:00
|
|
|
tokenRequestPayload := []byte(`{"domain":"facebook.com"}`)
|
2023-10-24 09:27:34 +02:00
|
|
|
tests.DoAPISuccessPost(s.T(), "browser_extensions/"+browserExtension.Id+"/commands/request_2fa_token", tokenRequestPayload, &tokenRequest)
|
2022-12-31 10:22:38 +01:00
|
|
|
|
|
|
|
|
closeTokenRequestPayload := []byte(`{"status":"terminated"}`)
|
2023-10-24 09:27:34 +02:00
|
|
|
tests.DoAPISuccessPost(s.T(), "browser_extensions/"+browserExtension.Id+"/2fa_requests/"+tokenRequest.Id+"/commands/close_2fa_request", closeTokenRequestPayload, nil)
|
2022-12-31 10:22:38 +01:00
|
|
|
|
|
|
|
|
var response *tests.AuthTokenRequestResponse
|
2023-10-24 09:27:34 +02:00
|
|
|
tests.DoAPISuccessGet(s.T(), "browser_extensions/"+browserExtension.Id+"/2fa_requests/"+tokenRequest.Id, &response)
|
2023-04-11 23:18:47 +02:00
|
|
|
assert.Equal(s.T(), "terminated", response.Status)
|
2022-12-31 10:22:38 +01:00
|
|
|
}
|
|
|
|
|
|
2023-04-11 23:18:47 +02:00
|
|
|
func (s *BrowserExtensionTwoFactorAuthTestSuite) TestClose2FaRequest() {
|
|
|
|
|
device, devicePubKey := tests.CreateDevice(s.T(), "SM-955F", "fcm-token")
|
|
|
|
|
browserExtension := tests.CreateBrowserExtension(s.T(), "go-ext")
|
|
|
|
|
tests.PairDeviceWithBrowserExtension(s.T(), devicePubKey, browserExtension, device)
|
2022-12-31 10:22:38 +01:00
|
|
|
|
|
|
|
|
var tokenRequest *tests.AuthTokenRequestResponse
|
|
|
|
|
request2FaTokenPayload := []byte(`{"domain":"domain.com"}`)
|
2023-10-24 09:27:34 +02:00
|
|
|
tests.DoAPISuccessPost(s.T(), "browser_extensions/"+browserExtension.Id+"/commands/request_2fa_token", request2FaTokenPayload, &tokenRequest)
|
2022-12-31 10:22:38 +01:00
|
|
|
|
|
|
|
|
closeTokenRequestPayload := []byte(`{"status":"completed"}`)
|
2023-10-24 09:27:34 +02:00
|
|
|
tests.DoAPISuccessPost(s.T(), "browser_extensions/"+browserExtension.Id+"/2fa_requests/"+tokenRequest.Id+"/commands/close_2fa_request", closeTokenRequestPayload, nil)
|
2022-12-31 10:22:38 +01:00
|
|
|
|
|
|
|
|
var closedTokenRequest *tests.AuthTokenRequestResponse
|
2023-10-24 09:27:34 +02:00
|
|
|
tests.DoAPISuccessGet(s.T(), "browser_extensions/"+browserExtension.Id+"/2fa_requests/"+tokenRequest.Id, &closedTokenRequest)
|
2023-04-11 23:18:47 +02:00
|
|
|
assert.Equal(s.T(), "completed", closedTokenRequest.Status)
|
2022-12-31 10:22:38 +01:00
|
|
|
}
|
