github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-05-30 07:11:34 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

DEV: Apply syntax_tree formatting to spec/*

Browse Source
This commit is contained in:
David Taylor
2023-01-09 11:18:21 +00:00
parent 0cf6421716
commit cb932d6ee1
907 changed files with 58693 additions and 45909 deletions
Download Patch File Download Diff File Expand all files Collapse all files

219
spec/lib/concern/second_factor_manager_spec.rb
View File

@ -8,29 +8,31 @@ RSpec.describe SecondFactorManager do
:user_security_key,
user: user,
public_key: valid_security_key_data[:public_key],
credential_id: valid_security_key_data[:credential_id]
credential_id: valid_security_key_data[:credential_id],
)
end
fab!(:another_user) { Fabricate(:user) }
fab!(:user_second_factor_backup) { Fabricate(:user_second_factor_backup) }
let(:user_backup) { user_second_factor_backup.user }
let(:user_backup) { user_second_factor_backup.user }
describe '#totp' do
it 'should return the right data' do
describe "#totp" do
it "should return the right data" do
totp = nil
expect do
totp = another_user.create_totp(enabled: true)
end.to change { UserSecondFactor.count }.by(1)
expect do totp = another_user.create_totp(enabled: true) end.to change {
UserSecondFactor.count
}.by(1)
expect(totp.totp_object.issuer).to eq(SiteSetting.title)
expect(totp.totp_object.secret).to eq(another_user.reload.user_second_factors.totps.first.data)
expect(totp.totp_object.secret).to eq(
another_user.reload.user_second_factors.totps.first.data,
)
end
end
describe '#create_totp' do
it 'should create the right record' do
describe "#create_totp" do
it "should create the right record" do
second_factor = another_user.create_totp(enabled: true)
expect(second_factor.method).to eq(UserSecondFactor.methods[:totp])
@ -39,28 +41,28 @@ RSpec.describe SecondFactorManager do
end
end
describe '#totp_provisioning_uri' do
it 'should return the right uri' do
describe "#totp_provisioning_uri" do
it "should return the right uri" do
expect(user.user_second_factors.totps.first.totp_provisioning_uri).to eq(
"otpauth://totp/#{SiteSetting.title}:#{ERB::Util.url_encode(user.email)}?secret=#{user_second_factor_totp.data}&issuer=#{SiteSetting.title}"
"otpauth://totp/#{SiteSetting.title}:#{ERB::Util.url_encode(user.email)}?secret=#{user_second_factor_totp.data}&issuer=#{SiteSetting.title}",
)
end
it 'should handle a colon in the site title' do
SiteSetting.title = 'Spaceballs: The Discourse'
it "should handle a colon in the site title" do
SiteSetting.title = "Spaceballs: The Discourse"
expect(user.user_second_factors.totps.first.totp_provisioning_uri).to eq(
"otpauth://totp/Spaceballs%20The%20Discourse:#{ERB::Util.url_encode(user.email)}?secret=#{user_second_factor_totp.data}&issuer=Spaceballs%20The%20Discourse"
"otpauth://totp/Spaceballs%20The%20Discourse:#{ERB::Util.url_encode(user.email)}?secret=#{user_second_factor_totp.data}&issuer=Spaceballs%20The%20Discourse",
)
end
it 'should handle a two words before a colon in the title' do
SiteSetting.title = 'Our Spaceballs: The Discourse'
it "should handle a two words before a colon in the title" do
SiteSetting.title = "Our Spaceballs: The Discourse"
expect(user.user_second_factors.totps.first.totp_provisioning_uri).to eq(
"otpauth://totp/Our%20Spaceballs%20The%20Discourse:#{ERB::Util.url_encode(user.email)}?secret=#{user_second_factor_totp.data}&issuer=Our%20Spaceballs%20The%20Discourse"
"otpauth://totp/Our%20Spaceballs%20The%20Discourse:#{ERB::Util.url_encode(user.email)}?secret=#{user_second_factor_totp.data}&issuer=Our%20Spaceballs%20The%20Discourse",
)
end
end
describe '#authenticate_totp' do
it 'should be able to authenticate a token' do
describe "#authenticate_totp" do
it "should be able to authenticate a token" do
freeze_time do
expect(user.user_second_factors.totps.first.last_used).to eq(nil)
@ -72,52 +74,52 @@ RSpec.describe SecondFactorManager do
end
end
describe 'when token is blank' do
it 'should be false' do
describe "when token is blank" do
it "should be false" do
expect(user.authenticate_totp(nil)).to eq(false)
expect(user.user_second_factors.totps.first.last_used).to eq(nil)
end
end
describe 'when token is invalid' do
it 'should be false' do
expect(user.authenticate_totp('111111')).to eq(false)
describe "when token is invalid" do
it "should be false" do
expect(user.authenticate_totp("111111")).to eq(false)
expect(user.user_second_factors.totps.first.last_used).to eq(nil)
end
end
end
describe '#totp_enabled?' do
describe 'when user does not have a second factor record' do
it 'should return false' do
describe "#totp_enabled?" do
describe "when user does not have a second factor record" do
it "should return false" do
expect(another_user.totp_enabled?).to eq(false)
end
end
describe "when user's second factor record is disabled" do
it 'should return false' do
it "should return false" do
disable_totp
expect(user.totp_enabled?).to eq(false)
end
end
describe "when user's second factor record is enabled" do
it 'should return true' do
it "should return true" do
expect(user.totp_enabled?).to eq(true)
end
end
describe 'when SSO is enabled' do
it 'should return false' do
SiteSetting.discourse_connect_url = 'http://someurl.com'
describe "when SSO is enabled" do
it "should return false" do
SiteSetting.discourse_connect_url = "http://someurl.com"
SiteSetting.enable_discourse_connect = true
expect(user.totp_enabled?).to eq(false)
end
end
describe 'when local login is disabled' do
it 'should return false' do
describe "when local login is disabled" do
it "should return false" do
SiteSetting.enable_local_logins = false
expect(user.totp_enabled?).to eq(false)
@ -166,9 +168,7 @@ RSpec.describe SecondFactorManager do
let(:secure_session) { {} }
context "when neither security keys nor totp/backup codes are enabled" do
before do
disable_security_key && disable_totp
end
before { disable_security_key && disable_totp }
it "returns OK, because it doesn't need to authenticate" do
expect(user.authenticate_second_factor(params, secure_session).ok).to eq(true)
end
@ -186,13 +186,20 @@ RSpec.describe SecondFactorManager do
end
context "when security key params are valid" do
let(:params) { { second_factor_token: valid_security_key_auth_post_data, second_factor_method: UserSecondFactor.methods[:security_key] } }
let(:params) do
{
second_factor_token: valid_security_key_auth_post_data,
second_factor_method: UserSecondFactor.methods[:security_key],
}
end
it "returns OK" do
expect(user.authenticate_second_factor(params, secure_session).ok).to eq(true)
end
it "sets used_2fa_method to security keys" do
expect(user.authenticate_second_factor(params, secure_session).used_2fa_method).to eq(UserSecondFactor.methods[:security_key])
expect(user.authenticate_second_factor(params, secure_session).used_2fa_method).to eq(
UserSecondFactor.methods[:security_key],
)
end
end
@ -200,12 +207,12 @@ RSpec.describe SecondFactorManager do
let(:params) do
{
second_factor_token: {
signature: 'bad',
clientData: 'bad',
authenticatorData: 'bad',
credentialId: 'bad'
signature: "bad",
clientData: "bad",
authenticatorData: "bad",
credentialId: "bad",
},
second_factor_method: UserSecondFactor.methods[:security_key]
second_factor_method: UserSecondFactor.methods[:security_key],
}
end
it "returns not OK" do
@ -218,15 +225,13 @@ RSpec.describe SecondFactorManager do
end
context "when only totp is enabled" do
before do
disable_security_key
end
before { disable_security_key }
context "when totp is valid" do
let(:params) do
{
second_factor_token: user.user_second_factors.totps.first.totp_object.now,
second_factor_method: UserSecondFactor.methods[:totp]
second_factor_method: UserSecondFactor.methods[:totp],
}
end
it "returns OK" do
@ -234,16 +239,15 @@ RSpec.describe SecondFactorManager do
end
it "sets used_2fa_method to totp" do
expect(user.authenticate_second_factor(params, secure_session).used_2fa_method).to eq(UserSecondFactor.methods[:totp])
expect(user.authenticate_second_factor(params, secure_session).used_2fa_method).to eq(
UserSecondFactor.methods[:totp],
)
end
end
context "when totp is invalid" do
let(:params) do
{
second_factor_token: "blah",
second_factor_method: UserSecondFactor.methods[:totp]
}
{ second_factor_token: "blah", second_factor_method: UserSecondFactor.methods[:totp] }
end
it "returns not OK" do
result = user.authenticate_second_factor(params, secure_session)
@ -277,26 +281,21 @@ RSpec.describe SecondFactorManager do
let(:token) { user.user_second_factors.totps.first.totp_object.now }
context "when totp params are provided" do
let(:params) do
{
second_factor_token: token,
second_factor_method: method
}
end
let(:params) { { second_factor_token: token, second_factor_method: method } }
it "validates totp OK" do
expect(user.authenticate_second_factor(params, secure_session).ok).to eq(true)
end
it "sets used_2fa_method to totp" do
expect(user.authenticate_second_factor(params, secure_session).used_2fa_method).to eq(UserSecondFactor.methods[:totp])
expect(user.authenticate_second_factor(params, secure_session).used_2fa_method).to eq(
UserSecondFactor.methods[:totp],
)
end
context "when the user does not have TOTP enabled" do
let(:token) { 'test' }
before do
user.totps.destroy_all
end
let(:token) { "test" }
before { user.totps.destroy_all }
it "returns an error" do
result = user.authenticate_second_factor(params, secure_session)
@ -317,19 +316,21 @@ RSpec.describe SecondFactorManager do
end
context "when security key params are valid" do
let(:params) { { second_factor_token: valid_security_key_auth_post_data, second_factor_method: method } }
let(:params) do
{ second_factor_token: valid_security_key_auth_post_data, second_factor_method: method }
end
it "returns OK" do
expect(user.authenticate_second_factor(params, secure_session).ok).to eq(true)
end
it "sets used_2fa_method to security keys" do
expect(user.authenticate_second_factor(params, secure_session).used_2fa_method).to eq(UserSecondFactor.methods[:security_key])
expect(user.authenticate_second_factor(params, secure_session).used_2fa_method).to eq(
UserSecondFactor.methods[:security_key],
)
end
context "when the user does not have security keys enabled" do
before do
user.security_keys.destroy_all
end
before { user.security_keys.destroy_all }
it "returns an error" do
result = user.authenticate_second_factor(params, secure_session)
@ -347,10 +348,7 @@ RSpec.describe SecondFactorManager do
context "when backup code params are provided" do
let(:params) do
{
second_factor_token: 'iAmValidBackupCode',
second_factor_method: method
}
{ second_factor_token: "iAmValidBackupCode", second_factor_method: method }
end
context "when backup codes enabled" do
@ -359,14 +357,14 @@ RSpec.describe SecondFactorManager do
end
it "sets used_2fa_method to backup codes" do
expect(user.authenticate_second_factor(params, secure_session).used_2fa_method).to eq(UserSecondFactor.methods[:backup_codes])
expect(user.authenticate_second_factor(params, secure_session).used_2fa_method).to eq(
UserSecondFactor.methods[:backup_codes],
)
end
end
context "when backup codes disabled" do
before do
user.user_second_factors.backup_codes.destroy_all
end
before { user.user_second_factors.backup_codes.destroy_all }
it "returns an error" do
result = user.authenticate_second_factor(params, secure_session)
@ -379,14 +377,21 @@ RSpec.describe SecondFactorManager do
end
context "when no totp params are provided" do
let(:params) { { second_factor_token: valid_security_key_auth_post_data, second_factor_method: UserSecondFactor.methods[:security_key] } }
let(:params) do
{
second_factor_token: valid_security_key_auth_post_data,
second_factor_method: UserSecondFactor.methods[:security_key],
}
end
it "validates the security key OK" do
expect(user.authenticate_second_factor(params, secure_session).ok).to eq(true)
end
it "sets used_2fa_method to security keys" do
expect(user.authenticate_second_factor(params, secure_session).used_2fa_method).to eq(UserSecondFactor.methods[:security_key])
expect(user.authenticate_second_factor(params, secure_session).used_2fa_method).to eq(
UserSecondFactor.methods[:security_key],
)
end
end
@ -394,7 +399,7 @@ RSpec.describe SecondFactorManager do
let(:params) do
{
second_factor_token: user.user_second_factors.totps.first.totp_object.now,
second_factor_method: UserSecondFactor.methods[:totp]
second_factor_method: UserSecondFactor.methods[:totp],
}
end
@ -403,26 +408,30 @@ RSpec.describe SecondFactorManager do
end
it "sets used_2fa_method to totp" do
expect(user.authenticate_second_factor(params, secure_session).used_2fa_method).to eq(UserSecondFactor.methods[:totp])
expect(user.authenticate_second_factor(params, secure_session).used_2fa_method).to eq(
UserSecondFactor.methods[:totp],
)
end
end
end
end
describe 'backup codes' do
describe '#generate_backup_codes' do
it 'should generate and store 10 backup codes' do
describe "backup codes" do
describe "#generate_backup_codes" do
it "should generate and store 10 backup codes" do
backup_codes = user.generate_backup_codes
expect(backup_codes.length).to be 10
expect(user_backup.user_second_factors.backup_codes).to be_present
expect(user_backup.user_second_factors.backup_codes.pluck(:method).uniq[0]).to eq(UserSecondFactor.methods[:backup_codes])
expect(user_backup.user_second_factors.backup_codes.pluck(:method).uniq[0]).to eq(
UserSecondFactor.methods[:backup_codes],
)
expect(user_backup.user_second_factors.backup_codes.pluck(:enabled).uniq[0]).to eq(true)
end
end
describe '#create_backup_codes' do
it 'should create 10 backup code records' do
describe "#create_backup_codes" do
it "should create 10 backup code records" do
raw_codes = Array.new(10) { SecureRandom.hex(8) }
backup_codes = another_user.create_backup_codes(raw_codes)
@ -430,58 +439,58 @@ RSpec.describe SecondFactorManager do
end
end
describe '#authenticate_backup_code' do
it 'should be able to authenticate a backup code' do
describe "#authenticate_backup_code" do
it "should be able to authenticate a backup code" do
backup_code = "iAmValidBackupCode"
expect(user_backup.authenticate_backup_code(backup_code)).to eq(true)
expect(user_backup.authenticate_backup_code(backup_code)).to eq(false)
end
describe 'when code is blank' do
it 'should be false' do
describe "when code is blank" do
it "should be false" do
expect(user_backup.authenticate_backup_code(nil)).to eq(false)
end
end
describe 'when code is invalid' do
it 'should be false' do
describe "when code is invalid" do
it "should be false" do
expect(user_backup.authenticate_backup_code("notValidBackupCode")).to eq(false)
end
end
end
describe '#backup_codes_enabled?' do
describe 'when user does not have a second factor backup enabled' do
it 'should return false' do
describe "#backup_codes_enabled?" do
describe "when user does not have a second factor backup enabled" do
it "should return false" do
expect(another_user.backup_codes_enabled?).to eq(false)
end
end
describe "when user's second factor backup codes have been used" do
it 'should return false' do
it "should return false" do
user_backup.user_second_factors.backup_codes.update_all(enabled: false)
expect(user_backup.backup_codes_enabled?).to eq(false)
end
end
describe "when user's second factor code is available" do
it 'should return true' do
it "should return true" do
expect(user_backup.backup_codes_enabled?).to eq(true)
end
end
describe 'when SSO is enabled' do
it 'should return false' do
SiteSetting.discourse_connect_url = 'http://someurl.com'
describe "when SSO is enabled" do
it "should return false" do
SiteSetting.discourse_connect_url = "http://someurl.com"
SiteSetting.enable_discourse_connect = true
expect(user_backup.backup_codes_enabled?).to eq(false)
end
end
describe 'when local login is disabled' do
it 'should return false' do
describe "when local login is disabled" do
it "should return false" do
SiteSetting.enable_local_logins = false
expect(user_backup.backup_codes_enabled?).to eq(false)