aboutsummaryrefslogtreecommitdiffhomepage
path: root/tests
diff options
context:
space:
mode:
authorJeremy Benoist <jeremy.benoist@gmail.com>2018-12-02 12:43:05 +0100
committerJeremy Benoist <jeremy.benoist@gmail.com>2019-01-23 13:28:02 +0100
commita6b242a1fd6f8900d80354361449f1bf62506ef9 (patch)
treef69d87208d0ebbdb8517529582280b174af74a16 /tests
parentacd4412080dfb73ecaa7f9983728d1d55bc27ea4 (diff)
downloadwallabag-a6b242a1fd6f8900d80354361449f1bf62506ef9.tar.gz
wallabag-a6b242a1fd6f8900d80354361449f1bf62506ef9.tar.zst
wallabag-a6b242a1fd6f8900d80354361449f1bf62506ef9.zip
Enable OTP 2FA
- Update SchebTwoFactorBundle to version 3 - Enable Google 2fa on the bundle - Disallow ability to use both email and google as 2fa - Update Ocramius Proxy Manager to handle typed function & attributes (from PHP 7) - use `$this->addFlash` shortcut instead of `$this->get('session')->getFlashBag()->add` - update admin to be able to create/reset the 2fa
Diffstat (limited to 'tests')
-rw-r--r--tests/Wallabag/CoreBundle/Command/ShowUserCommandTest.php3
-rw-r--r--tests/Wallabag/CoreBundle/Controller/ConfigControllerTest.php113
-rw-r--r--tests/Wallabag/CoreBundle/Controller/SecurityControllerTest.php28
-rw-r--r--tests/Wallabag/UserBundle/Mailer/AuthCodeMailerTest.php2
4 files changed, 136 insertions, 10 deletions
diff --git a/tests/Wallabag/CoreBundle/Command/ShowUserCommandTest.php b/tests/Wallabag/CoreBundle/Command/ShowUserCommandTest.php
index 9b34f2a0..ed383a2c 100644
--- a/tests/Wallabag/CoreBundle/Command/ShowUserCommandTest.php
+++ b/tests/Wallabag/CoreBundle/Command/ShowUserCommandTest.php
@@ -59,7 +59,8 @@ class ShowUserCommandTest extends WallabagCoreTestCase
59 $this->assertContains('Username: admin', $tester->getDisplay()); 59 $this->assertContains('Username: admin', $tester->getDisplay());
60 $this->assertContains('Email: bigboss@wallabag.org', $tester->getDisplay()); 60 $this->assertContains('Email: bigboss@wallabag.org', $tester->getDisplay());
61 $this->assertContains('Display name: Big boss', $tester->getDisplay()); 61 $this->assertContains('Display name: Big boss', $tester->getDisplay());
62 $this->assertContains('2FA activated: no', $tester->getDisplay()); 62 $this->assertContains('2FA (email) activated', $tester->getDisplay());
63 $this->assertContains('2FA (OTP) activated', $tester->getDisplay());
63 } 64 }
64 65
65 public function testShowUser() 66 public function testShowUser()
diff --git a/tests/Wallabag/CoreBundle/Controller/ConfigControllerTest.php b/tests/Wallabag/CoreBundle/Controller/ConfigControllerTest.php
index c9dbbaa3..9ca52c64 100644
--- a/tests/Wallabag/CoreBundle/Controller/ConfigControllerTest.php
+++ b/tests/Wallabag/CoreBundle/Controller/ConfigControllerTest.php
@@ -297,6 +297,119 @@ class ConfigControllerTest extends WallabagCoreTestCase
297 $this->assertContains('flashes.config.notice.user_updated', $alert[0]); 297 $this->assertContains('flashes.config.notice.user_updated', $alert[0]);
298 } 298 }
299 299
300 public function testUserEnable2faEmail()
301 {
302 $this->logInAs('admin');
303 $client = $this->getClient();
304
305 $crawler = $client->request('GET', '/config');
306
307 $this->assertSame(200, $client->getResponse()->getStatusCode());
308
309 $form = $crawler->filter('button[id=update_user_save]')->form();
310
311 $data = [
312 'update_user[emailTwoFactor]' => '1',
313 ];
314
315 $client->submit($form, $data);
316
317 $this->assertSame(302, $client->getResponse()->getStatusCode());
318
319 $crawler = $client->followRedirect();
320
321 $this->assertGreaterThan(1, $alert = $crawler->filter('body')->extract(['_text']));
322 $this->assertContains('flashes.config.notice.user_updated', $alert[0]);
323
324 // restore user
325 $em = $this->getEntityManager();
326 $user = $em
327 ->getRepository('WallabagUserBundle:User')
328 ->findOneByUsername('admin');
329
330 $this->assertTrue($user->isEmailTwoFactor());
331
332 $user->setEmailTwoFactor(false);
333 $em->persist($user);
334 $em->flush();
335 }
336
337 public function testUserEnable2faGoogle()
338 {
339 $this->logInAs('admin');
340 $client = $this->getClient();
341
342 $crawler = $client->request('GET', '/config');
343
344 $this->assertSame(200, $client->getResponse()->getStatusCode());
345
346 $form = $crawler->filter('button[id=update_user_save]')->form();
347
348 $data = [
349 'update_user[googleTwoFactor]' => '1',
350 ];
351
352 $client->submit($form, $data);
353
354 $this->assertSame(302, $client->getResponse()->getStatusCode());
355
356 $crawler = $client->followRedirect();
357
358 $this->assertGreaterThan(1, $alert = $crawler->filter('body')->extract(['_text']));
359 $this->assertContains('flashes.config.notice.user_updated', $alert[0]);
360
361 // restore user
362 $em = $this->getEntityManager();
363 $user = $em
364 ->getRepository('WallabagUserBundle:User')
365 ->findOneByUsername('admin');
366
367 $this->assertTrue($user->isGoogleAuthenticatorEnabled());
368
369 $user->setGoogleAuthenticatorSecret(null);
370 $em->persist($user);
371 $em->flush();
372 }
373
374 public function testUserEnable2faBoth()
375 {
376 $this->logInAs('admin');
377 $client = $this->getClient();
378
379 $crawler = $client->request('GET', '/config');
380
381 $this->assertSame(200, $client->getResponse()->getStatusCode());
382
383 $form = $crawler->filter('button[id=update_user_save]')->form();
384
385 $data = [
386 'update_user[googleTwoFactor]' => '1',
387 'update_user[emailTwoFactor]' => '1',
388 ];
389
390 $client->submit($form, $data);
391
392 $this->assertSame(302, $client->getResponse()->getStatusCode());
393
394 $crawler = $client->followRedirect();
395
396 $this->assertGreaterThan(1, $alert = $crawler->filter('body')->extract(['_text']));
397 $this->assertContains('flashes.config.notice.user_updated', $alert[0]);
398
399 // restore user
400 $em = $this->getEntityManager();
401 $user = $em
402 ->getRepository('WallabagUserBundle:User')
403 ->findOneByUsername('admin');
404
405 $this->assertTrue($user->isGoogleAuthenticatorEnabled());
406 $this->assertFalse($user->isEmailTwoFactor());
407
408 $user->setGoogleAuthenticatorSecret(null);
409 $em->persist($user);
410 $em->flush();
411 }
412
300 public function testRssUpdateResetToken() 413 public function testRssUpdateResetToken()
301 { 414 {
302 $this->logInAs('admin'); 415 $this->logInAs('admin');
diff --git a/tests/Wallabag/CoreBundle/Controller/SecurityControllerTest.php b/tests/Wallabag/CoreBundle/Controller/SecurityControllerTest.php
index 395208a2..b03c7550 100644
--- a/tests/Wallabag/CoreBundle/Controller/SecurityControllerTest.php
+++ b/tests/Wallabag/CoreBundle/Controller/SecurityControllerTest.php
@@ -26,7 +26,7 @@ class SecurityControllerTest extends WallabagCoreTestCase
26 $this->assertContains('config.form_rss.description', $crawler->filter('body')->extract(['_text'])[0]); 26 $this->assertContains('config.form_rss.description', $crawler->filter('body')->extract(['_text'])[0]);
27 } 27 }
28 28
29 public function testLoginWith2Factor() 29 public function testLoginWith2FactorEmail()
30 { 30 {
31 $client = $this->getClient(); 31 $client = $this->getClient();
32 32
@@ -42,7 +42,7 @@ class SecurityControllerTest extends WallabagCoreTestCase
42 $user = $em 42 $user = $em
43 ->getRepository('WallabagUserBundle:User') 43 ->getRepository('WallabagUserBundle:User')
44 ->findOneByUsername('admin'); 44 ->findOneByUsername('admin');
45 $user->setTwoFactorAuthentication(true); 45 $user->setEmailTwoFactor(true);
46 $em->persist($user); 46 $em->persist($user);
47 $em->flush(); 47 $em->flush();
48 48
@@ -54,12 +54,12 @@ class SecurityControllerTest extends WallabagCoreTestCase
54 $user = $em 54 $user = $em
55 ->getRepository('WallabagUserBundle:User') 55 ->getRepository('WallabagUserBundle:User')
56 ->findOneByUsername('admin'); 56 ->findOneByUsername('admin');
57 $user->setTwoFactorAuthentication(false); 57 $user->setEmailTwoFactor(false);
58 $em->persist($user); 58 $em->persist($user);
59 $em->flush(); 59 $em->flush();
60 } 60 }
61 61
62 public function testTrustedComputer() 62 public function testLoginWith2FactorGoogle()
63 { 63 {
64 $client = $this->getClient(); 64 $client = $this->getClient();
65 65
@@ -69,15 +69,27 @@ class SecurityControllerTest extends WallabagCoreTestCase
69 return; 69 return;
70 } 70 }
71 71
72 $client->followRedirects();
73
72 $em = $client->getContainer()->get('doctrine.orm.entity_manager'); 74 $em = $client->getContainer()->get('doctrine.orm.entity_manager');
73 $user = $em 75 $user = $em
74 ->getRepository('WallabagUserBundle:User') 76 ->getRepository('WallabagUserBundle:User')
75 ->findOneByUsername('admin'); 77 ->findOneByUsername('admin');
78 $user->setGoogleAuthenticatorSecret('26LDIHYGHNELOQEM');
79 $em->persist($user);
80 $em->flush();
81
82 $this->logInAsUsingHttp('admin');
83 $crawler = $client->request('GET', '/config');
84 $this->assertContains('scheb_two_factor.trusted', $crawler->filter('body')->extract(['_text'])[0]);
76 85
77 $date = new \DateTime(); 86 // restore user
78 $user->addTrustedComputer('ABCDEF', $date->add(new \DateInterval('P1M'))); 87 $user = $em
79 $this->assertTrue($user->isTrustedComputer('ABCDEF')); 88 ->getRepository('WallabagUserBundle:User')
80 $this->assertFalse($user->isTrustedComputer('FEDCBA')); 89 ->findOneByUsername('admin');
90 $user->setGoogleAuthenticatorSecret(null);
91 $em->persist($user);
92 $em->flush();
81 } 93 }
82 94
83 public function testEnabledRegistration() 95 public function testEnabledRegistration()
diff --git a/tests/Wallabag/UserBundle/Mailer/AuthCodeMailerTest.php b/tests/Wallabag/UserBundle/Mailer/AuthCodeMailerTest.php
index e34e13a8..1713c10c 100644
--- a/tests/Wallabag/UserBundle/Mailer/AuthCodeMailerTest.php
+++ b/tests/Wallabag/UserBundle/Mailer/AuthCodeMailerTest.php
@@ -33,7 +33,7 @@ TWIG;
33 public function testSendEmail() 33 public function testSendEmail()
34 { 34 {
35 $user = new User(); 35 $user = new User();
36 $user->setTwoFactorAuthentication(true); 36 $user->setEmailTwoFactor(true);
37 $user->setEmailAuthCode(666666); 37 $user->setEmailAuthCode(666666);
38 $user->setEmail('test@wallabag.io'); 38 $user->setEmail('test@wallabag.io');
39 $user->setName('Bob'); 39 $user->setName('Bob');