Skip to content

Commit

Permalink
test: update tests to work w/ new BE behaviour
Browse files Browse the repository at this point in the history
  • Loading branch information
@porcellus
porcellus committed Dec 11, 2023
1 parent 1eb1505 commit c1f3a48
Show file tree
Hide file tree
Showing 4 changed files with 75 additions and 28 deletions.
46 changes: 36 additions & 10 deletions test/end-to-end/mfa.default_reqs.test.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ import {
getFactorChooserOptions,
} from "../helpers";
import fetch from "isomorphic-fetch";
import { CREATE_CODE_API, CREATE_TOTP_DEVICE_API, MFA_INFO_API } from "../constants";
import { CREATE_CODE_API, CREATE_TOTP_DEVICE_API, MFA_INFO_API, TEST_APPLICATION_SERVER_BASE_URL } from "../constants";

import { TEST_CLIENT_BASE_URL, TEST_SERVER_BASE_URL } from "../constants";
import { getTestPhoneNumber } from "../exampleTestHelpers";
Expand All @@ -54,6 +54,7 @@ import {
expectErrorThrown,
waitForLoadingScreen,
waitForBlockedScreen,
addToDefaultRequiredFactorsForUser,
} from "./mfa.helpers";

/*
Expand Down Expand Up @@ -150,25 +151,50 @@ describe("SuperTokens SignIn w/ MFA", function () {
assert.deepStrictEqual(new Set(list), new Set(["otp-email", "otp-phone", "totp"]));
});

it("should require 2fa to sign in after setting up a factor", async () => {
it("should require 2fa to sign in after setting up a factor - totp", async () => {
await tryEmailPasswordSignIn(page, email);

await waitForDashboard(page);

await goToFactorChooser(page);
await chooseFactor(page, "otp-email");
await completeOTP(page);

const secret = await setupTOTP(page);
await logout(page);

await tryEmailPasswordSignIn(page, email);
const list = await getFactorChooserOptions(page);
// TODO: validate this, maybe it should only be totp?
assert.deepStrictEqual(new Set(list), new Set(["otp-email", "totp"]));
await chooseFactor(page, "totp");
await waitForDashboard(page);
await addToDefaultRequiredFactorsForUser(page, "totp");
await logout(page);

await tryEmailPasswordSignIn(page, email);
await completeTOTP(page, secret);
await waitForDashboard(page);
});

it("should require 2fa to sign in after setting up a factor - otp-email", async () => {
await tryEmailPasswordSignIn(page, email);
await addToDefaultRequiredFactorsForUser(page, "otp-email");
await logout(page);

await tryEmailPasswordSignIn(page, email);
await completeOTP(page, "EMAIL");
await waitForDashboard(page);
});

it("should require 2fa to sign in after setting up a factor - otp-phone", async () => {
await tryEmailPasswordSignIn(page, email);

await waitForDashboard(page);

await setupOTP(page, "PHONE", getTestPhoneNumber());
await logout(page);

await tryEmailPasswordSignIn(page, email);
await waitForDashboard(page);
await addToDefaultRequiredFactorsForUser(page, "otp-phone");
await logout(page);

await tryEmailPasswordSignIn(page, email);
await completeOTP(page, "PHONE");
await waitForDashboard(page);
});
});
});
16 changes: 16 additions & 0 deletions test/end-to-end/mfa.helpers.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,6 +45,22 @@ export async function setMFAInfo(mfaInfo) {
});
assert.strictEqual(resp.status, 200);
}

export async function addToDefaultRequiredFactorsForUser(page, factorId) {
await page.evaluate(
(baseUrl, factorId) =>
window.fetch(`${baseUrl}/addRequiredFactor`, {
method: "POST",
headers: new Headers([["content-type", "application/json"]]),
body: JSON.stringify({
factorId,
}),
}),
TEST_APPLICATION_SERVER_BASE_URL,
factorId
);
}

export async function completeOTP(page, contactMethod) {
await waitForSTElement(page, "[data-supertokens~=input][name=userInputCode]");

Expand Down
37 changes: 21 additions & 16 deletions test/server/index.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -448,6 +448,14 @@ app.post("/completeFactor", verifySession(), async (req, res) => {
res.send({ status: "OK" });
});

app.post("/addRequiredFactor", verifySession(), async (req, res) => {
let session = req.session;

await MultiFactorAuth.addToDefaultRequiredFactorsForUser(session.getUserId(), req.body.factorId);

res.send({ status: "OK" });
});

app.post("/mergeIntoAccessTokenPayload", verifySession(), async (req, res) => {
let session = req.session;

Expand Down Expand Up @@ -1261,22 +1269,6 @@ function initST() {
override: {
functions: (oI) => ({
...oI,
getFactorsSetupForUser: async (input) => {
const res = await oI.getFactorsSetupForUser(input);
return mfaInfo?.isAlreadySetup ?? res;
},
getAllAvailableFactorIds: async (input) => {
const res = await oI.getAllAvailableFactorIds(input);
if (mfaInfo?.isAllowedToSetup || mfaInfo?.isAlreadySetup) {
return [
...(mfaInfo.isAllowedToSetup || []),
...(mfaInfo.isAlreadySetup || []),
"emailpassword",
"thirdparty",
];
}
return res;
},
isAllowedToSetupFactor: async (input) => {
const res = await oI.isAllowedToSetupFactor(input);
if (mfaInfo?.isAllowedToSetup) {
Expand All @@ -1292,6 +1284,19 @@ function initST() {
return res;
},
}),
apis: (oI) => ({
...oI,
mfaInfoGET: async (input) => {
const res = await oI.mfaInfoGET(input);

if (res.status === "OK") {
if (mfaInfo.isAlreadySetup) {
res.factors.isAlreadySetup = [...mfaInfo.isAlreadySetup];
}
}
return res;
},
}),
},
}),
]);
Expand Down
4 changes: 2 additions & 2 deletions test/server/package-lock.json
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

0 comments on commit c1f3a48

Please sign in to comment.