Skip to content

Totp integration test fix #6814

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 5 commits into from
Dec 3, 2022
Merged

Totp integration test fix #6814

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
858487c
removed delay function and used timestamp for totp generator
bhparijat Nov 19, 2022
3de5495
updated yarn.lock to show totp-generator
bhparijat Nov 24, 2022
5696b84
added check for signin after unenroll
bhparijat Nov 28, 2022
5680ca5
adding skippig of totp tests if emulator is being used
bhparijat Nov 30, 2022
94410e9
using this.skip to skip tests
bhparijat Nov 30, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 4 additions & 7 deletions packages/auth/test/helpers/integration/helpers.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -99,21 +99,18 @@ function stubConsoleToSilenceEmulatorWarnings(): sinon.SinonStub {
export function getTotpCode(
sharedSecretKey: string,
periodSec: number,
verificationCodeLength: number
verificationCodeLength: number,
timestamp: Date
): string {
const token = totp(sharedSecretKey, {
period: periodSec,
digits: verificationCodeLength,
algorithm: 'SHA-1'
algorithm: 'SHA-1',
timestamp
});

return token;
}

export function delay(dt: number): Promise<void> {
return new Promise(resolve => setTimeout(resolve, dt));
}

export const email = '[email protected]';
//1000000 is always incorrect since it has 7 digits and we expect 6.
export const incorrectTotpCode = '1000000';
59 changes: 41 additions & 18 deletions packages/auth/test/integration/flows/totp.test.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,6 @@ import {
cleanUpTestInstance,
getTestInstance,
getTotpCode,
delay,
email,
incorrectTotpCode
} from '../../helpers/integration/helpers';
Expand All @@ -38,6 +37,7 @@ import {
TotpMultiFactorGenerator,
TotpSecret
} from '../../../src/mfa/assertions/totp';
import { getEmulatorUrl } from '../../helpers/integration/settings';

use(chaiAsPromised);
use(sinonChai);
Expand All @@ -46,16 +46,26 @@ describe(' Integration tests: Mfa TOTP', () => {
let auth: Auth;
let totpSecret: TotpSecret;
let displayName: string;
let totpTimestamp: Date;
let emulatorUrl: string | null;
beforeEach(async () => {
auth = getTestInstance();
displayName = 'totp-integration-test';
emulatorUrl = getEmulatorUrl();
if (!emulatorUrl) {
auth = getTestInstance();
displayName = 'totp-integration-test';
}
});

afterEach(async () => {
await cleanUpTestInstance(auth);
if (!emulatorUrl) {
await cleanUpTestInstance(auth);
}
});

it('should not enroll if incorrect totp supplied', async () => {
it('should not enroll if incorrect totp supplied', async function () {
if (emulatorUrl) {
this.skip();
}
const cr = await signInWithEmailAndPassword(auth, email, 'password');
const mfaUser = multiFactor(cr.user);
const session = await mfaUser.getSession();
Expand All @@ -71,7 +81,10 @@ describe(' Integration tests: Mfa TOTP', () => {
).to.be.rejectedWith('auth/invalid-verification-code');
});

it('should enroll using correct otp', async () => {
it('should enroll using correct otp', async function () {
if (emulatorUrl) {
this.skip();
}
const cr = await signInWithEmailAndPassword(auth, email, 'password');

const mfaUser = multiFactor(cr.user);
Expand All @@ -80,10 +93,13 @@ describe(' Integration tests: Mfa TOTP', () => {

totpSecret = await TotpMultiFactorGenerator.generateSecret(session);

totpTimestamp = new Date();

const totpVerificationCode = getTotpCode(
totpSecret.secretKey,
totpSecret.codeIntervalSeconds,
totpSecret.codeLength
totpSecret.codeLength,
totpTimestamp
);

const multiFactorAssertion =
Expand All @@ -95,9 +111,12 @@ describe(' Integration tests: Mfa TOTP', () => {
.fulfilled;
});

it('should not allow sign-in with incorrect totp', async () => {
let resolver;
it('should not allow sign-in with incorrect totp', async function () {
let resolver: any;

if (emulatorUrl) {
this.skip();
}
try {
await signInWithEmailAndPassword(auth, email, 'password');

Expand All @@ -120,13 +139,11 @@ describe(' Integration tests: Mfa TOTP', () => {
}
});

it('should allow sign-in with for correct totp and unenroll successfully', async () => {
let resolver;

await delay(30 * 1000);
//TODO(bhparijat) generate the otp code for the next time window by passing the appropriate
//timestamp to avoid the 30s delay. The delay is needed because the otp code used for enrollment
//cannot be reused for signing in.
it('should allow sign-in with for correct totp and unenroll successfully', async function () {
let resolver: any;
if (emulatorUrl) {
this.skip();
}
try {
await signInWithEmailAndPassword(auth, email, 'password');

Expand All @@ -138,11 +155,15 @@ describe(' Integration tests: Mfa TOTP', () => {
resolver = getMultiFactorResolver(auth, error as any);
expect(resolver.hints).to.have.length(1);

totpTimestamp.setSeconds(totpTimestamp.getSeconds() + 30);

const totpVerificationCode = getTotpCode(
totpSecret.secretKey,
totpSecret.codeIntervalSeconds,
totpSecret.codeLength
totpSecret.codeLength,
totpTimestamp
);

const assertion = TotpMultiFactorGenerator.assertionForSignIn(
resolver.hints[0].uid,
totpVerificationCode
Expand All @@ -152,6 +173,8 @@ describe(' Integration tests: Mfa TOTP', () => {
const mfaUser = multiFactor(userCredential.user);

await expect(mfaUser.unenroll(resolver.hints[0].uid)).to.be.fulfilled;
await expect(signInWithEmailAndPassword(auth, email, 'password')).to.be
.fulfilled;
}
}).timeout(32000);
});
});
12 changes: 12 additions & 0 deletions yarn.lock
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10839,6 +10839,11 @@ jsprim@^1.2.2:
json-schema "0.2.3"
verror "1.10.0"

jssha@^3.1.2:
version "3.3.0"
resolved "https://registry.npmjs.org/jssha/-/jssha-3.3.0.tgz#44b5531bcf55a12f4a388476c647a9a1cca92839"
integrity sha512-w9OtT4ALL+fbbwG3gw7erAO0jvS5nfvrukGPMWIAoea359B26ALXGpzy4YJSp9yGnpUvuvOw1nSjSoHDfWSr1w==

jszip@^3.1.3, jszip@^3.6.0:
version "3.7.1"
resolved "https://registry.npmjs.org/jszip/-/jszip-3.7.1.tgz#bd63401221c15625a1228c556ca8a68da6fda3d9"
Expand Down Expand Up @@ -16415,6 +16420,13 @@ [email protected]:
resolved "https://registry.npmjs.org/toidentifier/-/toidentifier-1.0.1.tgz#3be34321a88a820ed1bd80dfaa33e479fbb8dd35"
integrity sha512-o5sSPKEkg/DIQNmH43V0/uerLrpzVedkUh8tGNvaeXpfpuwjKenlSox/2O/BTlZUtEe+JG7s5YhEz608PlAHRA==

[email protected]:
version "0.0.14"
resolved "https://registry.npmjs.org/totp-generator/-/totp-generator-0.0.14.tgz#c136bcb4030f9cab5b10ecd82d15cd2d5518234a"
integrity sha512-vFZ8N2TdF4mCj8bUW460jI73LqS+JKccsZ8cttQSuXa3dkTmZo8q81Pq2yAuiPxCI5fPfUrfaKuU+7adjx5s4w==
dependencies:
jssha "^3.1.2"

tough-cookie@~2.5.0:
version "2.5.0"
resolved "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.5.0.tgz#cd9fb2a0aa1d5a12b473bd9fb96fa3dcff65ade2"
Expand Down