2019-11-02 14:32:58 +00:00
|
|
|
package suites
|
|
|
|
|
|
|
|
import (
|
|
|
|
"context"
|
|
|
|
"fmt"
|
|
|
|
"log"
|
|
|
|
"testing"
|
|
|
|
"time"
|
|
|
|
|
|
|
|
"github.com/stretchr/testify/suite"
|
|
|
|
)
|
|
|
|
|
|
|
|
type TwoFactorSuite struct {
|
|
|
|
*SeleniumSuite
|
|
|
|
}
|
|
|
|
|
2019-11-24 20:27:59 +00:00
|
|
|
func NewTwoFactorScenario() *TwoFactorSuite {
|
2019-11-02 14:32:58 +00:00
|
|
|
return &TwoFactorSuite{
|
|
|
|
SeleniumSuite: new(SeleniumSuite),
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func (s *TwoFactorSuite) SetupSuite() {
|
|
|
|
wds, err := StartWebDriver()
|
|
|
|
|
|
|
|
if err != nil {
|
|
|
|
log.Fatal(err)
|
|
|
|
}
|
|
|
|
|
2019-11-24 20:27:59 +00:00
|
|
|
s.WebDriverSession = wds
|
2019-11-02 14:32:58 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
func (s *TwoFactorSuite) TearDownSuite() {
|
|
|
|
err := s.WebDriverSession.Stop()
|
|
|
|
|
|
|
|
if err != nil {
|
|
|
|
log.Fatal(err)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func (s *TwoFactorSuite) SetupTest() {
|
|
|
|
ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
|
|
|
|
defer cancel()
|
|
|
|
|
2019-11-24 20:27:59 +00:00
|
|
|
s.doLogout(ctx, s.T())
|
|
|
|
s.doVisit(s.T(), HomeBaseURL)
|
|
|
|
s.verifyIsHome(ctx, s.T())
|
2019-11-02 14:32:58 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
func (s *TwoFactorSuite) TestShouldAuthorizeSecretAfterTwoFactor() {
|
2019-11-24 20:27:59 +00:00
|
|
|
ctx, cancel := context.WithTimeout(context.Background(), 15*time.Second)
|
2019-11-02 14:32:58 +00:00
|
|
|
defer cancel()
|
|
|
|
|
2020-05-02 16:20:40 +00:00
|
|
|
username := testUsername
|
|
|
|
password := testPassword
|
2019-12-07 17:14:26 +00:00
|
|
|
|
|
|
|
// Login one factor
|
|
|
|
s.doLoginOneFactor(ctx, s.T(), username, password, false, "")
|
|
|
|
|
|
|
|
// Check he reaches the 2FA stage
|
|
|
|
s.verifyIsSecondFactorPage(ctx, s.T())
|
|
|
|
|
|
|
|
// Then register the TOTP factor
|
|
|
|
secret := s.doRegisterTOTP(ctx, s.T())
|
2019-11-02 14:32:58 +00:00
|
|
|
|
2019-12-07 17:14:26 +00:00
|
|
|
// And logout
|
|
|
|
s.doLogout(ctx, s.T())
|
|
|
|
|
|
|
|
// Login again with 1FA & 2FA
|
2019-11-02 14:32:58 +00:00
|
|
|
targetURL := fmt.Sprintf("%s/secret.html", AdminBaseURL)
|
2020-05-02 16:20:40 +00:00
|
|
|
s.doLoginTwoFactor(ctx, s.T(), testUsername, testPassword, false, secret, targetURL)
|
2019-12-07 17:14:26 +00:00
|
|
|
|
|
|
|
// And check if the user is redirected to the secret.
|
2019-11-24 20:27:59 +00:00
|
|
|
s.verifySecretAuthorized(ctx, s.T())
|
|
|
|
|
2019-12-07 17:14:26 +00:00
|
|
|
// Leave the secret
|
2019-11-24 20:27:59 +00:00
|
|
|
s.doVisit(s.T(), HomeBaseURL)
|
|
|
|
s.verifyIsHome(ctx, s.T())
|
|
|
|
|
2019-12-07 17:14:26 +00:00
|
|
|
// And try to reload it again to check the session is kept
|
2019-11-24 20:27:59 +00:00
|
|
|
s.doVisit(s.T(), targetURL)
|
|
|
|
s.verifySecretAuthorized(ctx, s.T())
|
|
|
|
}
|
|
|
|
|
|
|
|
func (s *TwoFactorSuite) TestShouldFailTwoFactor() {
|
|
|
|
ctx, cancel := context.WithTimeout(context.Background(), 15*time.Second)
|
|
|
|
defer cancel()
|
|
|
|
|
|
|
|
// Register TOTP secret and logout.
|
2020-05-02 16:20:40 +00:00
|
|
|
s.doRegisterThenLogout(ctx, s.T(), testUsername, testPassword)
|
2019-11-24 20:27:59 +00:00
|
|
|
|
|
|
|
wrongPasscode := "123456"
|
2020-05-02 16:20:40 +00:00
|
|
|
s.doLoginOneFactor(ctx, s.T(), testUsername, testPassword, false, "")
|
2019-11-24 20:27:59 +00:00
|
|
|
s.verifyIsSecondFactorPage(ctx, s.T())
|
|
|
|
s.doEnterOTP(ctx, s.T(), wrongPasscode)
|
2019-11-02 14:32:58 +00:00
|
|
|
|
2019-11-24 20:27:59 +00:00
|
|
|
s.verifyNotificationDisplayed(ctx, s.T(), "The one-time password might be wrong")
|
2019-11-02 14:32:58 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
func TestRunTwoFactor(t *testing.T) {
|
2019-11-24 20:27:59 +00:00
|
|
|
suite.Run(t, NewTwoFactorScenario())
|
2019-11-02 14:32:58 +00:00
|
|
|
}
|