Merge branch 'internal_recovery_api' into 'master'

Add internal API to recovery 2FA ## What does this MR do? Add an internal API to make SSH 2FA recovery possible. Related to gitlab-org/gitlab-shell!74 See merge request !5510
author: Robert Speicher <robert@gitlab.com> 2016-08-24 23:45:32 +0000
committer: Robert Speicher <robert@gitlab.com> 2016-08-24 23:45:32 +0000
commit: 6fb46b604e4feebcbaa92d3d44d7616be709c0e5 (patch)
tree: b9388714a34dfb2aec72f71ab158a93a85bbc817 /spec/requests
parent: 9ea01f32fe4355179da6082742b6ad06f9603388 (diff)
parent: bba85773519e972d036a933b1f054b6c76050c5f (diff)
download: gitlab-ce-6fb46b604e4feebcbaa92d3d44d7616be709c0e5.tar.gz
1 files changed, 62 insertions, 0 deletions
diff --git a/spec/requests/api/internal_spec.rb b/spec/requests/api/internal_spec.rb
index be52f88831f..5d06abcfeb3 100644
--- a/spec/requests/api/internal_spec.rb
+++ b/spec/requests/api/internal_spec.rb
@@ -38,6 +38,68 @@ describe API::API, api: true  do
     end
   end
 
+  describe 'GET /internal/two_factor_recovery_codes' do
+    it 'returns an error message when the key does not exist' do
+      post api('/internal/two_factor_recovery_codes'),
+           secret_token: secret_token,
+           key_id: 12345
+
+      expect(response).to have_http_status(404)
+      expect(json_response['message']).to eq('404 Not found')
+    end
+
+    it 'returns an error message when the key is a deploy key' do
+      deploy_key = create(:deploy_key)
+
+      post api('/internal/two_factor_recovery_codes'),
+           secret_token: secret_token,
+           key_id: deploy_key.id
+
+      expect(json_response['success']).to be_falsey
+      expect(json_response['message']).to eq('Deploy keys cannot be used to retrieve recovery codes')
+    end
+
+    it 'returns an error message when the user does not exist' do
+      key_without_user = create(:key, user: nil)
+
+      post api('/internal/two_factor_recovery_codes'),
+           secret_token: secret_token,
+           key_id: key_without_user.id
+
+      expect(json_response['success']).to be_falsey
+      expect(json_response['message']).to eq('Could not find a user for the given key')
+      expect(json_response['recovery_codes']).to be_nil
+    end
+
+    context 'when two-factor is enabled' do
+      it 'returns new recovery codes when the user exists' do
+        allow_any_instance_of(User).to receive(:two_factor_enabled?).and_return(true)
+        allow_any_instance_of(User)
+          .to receive(:generate_otp_backup_codes!).and_return(%w(119135e5a3ebce8e 34bd7b74adbc8861))
+
+        post api('/internal/two_factor_recovery_codes'),
+             secret_token: secret_token,
+             key_id: key.id
+
+        expect(json_response['success']).to be_truthy
+        expect(json_response['recovery_codes']).to match_array(%w(119135e5a3ebce8e 34bd7b74adbc8861))
+      end
+    end
+
+    context 'when two-factor is not enabled' do
+      it 'returns an error message' do
+        allow_any_instance_of(User).to receive(:two_factor_enabled?).and_return(false)
+
+        post api('/internal/two_factor_recovery_codes'),
+             secret_token: secret_token,
+             key_id: key.id
+
+        expect(json_response['success']).to be_falsey
+        expect(json_response['recovery_codes']).to be_nil
+      end
+    end
+  end
+
   describe "GET /internal/discover" do
     it do
       get(api("/internal/discover"), key_id: key.id, secret_token: secret_token)
author	Robert Speicher <robert@gitlab.com>	2016-08-24 23:45:32 +0000
committer	Robert Speicher <robert@gitlab.com>	2016-08-24 23:45:32 +0000
commit	6fb46b604e4feebcbaa92d3d44d7616be709c0e5 (patch)
tree	b9388714a34dfb2aec72f71ab158a93a85bbc817 /spec/requests
parent	9ea01f32fe4355179da6082742b6ad06f9603388 (diff)
parent	bba85773519e972d036a933b1f054b6c76050c5f (diff)
download	gitlab-ce-6fb46b604e4feebcbaa92d3d44d7616be709c0e5.tar.gz