1 files changed, 21 insertions, 27 deletions

diff --git a/spec/controllers/sessions_controller_spec.rb b/spec/controllers/sessions_controller_spec.rb
index 1f7d169bae5..80856512bba 100644
--- a/spec/controllers/sessions_controller_spec.rb
+++ b/spec/controllers/sessions_controller_spec.rb
@@ -375,8 +375,7 @@ RSpec.describe SessionsController do
 
           context 'when OTP is valid for another user' do
             it 'does not authenticate' do
-              authenticate_2fa(login: another_user.username,
-                               otp_attempt: another_user.current_otp)
+              authenticate_2fa(login: another_user.username, otp_attempt: another_user.current_otp)
 
               expect(subject.current_user).not_to eq another_user
             end
@@ -384,8 +383,7 @@ RSpec.describe SessionsController do
 
           context 'when OTP is invalid for another user' do
             it 'does not authenticate' do
-              authenticate_2fa(login: another_user.username,
-                               otp_attempt: 'invalid')
+              authenticate_2fa(login: another_user.username, otp_attempt: 'invalid')
 
               expect(subject.current_user).not_to eq another_user
             end
@@ -495,51 +493,49 @@ RSpec.describe SessionsController do
       end
     end
 
-    context 'when using two-factor authentication via U2F device' do
-      let(:user) { create(:user, :two_factor) }
+    context 'when using two-factor authentication via WebAuthn device' do
+      let(:user) { create(:user, :two_factor_via_webauthn) }
 
-      def authenticate_2fa_u2f(user_params)
+      def authenticate_2fa(user_params)
         post(:create, params: { user: user_params }, session: { otp_user_id: user.id })
       end
 
-      before do
-        stub_feature_flags(webauthn: false)
-      end
-
       context 'remember_me field' do
         it 'sets a remember_user_token cookie when enabled' do
-          allow(U2fRegistration).to receive(:authenticate).and_return(true)
+          allow_any_instance_of(Webauthn::AuthenticateService).to receive(:execute).and_return(true)
           allow(controller).to receive(:find_user).and_return(user)
-          expect(controller)
-            .to receive(:remember_me).with(user).and_call_original
+          expect(controller).to receive(:remember_me).with(user).and_call_original
 
-          authenticate_2fa_u2f(remember_me: '1', login: user.username, device_response: "{}")
+          authenticate_2fa(remember_me: '1', login: user.username, device_response: "{}")
 
           expect(response.cookies['remember_user_token']).to be_present
         end
 
         it 'does nothing when disabled' do
-          allow(U2fRegistration).to receive(:authenticate).and_return(true)
+          allow_any_instance_of(Webauthn::AuthenticateService).to receive(:execute).and_return(true)
           allow(controller).to receive(:find_user).and_return(user)
           expect(controller).not_to receive(:remember_me)
 
-          authenticate_2fa_u2f(remember_me: '0', login: user.username, device_response: "{}")
+          authenticate_2fa(remember_me: '0', login: user.username, device_response: "{}")
 
           expect(response.cookies['remember_user_token']).to be_nil
         end
       end
 
       it "creates an audit log record" do
-        allow(U2fRegistration).to receive(:authenticate).and_return(true)
-        expect { authenticate_2fa_u2f(login: user.username, device_response: "{}") }.to change { AuditEvent.count }.by(1)
-        expect(AuditEvent.last.details[:with]).to eq("two-factor-via-u2f-device")
+        allow_any_instance_of(Webauthn::AuthenticateService).to receive(:execute).and_return(true)
+
+        expect { authenticate_2fa(login: user.username, device_response: "{}") }.to(
+          change { AuditEvent.count }.by(1))
+        expect(AuditEvent.last.details[:with]).to eq("two-factor-via-webauthn-device")
       end
 
       it "creates an authentication event record" do
-        allow(U2fRegistration).to receive(:authenticate).and_return(true)
+        allow_any_instance_of(Webauthn::AuthenticateService).to receive(:execute).and_return(true)
 
-        expect { authenticate_2fa_u2f(login: user.username, device_response: "{}") }.to change { AuthenticationEvent.count }.by(1)
-        expect(AuthenticationEvent.last.provider).to eq("two-factor-via-u2f-device")
+        expect { authenticate_2fa(login: user.username, device_response: "{}") }.to(
+          change { AuthenticationEvent.count }.by(1))
+        expect(AuthenticationEvent.last.provider).to eq("two-factor-via-webauthn-device")
       end
     end
   end
@@ -567,8 +563,7 @@ RSpec.describe SessionsController do
       it 'sets the username and caller_id in the context' do
         expect(controller).to receive(:destroy).and_wrap_original do |m, *args|
           expect(Gitlab::ApplicationContext.current)
-            .to include('meta.user' => user.username,
-                        'meta.caller_id' => 'SessionsController#destroy')
+            .to include('meta.user' => user.username, 'meta.caller_id' => 'SessionsController#destroy')
 
           m.call(*args)
         end
@@ -607,8 +602,7 @@ RSpec.describe SessionsController do
           m.call(*args)
         end
 
-        post(:create,
-             params: { user: { login: user.username, password: user.password.succ } })
+        post :create, params: { user: { login: user.username, password: user.password.succ } }
       end
     end
   end