1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
|
# frozen_string_literal: true
# These helpers allow you to manage and register
# U2F and WebAuthn devices
#
# Usage:
# describe "..." do
# include Spec::Support::Helpers::Features::TwoFactorHelpers
# ...
#
# manage_two_factor_authentication
#
module Spec
module Support
module Helpers
module Features
module TwoFactorHelpers
def manage_two_factor_authentication
click_on 'Manage two-factor authentication'
expect(page).to have_content("Set up new device")
wait_for_requests
end
# Registers webauthn device via UI
def register_webauthn_device(webauthn_device = nil, name: 'My device')
webauthn_device ||= FakeWebauthnDevice.new(page, name)
webauthn_device.respond_to_webauthn_registration
click_on 'Set up new device'
expect(page).to have_content('Your device was successfully set up')
fill_in 'Pick a name', with: name
click_on 'Register device'
webauthn_device
end
# Adds webauthn device directly via database
def add_webauthn_device(app_id, user, fake_device = nil, name: 'My device')
fake_device ||= WebAuthn::FakeClient.new(app_id)
options_for_create = WebAuthn::Credential.options_for_create(
user: { id: user.webauthn_xid, name: user.username },
authenticator_selection: { user_verification: 'discouraged' },
rp: { name: 'GitLab' }
)
challenge = options_for_create.challenge
device_response = fake_device.create(challenge: challenge).to_json # rubocop:disable Rails/SaveBang
device_registration_params = { device_response: device_response,
name: name }
Webauthn::RegisterService.new(
user, device_registration_params, challenge).execute
FakeWebauthnDevice.new(page, name, fake_device)
end
def assert_fallback_ui(page)
expect(page).to have_button('Verify code')
expect(page).to have_css('#user_otp_attempt')
expect(page).not_to have_link('Sign in via 2FA code')
expect(page).not_to have_css("#js-authenticate-token-2fa")
end
end
end
end
end
end
|
