diff options
author | Sean McGivern <sean@gitlab.com> | 2021-05-14 09:56:23 +0100 |
---|---|---|
committer | Sean McGivern <sean@gitlab.com> | 2021-05-17 14:00:19 +0100 |
commit | 56082fbe281df0cb6c7dbceddf94efeb95ef7159 (patch) | |
tree | ab1ad7863e0b474ec26296bb63b3cd2a8fe89dec | |
parent | bc93a437b6cabb64360edfa698dacb4cc3ef02fe (diff) | |
download | gitlab-shell-56082fbe281df0cb6c7dbceddf94efeb95ef7159.tar.gz |
Add acceptance test for 2fa_recovery_codes
-rw-r--r-- | cmd/gitlab-sshd/acceptance_test.go | 45 |
1 files changed, 45 insertions, 0 deletions
diff --git a/cmd/gitlab-sshd/acceptance_test.go b/cmd/gitlab-sshd/acceptance_test.go index 02d8200..ad80c55 100644 --- a/cmd/gitlab-sshd/acceptance_test.go +++ b/cmd/gitlab-sshd/acceptance_test.go @@ -60,6 +60,8 @@ func successAPI(t *testing.T) http.Handler { fmt.Fprint(w, `{"id": 1000, "name": "Test User", "username": "test-user"}`) case "/api/v4/internal/personal_access_token": fmt.Fprint(w, `{"success": true, "token": "testtoken", "scopes": ["api"], "expires_at": ""}`) + case "/api/v4/internal/two_factor_recovery_codes": + fmt.Fprint(w, `{"success": true, "recovery_codes": ["code1", "code2"]}`) default: t.Logf("Unexpected request to successAPI: %s", r.URL.EscapedPath()) t.FailNow() @@ -231,3 +233,46 @@ func TestPersonalAccessTokenSuccess(t *testing.T) { require.NoError(t, err) require.Equal(t, "Token: testtoken\nScopes: api\nExpires: never\n", string(output)) } + +func TestTwoFactorAuthRecoveryCodesSuccess(t *testing.T) { + client := runSSHD(t, successAPI(t)) + + session, err := client.NewSession() + require.NoError(t, err) + defer session.Close() + + stdin, err := session.StdinPipe() + require.NoError(t, err) + + stdout, err := session.StdoutPipe() + require.NoError(t, err) + + reader := bufio.NewReader(stdout) + + err = session.Start("2fa_recovery_codes") + require.NoError(t, err) + + line, err := reader.ReadString('\n') + require.NoError(t, err) + require.Equal(t, "Are you sure you want to generate new two-factor recovery codes?\n", line) + + line, err = reader.ReadString('\n') + require.NoError(t, err) + require.Equal(t, "Any existing recovery codes you saved will be invalidated. (yes/no)\n", line) + + _, err = fmt.Fprintln(stdin, "yes") + require.NoError(t, err) + + output, err := ioutil.ReadAll(stdout) + require.NoError(t, err) + require.Equal(t, ` +Your two-factor authentication recovery codes are: + +code1 +code2 + +During sign in, use one of the codes above when prompted for +your two-factor code. Then, visit your Profile Settings and add +a new device so you do not lose access to your account again. +`, string(output)) +} |