diff options
| author | Jenny Shen <jenny.shen@shopify.com> | 2023-02-15 10:52:32 -0500 |
|---|---|---|
| committer | Hiroshi SHIBATA <hsbt@ruby-lang.org> | 2023-04-12 11:57:15 +0900 |
| commit | cd60113faa41384cba31781eeb8fa51ea3ed2355 (patch) | |
| tree | dc916796c8a27111217e652488af79da0a0a4f3a /test | |
| parent | b6e860ba1bae04a1ce269a40ef4731fe52855a16 (diff) | |
| download | ruby-cd60113faa41384cba31781eeb8fa51ea3ed2355.tar.gz | |
Use Webauthn Listener in wait_for_otp
Diffstat (limited to 'test')
| -rw-r--r-- | test/rubygems/test_gem_gemcutter_utilities.rb | 59 |
1 files changed, 50 insertions, 9 deletions
diff --git a/test/rubygems/test_gem_gemcutter_utilities.rb b/test/rubygems/test_gem_gemcutter_utilities.rb index aa876e6ca8..93aec0c67c 100644 --- a/test/rubygems/test_gem_gemcutter_utilities.rb +++ b/test/rubygems/test_gem_gemcutter_utilities.rb @@ -235,22 +235,63 @@ class TestGemGemcutterUtilities < Gem::TestCase webauthn_verification_url = "rubygems.org/api/v1/webauthn_verification/odow34b93t6aPCdY" response_fail = "You have enabled multifactor authentication" api_key = "a5fdbb6ba150cbb83aad2bb2fede64cf040453903" - - util_sign_in(proc do - @call_count ||= 0 - if (@call_count += 1).odd? - HTTPResponseFactory.create(body: response_fail, code: 401, msg: "Unauthorized") - else - HTTPResponseFactory.create(body: api_key, code: 200, msg: "OK") + port = 5678 + server = TCPServer.new(port) + + TCPServer.stub(:new, server) do + Gem::WebauthnListener.stub(:wait_for_otp_code, "Uvh6T57tkWuUnWYo") do + util_sign_in(proc do + @call_count ||= 0 + if (@call_count += 1).odd? + HTTPResponseFactory.create(body: response_fail, code: 401, msg: "Unauthorized") + else + HTTPResponseFactory.create(body: api_key, code: 200, msg: "OK") + end + end, nil, [], "", webauthn_verification_url) end - end, nil, [], "", webauthn_verification_url) + ensure + server.close + end - url_with_port = "#{webauthn_verification_url}?port=5678" + url_with_port = "#{webauthn_verification_url}?port=#{port}" assert_match "You have enabled multi-factor authentication. Please visit #{url_with_port} to authenticate via security device.", @sign_in_ui.output assert_match "You are verified with a security device. You may close the browser window.", @sign_in_ui.output assert_equal "Uvh6T57tkWuUnWYo", @fetcher.last_request["OTP"] end + def test_sign_in_with_webauthn_enabled_with_error + webauthn_verification_url = "rubygems.org/api/v1/webauthn_verification/odow34b93t6aPCdY" + response_fail = "You have enabled multifactor authentication" + api_key = "a5fdbb6ba150cbb83aad2bb2fede64cf040453903" + port = 5678 + server = TCPServer.new(port) + raise_error = ->(*_args) { raise Gem::WebauthnVerificationError, "Something went wrong" } + + error = assert_raise Gem::WebauthnVerificationError do + TCPServer.stub(:new, server) do + Gem::WebauthnListener.stub(:wait_for_otp_code, raise_error) do + util_sign_in(proc do + @call_count ||= 0 + if (@call_count += 1).odd? + HTTPResponseFactory.create(body: response_fail, code: 401, msg: "Unauthorized") + else + HTTPResponseFactory.create(body: api_key, code: 200, msg: "OK") + end + end, nil, [], "", webauthn_verification_url) + end + ensure + server.close + end + end + + assert_equal "Security device verification failed: Something went wrong", error.message + + url_with_port = "#{webauthn_verification_url}?port=#{port}" + assert_match "You have enabled multi-factor authentication. Please visit #{url_with_port} to authenticate via security device.", @sign_in_ui.output + refute_match "You are verified with a security device. You may close the browser window.", @sign_in_ui.output + refute_match "Signed in with API key:", @sign_in_ui.output + end + def util_sign_in(response, host = nil, args = [], extra_input = "", webauthn_url = nil) email = "you@example.com" password = "secret" |