Update u2f_spec
to cover U2F being disabled until authenticator is set up.
This commit is contained in:
parent
fbb0612593
commit
298eb449f3
1 changed files with 24 additions and 35 deletions
|
@ -12,39 +12,24 @@ feature 'Using U2F (Universal 2nd Factor) Devices for Authentication', feature:
|
||||||
|
|
||||||
describe "registration" do
|
describe "registration" do
|
||||||
let(:user) { create(:user) }
|
let(:user) { create(:user) }
|
||||||
before { login_as(user) }
|
|
||||||
|
before do
|
||||||
|
login_as(user)
|
||||||
|
user.update_attribute(:otp_required_for_login, true)
|
||||||
|
end
|
||||||
|
|
||||||
describe 'when 2FA via OTP is disabled' do
|
describe 'when 2FA via OTP is disabled' do
|
||||||
it 'allows registering a new device' do
|
before { user.update_attribute(:otp_required_for_login, false) }
|
||||||
|
|
||||||
|
it 'does not allow registering a new device' do
|
||||||
visit profile_account_path
|
visit profile_account_path
|
||||||
click_on 'Enable Two-Factor Authentication'
|
click_on 'Enable Two-Factor Authentication'
|
||||||
|
|
||||||
register_u2f_device
|
expect(page).to have_button('Setup New U2F Device', disabled: true)
|
||||||
|
|
||||||
expect(page.body).to match('Your U2F device was registered')
|
|
||||||
end
|
|
||||||
|
|
||||||
it 'allows registering more than one device' do
|
|
||||||
visit profile_account_path
|
|
||||||
|
|
||||||
# First device
|
|
||||||
click_on 'Enable Two-Factor Authentication'
|
|
||||||
register_u2f_device
|
|
||||||
expect(page.body).to match('Your U2F device was registered')
|
|
||||||
|
|
||||||
# Second device
|
|
||||||
click_on 'Manage Two-Factor Authentication'
|
|
||||||
register_u2f_device
|
|
||||||
expect(page.body).to match('Your U2F device was registered')
|
|
||||||
click_on 'Manage Two-Factor Authentication'
|
|
||||||
|
|
||||||
expect(page.body).to match('You have 2 U2F devices registered')
|
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
describe 'when 2FA via OTP is enabled' do
|
describe 'when 2FA via OTP is enabled' do
|
||||||
before { user.update_attributes(otp_required_for_login: true) }
|
|
||||||
|
|
||||||
it 'allows registering a new device' do
|
it 'allows registering a new device' do
|
||||||
visit profile_account_path
|
visit profile_account_path
|
||||||
click_on 'Manage Two-Factor Authentication'
|
click_on 'Manage Two-Factor Authentication'
|
||||||
|
@ -67,7 +52,6 @@ feature 'Using U2F (Universal 2nd Factor) Devices for Authentication', feature:
|
||||||
click_on 'Manage Two-Factor Authentication'
|
click_on 'Manage Two-Factor Authentication'
|
||||||
register_u2f_device
|
register_u2f_device
|
||||||
expect(page.body).to match('Your U2F device was registered')
|
expect(page.body).to match('Your U2F device was registered')
|
||||||
|
|
||||||
click_on 'Manage Two-Factor Authentication'
|
click_on 'Manage Two-Factor Authentication'
|
||||||
expect(page.body).to match('You have 2 U2F devices registered')
|
expect(page.body).to match('You have 2 U2F devices registered')
|
||||||
end
|
end
|
||||||
|
@ -76,15 +60,16 @@ feature 'Using U2F (Universal 2nd Factor) Devices for Authentication', feature:
|
||||||
it 'allows the same device to be registered for multiple users' do
|
it 'allows the same device to be registered for multiple users' do
|
||||||
# First user
|
# First user
|
||||||
visit profile_account_path
|
visit profile_account_path
|
||||||
click_on 'Enable Two-Factor Authentication'
|
click_on 'Manage Two-Factor Authentication'
|
||||||
u2f_device = register_u2f_device
|
u2f_device = register_u2f_device
|
||||||
expect(page.body).to match('Your U2F device was registered')
|
expect(page.body).to match('Your U2F device was registered')
|
||||||
logout
|
logout
|
||||||
|
|
||||||
# Second user
|
# Second user
|
||||||
login_as(:user)
|
user = login_as(:user)
|
||||||
|
user.update_attribute(:otp_required_for_login, true)
|
||||||
visit profile_account_path
|
visit profile_account_path
|
||||||
click_on 'Enable Two-Factor Authentication'
|
click_on 'Manage Two-Factor Authentication'
|
||||||
register_u2f_device(u2f_device)
|
register_u2f_device(u2f_device)
|
||||||
expect(page.body).to match('Your U2F device was registered')
|
expect(page.body).to match('Your U2F device was registered')
|
||||||
|
|
||||||
|
@ -94,7 +79,7 @@ feature 'Using U2F (Universal 2nd Factor) Devices for Authentication', feature:
|
||||||
context "when there are form errors" do
|
context "when there are form errors" do
|
||||||
it "doesn't register the device if there are errors" do
|
it "doesn't register the device if there are errors" do
|
||||||
visit profile_account_path
|
visit profile_account_path
|
||||||
click_on 'Enable Two-Factor Authentication'
|
click_on 'Manage Two-Factor Authentication'
|
||||||
|
|
||||||
# Have the "u2f device" respond with bad data
|
# Have the "u2f device" respond with bad data
|
||||||
page.execute_script("u2f.register = function(_,_,_,callback) { callback('bad response'); };")
|
page.execute_script("u2f.register = function(_,_,_,callback) { callback('bad response'); };")
|
||||||
|
@ -109,7 +94,7 @@ feature 'Using U2F (Universal 2nd Factor) Devices for Authentication', feature:
|
||||||
|
|
||||||
it "allows retrying registration" do
|
it "allows retrying registration" do
|
||||||
visit profile_account_path
|
visit profile_account_path
|
||||||
click_on 'Enable Two-Factor Authentication'
|
click_on 'Manage Two-Factor Authentication'
|
||||||
|
|
||||||
# Failed registration
|
# Failed registration
|
||||||
page.execute_script("u2f.register = function(_,_,_,callback) { callback('bad response'); };")
|
page.execute_script("u2f.register = function(_,_,_,callback) { callback('bad response'); };")
|
||||||
|
@ -133,8 +118,9 @@ feature 'Using U2F (Universal 2nd Factor) Devices for Authentication', feature:
|
||||||
before do
|
before do
|
||||||
# Register and logout
|
# Register and logout
|
||||||
login_as(user)
|
login_as(user)
|
||||||
|
user.update_attribute(:otp_required_for_login, true)
|
||||||
visit profile_account_path
|
visit profile_account_path
|
||||||
click_on 'Enable Two-Factor Authentication'
|
click_on 'Manage Two-Factor Authentication'
|
||||||
@u2f_device = register_u2f_device
|
@u2f_device = register_u2f_device
|
||||||
logout
|
logout
|
||||||
end
|
end
|
||||||
|
@ -154,7 +140,7 @@ feature 'Using U2F (Universal 2nd Factor) Devices for Authentication', feature:
|
||||||
|
|
||||||
describe "when 2FA via OTP is enabled" do
|
describe "when 2FA via OTP is enabled" do
|
||||||
it "allows logging in with the U2F device" do
|
it "allows logging in with the U2F device" do
|
||||||
user.update_attributes(otp_required_for_login: true)
|
user.update_attribute(:otp_required_for_login, true)
|
||||||
login_with(user)
|
login_with(user)
|
||||||
|
|
||||||
@u2f_device.respond_to_u2f_authentication
|
@u2f_device.respond_to_u2f_authentication
|
||||||
|
@ -171,8 +157,9 @@ feature 'Using U2F (Universal 2nd Factor) Devices for Authentication', feature:
|
||||||
it "does not allow logging in with that particular device" do
|
it "does not allow logging in with that particular device" do
|
||||||
# Register current user with the different U2F device
|
# Register current user with the different U2F device
|
||||||
current_user = login_as(:user)
|
current_user = login_as(:user)
|
||||||
|
current_user.update_attribute(:otp_required_for_login, true)
|
||||||
visit profile_account_path
|
visit profile_account_path
|
||||||
click_on 'Enable Two-Factor Authentication'
|
click_on 'Manage Two-Factor Authentication'
|
||||||
register_u2f_device
|
register_u2f_device
|
||||||
logout
|
logout
|
||||||
|
|
||||||
|
@ -191,8 +178,9 @@ feature 'Using U2F (Universal 2nd Factor) Devices for Authentication', feature:
|
||||||
it "allows logging in with that particular device" do
|
it "allows logging in with that particular device" do
|
||||||
# Register current user with the same U2F device
|
# Register current user with the same U2F device
|
||||||
current_user = login_as(:user)
|
current_user = login_as(:user)
|
||||||
|
current_user.update_attribute(:otp_required_for_login, true)
|
||||||
visit profile_account_path
|
visit profile_account_path
|
||||||
click_on 'Enable Two-Factor Authentication'
|
click_on 'Manage Two-Factor Authentication'
|
||||||
register_u2f_device(@u2f_device)
|
register_u2f_device(@u2f_device)
|
||||||
logout
|
logout
|
||||||
|
|
||||||
|
@ -227,8 +215,9 @@ feature 'Using U2F (Universal 2nd Factor) Devices for Authentication', feature:
|
||||||
|
|
||||||
before do
|
before do
|
||||||
login_as(user)
|
login_as(user)
|
||||||
|
user.update_attribute(:otp_required_for_login, true)
|
||||||
visit profile_account_path
|
visit profile_account_path
|
||||||
click_on 'Enable Two-Factor Authentication'
|
click_on 'Manage Two-Factor Authentication'
|
||||||
register_u2f_device
|
register_u2f_device
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue