Update u2f_spec to cover U2F being disabled until authenticator is set up.

This commit is contained in:
Timothy Andrew 2016-06-14 09:48:52 +05:30
parent fbb0612593
commit 298eb449f3

View file

@ -12,39 +12,24 @@ feature 'Using U2F (Universal 2nd Factor) Devices for Authentication', feature:
describe "registration" do describe "registration" do
let(:user) { create(:user) } let(:user) { create(:user) }
before { login_as(user) }
before do
login_as(user)
user.update_attribute(:otp_required_for_login, true)
end
describe 'when 2FA via OTP is disabled' do describe 'when 2FA via OTP is disabled' do
it 'allows registering a new device' do before { user.update_attribute(:otp_required_for_login, false) }
it 'does not allow registering a new device' do
visit profile_account_path visit profile_account_path
click_on 'Enable Two-Factor Authentication' click_on 'Enable Two-Factor Authentication'
register_u2f_device expect(page).to have_button('Setup New U2F Device', disabled: true)
expect(page.body).to match('Your U2F device was registered')
end
it 'allows registering more than one device' do
visit profile_account_path
# First device
click_on 'Enable Two-Factor Authentication'
register_u2f_device
expect(page.body).to match('Your U2F device was registered')
# Second device
click_on 'Manage Two-Factor Authentication'
register_u2f_device
expect(page.body).to match('Your U2F device was registered')
click_on 'Manage Two-Factor Authentication'
expect(page.body).to match('You have 2 U2F devices registered')
end end
end end
describe 'when 2FA via OTP is enabled' do describe 'when 2FA via OTP is enabled' do
before { user.update_attributes(otp_required_for_login: true) }
it 'allows registering a new device' do it 'allows registering a new device' do
visit profile_account_path visit profile_account_path
click_on 'Manage Two-Factor Authentication' click_on 'Manage Two-Factor Authentication'
@ -67,7 +52,6 @@ feature 'Using U2F (Universal 2nd Factor) Devices for Authentication', feature:
click_on 'Manage Two-Factor Authentication' click_on 'Manage Two-Factor Authentication'
register_u2f_device register_u2f_device
expect(page.body).to match('Your U2F device was registered') expect(page.body).to match('Your U2F device was registered')
click_on 'Manage Two-Factor Authentication' click_on 'Manage Two-Factor Authentication'
expect(page.body).to match('You have 2 U2F devices registered') expect(page.body).to match('You have 2 U2F devices registered')
end end
@ -76,15 +60,16 @@ feature 'Using U2F (Universal 2nd Factor) Devices for Authentication', feature:
it 'allows the same device to be registered for multiple users' do it 'allows the same device to be registered for multiple users' do
# First user # First user
visit profile_account_path visit profile_account_path
click_on 'Enable Two-Factor Authentication' click_on 'Manage Two-Factor Authentication'
u2f_device = register_u2f_device u2f_device = register_u2f_device
expect(page.body).to match('Your U2F device was registered') expect(page.body).to match('Your U2F device was registered')
logout logout
# Second user # Second user
login_as(:user) user = login_as(:user)
user.update_attribute(:otp_required_for_login, true)
visit profile_account_path visit profile_account_path
click_on 'Enable Two-Factor Authentication' click_on 'Manage Two-Factor Authentication'
register_u2f_device(u2f_device) register_u2f_device(u2f_device)
expect(page.body).to match('Your U2F device was registered') expect(page.body).to match('Your U2F device was registered')
@ -94,7 +79,7 @@ feature 'Using U2F (Universal 2nd Factor) Devices for Authentication', feature:
context "when there are form errors" do context "when there are form errors" do
it "doesn't register the device if there are errors" do it "doesn't register the device if there are errors" do
visit profile_account_path visit profile_account_path
click_on 'Enable Two-Factor Authentication' click_on 'Manage Two-Factor Authentication'
# Have the "u2f device" respond with bad data # Have the "u2f device" respond with bad data
page.execute_script("u2f.register = function(_,_,_,callback) { callback('bad response'); };") page.execute_script("u2f.register = function(_,_,_,callback) { callback('bad response'); };")
@ -109,7 +94,7 @@ feature 'Using U2F (Universal 2nd Factor) Devices for Authentication', feature:
it "allows retrying registration" do it "allows retrying registration" do
visit profile_account_path visit profile_account_path
click_on 'Enable Two-Factor Authentication' click_on 'Manage Two-Factor Authentication'
# Failed registration # Failed registration
page.execute_script("u2f.register = function(_,_,_,callback) { callback('bad response'); };") page.execute_script("u2f.register = function(_,_,_,callback) { callback('bad response'); };")
@ -133,8 +118,9 @@ feature 'Using U2F (Universal 2nd Factor) Devices for Authentication', feature:
before do before do
# Register and logout # Register and logout
login_as(user) login_as(user)
user.update_attribute(:otp_required_for_login, true)
visit profile_account_path visit profile_account_path
click_on 'Enable Two-Factor Authentication' click_on 'Manage Two-Factor Authentication'
@u2f_device = register_u2f_device @u2f_device = register_u2f_device
logout logout
end end
@ -154,7 +140,7 @@ feature 'Using U2F (Universal 2nd Factor) Devices for Authentication', feature:
describe "when 2FA via OTP is enabled" do describe "when 2FA via OTP is enabled" do
it "allows logging in with the U2F device" do it "allows logging in with the U2F device" do
user.update_attributes(otp_required_for_login: true) user.update_attribute(:otp_required_for_login, true)
login_with(user) login_with(user)
@u2f_device.respond_to_u2f_authentication @u2f_device.respond_to_u2f_authentication
@ -171,8 +157,9 @@ feature 'Using U2F (Universal 2nd Factor) Devices for Authentication', feature:
it "does not allow logging in with that particular device" do it "does not allow logging in with that particular device" do
# Register current user with the different U2F device # Register current user with the different U2F device
current_user = login_as(:user) current_user = login_as(:user)
current_user.update_attribute(:otp_required_for_login, true)
visit profile_account_path visit profile_account_path
click_on 'Enable Two-Factor Authentication' click_on 'Manage Two-Factor Authentication'
register_u2f_device register_u2f_device
logout logout
@ -191,8 +178,9 @@ feature 'Using U2F (Universal 2nd Factor) Devices for Authentication', feature:
it "allows logging in with that particular device" do it "allows logging in with that particular device" do
# Register current user with the same U2F device # Register current user with the same U2F device
current_user = login_as(:user) current_user = login_as(:user)
current_user.update_attribute(:otp_required_for_login, true)
visit profile_account_path visit profile_account_path
click_on 'Enable Two-Factor Authentication' click_on 'Manage Two-Factor Authentication'
register_u2f_device(@u2f_device) register_u2f_device(@u2f_device)
logout logout
@ -227,8 +215,9 @@ feature 'Using U2F (Universal 2nd Factor) Devices for Authentication', feature:
before do before do
login_as(user) login_as(user)
user.update_attribute(:otp_required_for_login, true)
visit profile_account_path visit profile_account_path
click_on 'Enable Two-Factor Authentication' click_on 'Manage Two-Factor Authentication'
register_u2f_device register_u2f_device
end end