X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/756b55bbffedb6e5fde91f9fbc61f5a382f20705..refs/pull/3365/head:/tests/Auth/MfaConfigurationTest.php

diff --git a/tests/Auth/MfaConfigurationTest.php b/tests/Auth/MfaConfigurationTest.php
index 685aad83a..fab94817c 100644
--- a/tests/Auth/MfaConfigurationTest.php
+++ b/tests/Auth/MfaConfigurationTest.php
@@ -4,6 +4,7 @@ namespace Tests\Auth;
 
 use BookStack\Actions\ActivityType;
 use BookStack\Auth\Access\Mfa\MfaValue;
+use BookStack\Auth\Role;
 use BookStack\Auth\User;
 use PragmaRX\Google2FA\Google2FA;
 use Tests\TestCase;
@@ -38,7 +39,7 @@ class MfaConfigurationTest extends TestCase
         $this->assertTrue($svg === $revisitSvg);
         $secret = decrypt(session()->get('mfa-setup-totp-secret'));
 
-        $resp->assertSee(htmlentities("?secret={$secret}&issuer=BookStack&algorithm=SHA1&digits=6&period=30"));
+        $resp->assertSee("?secret={$secret}&issuer=BookStack&algorithm=SHA1&digits=6&period=30");
 
         // Successful confirmation
         $google2fa = new Google2FA();
@@ -164,4 +165,22 @@ class MfaConfigurationTest extends TestCase
         $this->assertActivityExists(ActivityType::MFA_REMOVE_METHOD);
         $this->assertEquals(0, $admin->mfaValues()->count());
     }
+
+    public function test_totp_setup_url_shows_correct_user_when_setup_forced_upon_login()
+    {
+        $admin = $this->getAdmin();
+        /** @var Role $role */
+        $role = $admin->roles()->first();
+        $role->mfa_enforced = true;
+        $role->save();
+
+        $resp = $this->post('/login', ['email' => $admin->email, 'password' => 'password']);
+        $this->assertFalse(auth()->check());
+        $resp->assertRedirect('/mfa/verify');
+
+        $resp = $this->get('/mfa/totp/generate');
+        $resp->assertSeeText('Mobile App Setup');
+        $resp->assertDontSee('otpauth://totp/BookStack:guest%40example.com', false);
+        $resp->assertSee('otpauth://totp/BookStack:admin%40admin.com', false);
+    }
 }