Covered TOTP setup with testing

diff --git a/tests/Auth/MfaConfigurationTest.php b/tests/Auth/MfaConfigurationTest.php
new file mode 100644 (file)
index 0000000..9407c37
--- /dev/null
+++ b/tests/Auth/MfaConfigurationTest.php
@@ -0,0 +1,52 @@
+<?php
+
+namespace Tests\Auth;
+
+use PragmaRX\Google2FA\Google2FA;
+use Tests\TestCase;
+
+class MfaConfigurationTest extends TestCase
+{
+
+    public function test_totp_setup()
+    {
+        $editor = $this->getEditor();
+        $this->assertDatabaseMissing('mfa_values', ['user_id' => $editor->id]);
+
+        // Setup page state
+        $resp = $this->actingAs($editor)->get('/mfa/setup');
+        $resp->assertElementContains('a[href$="/mfa/totp-generate"]', 'Setup');
+
+        // Generate page access
+        $resp = $this->get('/mfa/totp-generate');
+        $resp->assertSee('Mobile App Setup');
+        $resp->assertSee('Verify Setup');
+        $resp->assertElementExists('form[action$="/mfa/totp-confirm"] button');
+        $this->assertSessionHas('mfa-setup-totp-secret');
+        $svg = $resp->getElementHtml('#main-content .card svg');
+
+        // Validation error, code should remain the same
+        $resp = $this->post('/mfa/totp-confirm', [
+            'code' => 'abc123',
+        ]);
+        $resp->assertRedirect('/mfa/totp-generate');
+        $resp = $this->followRedirects($resp);
+        $resp->assertSee('The provided code is not valid or has expired.');
+        $revisitSvg = $resp->getElementHtml('#main-content .card svg');
+        $this->assertTrue($svg === $revisitSvg);
+
+        // Successful confirmation
+        $google2fa = new Google2FA();
+        $otp = $google2fa->getCurrentOtp(decrypt(session()->get('mfa-setup-totp-secret')));
+        $resp = $this->post('/mfa/totp-confirm', [
+            'code' => $otp,
+        ]);
+        $resp->assertRedirect('/mfa/setup');
+
+        // Confirmation of setup
+        $resp = $this->followRedirects($resp);
+        $resp->assertSee('Multi-factor method successfully configured');
+        $resp->assertElementContains('a[href$="/mfa/totp-generate"]', 'Reconfigure');
+    }
+
+}
\ No newline at end of file

diff --git a/tests/Auth/MfaTotpTest.php b/tests/Auth/MfaTotpTest.php
deleted file mode 100644 (file)
index f922063..0000000
--- a/tests/Auth/MfaTotpTest.php
+++ /dev/null
@@ -1,10 +0,0 @@
-<?php
-
-namespace Tests\Auth;
-
-use Tests\TestCase;
-
-class MfaTotpTest extends TestCase
-{
-    // TODO
-}
\ No newline at end of file

diff --git a/tests/TestResponse.php b/tests/TestResponse.php
index 39a9d796b12a218085e092235ffe21f553d91bd6..79f173c9b1bee136dee5552093c418eb26cb5488 100644 (file)
--- a/tests/TestResponse.php
+++ b/tests/TestResponse.php
@@ -26,6 +26,14 @@ class TestResponse extends BaseTestResponse
         return $this->crawlerInstance;
     }
 
+    /**
+     * Get the HTML of the first element at the given selector.
+     */
+    public function getElementHtml(string $selector): string
+    {
+        return $this->crawler()->filter($selector)->first()->outerHtml();
+    }
+
     /**
      * Assert the response contains the specified element.
      *