$resp = $this->get('/mfa/verify');
$resp->assertSee('Verify Access');
$resp->assertSee('Enter the code, generated using your mobile app, below:');
- $resp->assertElementExists('form[action$="/mfa/totp/verify"] input[name="code"]');
+ $this->withHtml($resp)->assertElementExists('form[action$="/mfa/totp/verify"] input[name="code"][autofocus]');
$google2fa = new Google2FA();
$resp = $this->post('/mfa/totp/verify', [
$resp->assertSee('Verify Access');
$resp->assertSee('Backup Code');
$resp->assertSee('Enter one of your remaining backup codes below:');
- $resp->assertElementExists('form[action$="/mfa/backup_codes/verify"] input[name="code"]');
+ $this->withHtml($resp)->assertElementExists('form[action$="/mfa/backup_codes/verify"] input[name="code"]');
$resp = $this->post('/mfa/backup_codes/verify', [
'code' => $codes[1],
public function test_both_mfa_options_available_if_set_on_profile()
{
- $user = $this->getEditor();
+ $user = $this->users->editor();
$user->password = Hash::make('password');
$user->save();
]);
// Totp shown by default
- $mfaView->assertElementExists('form[action$="/mfa/totp/verify"] input[name="code"]');
- $mfaView->assertElementContains('a[href$="/mfa/verify?method=backup_codes"]', 'Verify using a backup code');
+ $this->withHtml($mfaView)->assertElementExists('form[action$="/mfa/totp/verify"] input[name="code"]');
+ $this->withHtml($mfaView)->assertElementContains('a[href$="/mfa/verify?method=backup_codes"]', 'Verify using a backup code');
// Ensure can view backup_codes view
$resp = $this->get('/mfa/verify?method=backup_codes');
- $resp->assertElementExists('form[action$="/mfa/backup_codes/verify"] input[name="code"]');
- $resp->assertElementContains('a[href$="/mfa/verify?method=totp"]', 'Verify using a mobile app');
+ $this->withHtml($resp)->assertElementExists('form[action$="/mfa/backup_codes/verify"] input[name="code"]');
+ $this->withHtml($resp)->assertElementContains('a[href$="/mfa/verify?method=totp"]', 'Verify using a mobile app');
}
public function test_mfa_required_with_no_methods_leads_to_setup()
{
- $user = $this->getEditor();
+ $user = $this->users->editor();
$user->password = Hash::make('password');
$user->save();
/** @var Role $role */
]);
$resp->assertSeeText('No Methods Configured');
- $resp->assertElementContains('a[href$="/mfa/setup"]', 'Configure');
+ $this->withHtml($resp)->assertElementContains('a[href$="/mfa/setup"]', 'Configure');
$this->get('/mfa/backup_codes/generate');
$resp = $this->post('/mfa/backup_codes/confirm');
// Attempted login user, who has configured mfa, access
// Sets up user that has MFA required after attempted login.
$loginService = $this->app->make(LoginService::class);
- $user = $this->getEditor();
+ $user = $this->users->editor();
/** @var Role $role */
$role = $user->roles->first();
$role->mfa_enforced = true;
}
}
+ public function test_login_mfa_interception_does_not_log_error()
+ {
+ $logHandler = $this->withTestLogger();
+
+ [$user, $secret, $loginResp] = $this->startTotpLogin();
+
+ $loginResp->assertRedirect('/mfa/verify');
+ $this->assertFalse($logHandler->hasErrorRecords());
+ }
+
/**
- * @return Array<User, string, TestResponse>
+ * @return array<User, string, TestResponse>
*/
protected function startTotpLogin(): array
{
$secret = $this->app->make(TotpService::class)->generateSecret();
- $user = $this->getEditor();
+ $user = $this->users->editor();
$user->password = Hash::make('password');
$user->save();
MfaValue::upsertWithValue($user, MfaValue::METHOD_TOTP, $secret);
}
/**
- * @return Array<User, string, TestResponse>
+ * @return array<User, string, TestResponse>
*/
protected function startBackupCodeLogin($codes = ['kzzu6-1pgll', 'bzxnf-plygd', 'bwdsp-ysl51', '1vo93-ioy7n', 'lf7nw-wdyka', 'xmtrd-oplac']): array
{
- $user = $this->getEditor();
+ $user = $this->users->editor();
$user->password = Hash::make('password');
$user->save();
MfaValue::upsertWithValue($user, MfaValue::METHOD_BACKUP_CODES, json_encode($codes));
projects / bookstack / blobdiff