diff options
author | Ashley Ellis Pierce <anellis12@gmail.com> | 2022-12-20 16:01:08 -0500 |
---|---|---|
committer | Hiroshi SHIBATA <hsbt@ruby-lang.org> | 2023-04-12 11:51:01 +0900 |
commit | 6275284f025dea81f4fdca8c80534d27263b003a (patch) | |
tree | 6787cc610358f90a001f278d6dab0d9c6eadcf99 /test/rubygems/test_gem_gemcutter_utilities.rb | |
parent | 57bc4cfa283582f7c4c7013bb8a979e0baf3236c (diff) |
[rubygems/rubygems] Ask user to otp at webauthn verification url
https://github.com/rubygems/rubygems/commit/004eadb0c5
Diffstat (limited to 'test/rubygems/test_gem_gemcutter_utilities.rb')
-rw-r--r-- | test/rubygems/test_gem_gemcutter_utilities.rb | 32 |
1 files changed, 28 insertions, 4 deletions
diff --git a/test/rubygems/test_gem_gemcutter_utilities.rb b/test/rubygems/test_gem_gemcutter_utilities.rb index 3c021fed11..1291a39fc3 100644 --- a/test/rubygems/test_gem_gemcutter_utilities.rb +++ b/test/rubygems/test_gem_gemcutter_utilities.rb @@ -231,10 +231,33 @@ class TestGemGemcutterUtilities < Gem::TestCase assert_equal "111111", @fetcher.last_request["OTP"] end - def util_sign_in(response, host = nil, args = [], extra_input = "") - email = "you@example.com" - password = "secret" - profile_response = HTTPResponseFactory.create(body: "mfa: disabled\n", code: 200, msg: "OK") + def test_sign_in_with_webauthn_otp + webauthn_verification_url = "rubygems.org/api/v1/webauthn_verification/odow34b93t6aPCdY" + api_key = "a5fdbb6ba150cbb83aad2bb2fede64cf040453903" + response_fail = "You have enabled multifactor authentication" + + util_sign_in(proc do + @call_count ||= 0 + if (@call_count += 1).odd? + HTTPResponseFactory.create(body: response_fail, code: 401, msg: "Unauthorized") + else + HTTPResponseFactory.create(body: api_key, code: 200, msg: "OK") + end + end, nil, [], "111111\n", webauthn_verification_url) + + assert_match "You have enabled multi-factor authentication. Please enter OTP code from your security device by visiting #{webauthn_verification_url}", @sign_in_ui.output + end + + def util_sign_in(response, host = nil, args = [], extra_input = "", webauthn_url = nil) + email = "you@example.com" + password = "secret" + profile_response = HTTPResponseFactory.create(body: "mfa: disabled\n", code: 200, msg: "OK") + webauthn_response = + if webauthn_url + HTTPResponseFactory.create(body: webauthn_url, code: 200, msg: "OK") + else + HTTPResponseFactory.create(body: "You don't have any security devices", code: 422, msg: "Unprocessable Entity") + end if host ENV["RUBYGEMS_HOST"] = host @@ -245,6 +268,7 @@ class TestGemGemcutterUtilities < Gem::TestCase @fetcher = Gem::FakeFetcher.new @fetcher.data["#{host}/api/v1/api_key"] = response @fetcher.data["#{host}/api/v1/profile/me.yaml"] = profile_response + @fetcher.data["#{host}/api/v1/webauthn_verification"] = webauthn_response Gem::RemoteFetcher.fetcher = @fetcher @sign_in_ui = Gem::MockGemUi.new("#{email}\n#{password}\n\n\n\n\n\n\n\n\n" + extra_input) |