From 3954a87d65f004e5148597ffa927dc7b9eef6fb8 Mon Sep 17 00:00:00 2001
From: Jenny Shen <jenny.shen@shopify.com>
Date: Tue, 11 Jul 2023 00:40:05 -0400
Subject: [rubygems/rubygems] Create MultifactorAuthFetcher to reduce
 duplication among tests

https://github.com/rubygems/rubygems/commit/dead211206
---
 test/rubygems/test_gem_commands_push_command.rb | 89 +++++++------------------
 1 file changed, 23 insertions(+), 66 deletions(-)

(limited to 'test/rubygems/test_gem_commands_push_command.rb')

diff --git a/test/rubygems/test_gem_commands_push_command.rb b/test/rubygems/test_gem_commands_push_command.rb
index b364c34865..1f003f6ac6 100644
--- a/test/rubygems/test_gem_commands_push_command.rb
+++ b/test/rubygems/test_gem_commands_push_command.rb
@@ -1,6 +1,7 @@
 # frozen_string_literal: true
 
 require_relative "helper"
+require_relative "multifactor_auth_fetcher"
 require "rubygems/commands/push_command"
 require "rubygems/config_file"
 
@@ -26,7 +27,7 @@ class TestGemCommandsPushCommand < Gem::TestCase
     @host = "https://rubygems.example"
     @api_key = Gem.configuration.rubygems_api_key
 
-    @fetcher = Gem::FakeFetcher.new
+    @fetcher = Gem::MultifactorAuthFetcher.new
     Gem::RemoteFetcher.fetcher = @fetcher
 
     @cmd = Gem::Commands::PushCommand.new
@@ -386,15 +387,9 @@ class TestGemCommandsPushCommand < Gem::TestCase
   end
 
   def test_otp_verified_success
-    response_fail = "You have enabled multifactor authentication but your request doesn't have the correct OTP code. Please check it and retry."
     response_success = "Successfully registered gem: freewill (1.0.0)"
 
-    @fetcher.data["#{Gem.host}/api/v1/gems"] = [
-      HTTPResponseFactory.create(body: response_fail, code: 401, msg: "Unauthorized"),
-      HTTPResponseFactory.create(body: response_success, code: 200, msg: "OK"),
-    ]
-    @fetcher.data["#{Gem.host}/api/v1/webauthn_verification"] =
-      HTTPResponseFactory.create(body: "You don't have any security devices", code: 422, msg: "Unprocessable Entity")
+    @fetcher.respond_with_require_otp("#{Gem.host}/api/v1/gems", response_success)
 
     @otp_ui = Gem::MockGemUi.new "111111\n"
     use_ui @otp_ui do
@@ -427,22 +422,12 @@ class TestGemCommandsPushCommand < Gem::TestCase
   end
 
   def test_with_webauthn_enabled_success
-    webauthn_verification_url = "rubygems.org/api/v1/webauthn_verification/odow34b93t6aPCdY"
-    response_fail = "You have enabled multifactor authentication but your request doesn't have the correct OTP code. Please check it and retry."
     response_success = "Successfully registered gem: freewill (1.0.0)"
     port = 5678
     server = TCPServer.new(port)
 
-    @fetcher.data["#{Gem.host}/api/v1/gems"] = [
-      HTTPResponseFactory.create(body: response_fail, code: 401, msg: "Unauthorized"),
-      HTTPResponseFactory.create(body: response_success, code: 200, msg: "OK"),
-    ]
-    @fetcher.data["#{Gem.host}/api/v1/webauthn_verification"] = HTTPResponseFactory.create(body: webauthn_verification_url, code: 200, msg: "OK")
-    @fetcher.data["#{Gem.host}/api/v1/webauthn_verification/odow34b93t6aPCdY/status.json"] = Gem::HTTPResponseFactory.create(
-      body: "{\"status\":\"pending\",\"message\":\"Security device authentication is still pending.\"}",
-      code: 200,
-      msg: "OK"
-    )
+    @fetcher.respond_with_require_otp("#{Gem.host}/api/v1/gems", response_success)
+    @fetcher.respond_with_webauthn_url
 
     TCPServer.stub(:new, server) do
       Gem::GemcutterUtilities::WebauthnListener.stub(:listener_thread, Thread.new { Thread.current[:otp] = "Uvh6T57tkWuUnWYo" }) do
@@ -454,31 +439,22 @@ class TestGemCommandsPushCommand < Gem::TestCase
       server.close
     end
 
-    url_with_port = "#{webauthn_verification_url}?port=#{port}"
-    assert_match "You have enabled multi-factor authentication. Please visit #{url_with_port} to authenticate via security device. If you can't verify using WebAuthn but have OTP enabled, you can re-run the gem signin command with the `--otp [your_code]` option.", @ui.output
+    assert_match "You have enabled multi-factor authentication. Please visit #{@fetcher.webauthn_url_with_port(port)} " \
+      "to authenticate via security device. If you can't verify using WebAuthn but have OTP enabled, " \
+      "you can re-run the gem signin command with the `--otp [your_code]` option.", @ui.output
     assert_match "You are verified with a security device. You may close the browser window.", @ui.output
     assert_equal "Uvh6T57tkWuUnWYo", @fetcher.last_request["OTP"]
     assert_match response_success, @ui.output
   end
 
   def test_with_webauthn_enabled_failure
-    webauthn_verification_url = "rubygems.org/api/v1/webauthn_verification/odow34b93t6aPCdY"
-    response_fail = "You have enabled multifactor authentication but your request doesn't have the correct OTP code. Please check it and retry."
     response_success = "Successfully registered gem: freewill (1.0.0)"
     port = 5678
     server = TCPServer.new(port)
     error = Gem::WebauthnVerificationError.new("Something went wrong")
 
-    @fetcher.data["#{Gem.host}/api/v1/gems"] = [
-      HTTPResponseFactory.create(body: response_fail, code: 401, msg: "Unauthorized"),
-      HTTPResponseFactory.create(body: response_success, code: 200, msg: "OK"),
-    ]
-    @fetcher.data["#{Gem.host}/api/v1/webauthn_verification"] = HTTPResponseFactory.create(body: webauthn_verification_url, code: 200, msg: "OK")
-    @fetcher.data["#{Gem.host}/api/v1/webauthn_verification/odow34b93t6aPCdY/status.json"] = Gem::HTTPResponseFactory.create(
-      body: "{\"status\":\"pending\",\"message\":\"Security device authentication is still pending.\"}",
-      code: 200,
-      msg: "OK"
-    )
+    @fetcher.respond_with_require_otp("#{Gem.host}/api/v1/gems", response_success)
+    @fetcher.respond_with_webauthn_url
 
     error = assert_raise Gem::MockGemUi::TermError do
       TCPServer.stub(:new, server) do
@@ -494,30 +470,22 @@ class TestGemCommandsPushCommand < Gem::TestCase
     assert_equal 1, error.exit_code
 
     assert_match @fetcher.last_request["Authorization"], Gem.configuration.rubygems_api_key
-    url_with_port = "#{webauthn_verification_url}?port=#{port}"
-    assert_match "You have enabled multi-factor authentication. Please visit #{url_with_port} to authenticate via security device. If you can't verify using WebAuthn but have OTP enabled, you can re-run the gem signin command with the `--otp [your_code]` option.", @ui.output
+    assert_match "You have enabled multi-factor authentication. Please visit #{@fetcher.webauthn_url_with_port(port)} " \
+      "to authenticate via security device. If you can't verify using WebAuthn but have OTP enabled, " \
+      "you can re-run the gem signin command with the `--otp [your_code]` option.", @ui.output
     assert_match "ERROR:  Security device verification failed: Something went wrong", @ui.error
     refute_match "You are verified with a security device. You may close the browser window.", @ui.output
     refute_match response_success, @ui.output
   end
 
   def test_with_webauthn_enabled_success_with_polling
-    webauthn_verification_url = "rubygems.org/api/v1/webauthn_verification/odow34b93t6aPCdY"
-    response_fail = "You have enabled multifactor authentication but your request doesn't have the correct OTP code. Please check it and retry."
     response_success = "Successfully registered gem: freewill (1.0.0)"
     port = 5678
     server = TCPServer.new(port)
 
-    @fetcher.data["#{Gem.host}/api/v1/gems"] = [
-      HTTPResponseFactory.create(body: response_fail, code: 401, msg: "Unauthorized"),
-      HTTPResponseFactory.create(body: response_success, code: 200, msg: "OK"),
-    ]
-    @fetcher.data["#{Gem.host}/api/v1/webauthn_verification"] = HTTPResponseFactory.create(body: webauthn_verification_url, code: 200, msg: "OK")
-    @fetcher.data["#{Gem.host}/api/v1/webauthn_verification/odow34b93t6aPCdY/status.json"] = Gem::HTTPResponseFactory.create(
-      body: "{\"status\":\"success\",\"code\":\"Uvh6T57tkWuUnWYo\"}",
-      code: 200,
-      msg: "OK"
-    )
+    @fetcher.respond_with_require_otp("#{Gem.host}/api/v1/gems", response_success)
+    @fetcher.respond_with_webauthn_url
+    @fetcher.respond_with_webauthn_polling("Uvh6T57tkWuUnWYo")
 
     TCPServer.stub(:new, server) do
       use_ui @ui do
@@ -527,32 +495,22 @@ class TestGemCommandsPushCommand < Gem::TestCase
       server.close
     end
 
-    url_with_port = "#{webauthn_verification_url}?port=#{port}"
-    assert_match "You have enabled multi-factor authentication. Please visit #{url_with_port} to authenticate " \
-      "via security device. If you can't verify using WebAuthn but have OTP enabled, you can re-run the gem signin " \
-      "command with the `--otp [your_code]` option.", @ui.output
+    assert_match "You have enabled multi-factor authentication. Please visit #{@fetcher.webauthn_url_with_port(port)} " \
+      "to authenticate via security device. If you can't verify using WebAuthn but have OTP enabled, " \
+      "you can re-run the gem signin command with the `--otp [your_code]` option.", @ui.output
     assert_match "You are verified with a security device. You may close the browser window.", @ui.output
     assert_equal "Uvh6T57tkWuUnWYo", @fetcher.last_request["OTP"]
     assert_match response_success, @ui.output
   end
 
   def test_with_webauthn_enabled_failure_with_polling
-    webauthn_verification_url = "rubygems.org/api/v1/webauthn_verification/odow34b93t6aPCdY"
-    response_fail = "You have enabled multifactor authentication but your request doesn't have the correct OTP code. Please check it and retry."
     response_success = "Successfully registered gem: freewill (1.0.0)"
     port = 5678
     server = TCPServer.new(port)
 
-    @fetcher.data["#{Gem.host}/api/v1/gems"] = [
-      HTTPResponseFactory.create(body: response_fail, code: 401, msg: "Unauthorized"),
-      HTTPResponseFactory.create(body: response_success, code: 200, msg: "OK"),
-    ]
-    @fetcher.data["#{Gem.host}/api/v1/webauthn_verification"] = HTTPResponseFactory.create(body: webauthn_verification_url, code: 200, msg: "OK")
-    @fetcher.data["#{Gem.host}/api/v1/webauthn_verification/odow34b93t6aPCdY/status.json"] = Gem::HTTPResponseFactory.create(
-      body: "{\"status\":\"expired\",\"message\":\"The token in the link you used has either expired or been used already.\"}",
-      code: 200,
-      msg: "OK"
-    )
+    @fetcher.respond_with_require_otp("#{Gem.host}/api/v1/gems", response_success)
+    @fetcher.respond_with_webauthn_url
+    @fetcher.respond_with_webauthn_polling_failure
 
     error = assert_raise Gem::MockGemUi::TermError do
       TCPServer.stub(:new, server) do
@@ -566,8 +524,7 @@ class TestGemCommandsPushCommand < Gem::TestCase
     assert_equal 1, error.exit_code
 
     assert_match @fetcher.last_request["Authorization"], Gem.configuration.rubygems_api_key
-    url_with_port = "#{webauthn_verification_url}?port=#{port}"
-    assert_match "You have enabled multi-factor authentication. Please visit #{url_with_port} to authenticate " \
+    assert_match "You have enabled multi-factor authentication. Please visit #{@fetcher.webauthn_url_with_port(port)} to authenticate " \
       "via security device. If you can't verify using WebAuthn but have OTP enabled, you can re-run the gem signin " \
       "command with the `--otp [your_code]` option.", @ui.output
     assert_match "ERROR:  Security device verification failed: The token in the link you used has either expired " \
-- 
cgit v1.2.3