gnh1201/mastodon
1
0
Fork 0
mirror of https://github.com/mastodon/mastodon.git synced 2025-10-06 00:52:42 +00:00
Code Issues Actions 10 Packages Projects Releases Wiki Activity

Simplify QR/OTP generation in 2FA/confirmations spec (#35019)
Some checks are pending
Check i18n / check-i18n (push) Waiting to run
Details
Chromatic / Run Chromatic (push) Waiting to run
Details
CodeQL / Analyze (javascript) (push) Waiting to run
Details
CodeQL / Analyze (ruby) (push) Waiting to run
Details
Check formatting / lint (push) Waiting to run
Details
JavaScript Linting / lint (push) Waiting to run
Details
Ruby Linting / lint (push) Waiting to run
Details
JavaScript Testing / test (push) Waiting to run
Details
Historical data migration test / test (14-alpine) (push) Waiting to run
Details
Historical data migration test / test (15-alpine) (push) Waiting to run
Details
Historical data migration test / test (16-alpine) (push) Waiting to run
Details
Historical data migration test / test (17-alpine) (push) Waiting to run
Details
Ruby Testing / build (production) (push) Waiting to run
Details
Ruby Testing / build (test) (push) Waiting to run
Details
Ruby Testing / test (.ruby-version) (push) Blocked by required conditions
Details
Ruby Testing / test (3.2) (push) Blocked by required conditions
Details
Ruby Testing / test (3.3) (push) Blocked by required conditions
Details
Ruby Testing / ImageMagick tests (.ruby-version) (push) Blocked by required conditions
Details
Ruby Testing / ImageMagick tests (3.2) (push) Blocked by required conditions
Details
Ruby Testing / ImageMagick tests (3.3) (push) Blocked by required conditions
Details
Ruby Testing / End to End testing (.ruby-version) (push) Blocked by required conditions
Details
Ruby Testing / End to End testing (3.2) (push) Blocked by required conditions
Details
Ruby Testing / End to End testing (3.3) (push) Blocked by required conditions
Details
Ruby Testing / Elastic Search integration testing (.ruby-version, docker.elastic.co/elasticsearch/elasticsearch:7.17.13) (push) Blocked by required conditions
Details
Ruby Testing / Elastic Search integration testing (.ruby-version, docker.elastic.co/elasticsearch/elasticsearch:8.10.2) (push) Blocked by required conditions
Details
Ruby Testing / Elastic Search integration testing (.ruby-version, opensearchproject/opensearch:2) (push) Blocked by required conditions
Details
Ruby Testing / Elastic Search integration testing (3.2, docker.elastic.co/elasticsearch/elasticsearch:7.17.13) (push) Blocked by required conditions
Details
Ruby Testing / Elastic Search integration testing (3.3, docker.elastic.co/elasticsearch/elasticsearch:7.17.13) (push) Blocked by required conditions
Details

Browse Source
This commit is contained in:
Matt Jankowski 2025-06-12 02:54:51 -04:00 committed by GitHub
parent 3509064801
commit 1200f70ae7
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 16 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
spec/controllers/settings/two_factor_authentication/confirmations_controller_spec.rb
View File

@ -16,22 +16,30 @@ RSpec.describe Settings::TwoFactorAuthentication::ConfirmationsController do
end end
def qr_code_markup def qr_code_markup
RQRCode::QRCode.new( RQRCode::QRCode
'otpauth://totp/cb6e6126.ngrok.io:local-part%40domain?secret=thisisasecretforthespecofnewview&issuer=cb6e6126.ngrok.io' .new(totp_provisioning_uri)
).as_svg(padding: 0, module_size: 4, use_path: true) .as_svg(padding: 0, module_size: 4, use_path: true)
end
def totp_provisioning_uri
ROTP::TOTP
.new(otp_secret_value, issuer: Rails.configuration.x.local_domain)
.provisioning_uri(user.email)
end end
end end
[true, false].each do |with_otp_secret| [true, false].each do |with_otp_secret|
let(:user) { Fabricate(:user, email: 'local-part@domain', otp_secret: with_otp_secret ? 'oldotpsecret' : nil) } let(:user) { Fabricate(:user, email: 'local-part@domain', otp_secret: with_otp_secret ? 'oldotpsecret' : nil) }
let(:otp_secret_value) { 'thisisasecretforthespecofnewview' }
context 'when signed in' do context 'when signed in' do
before { sign_in user, scope: :user } before { sign_in user, scope: :user }
describe 'GET #new' do describe 'GET #new' do
context 'when a new otp secret has been set in the session' do context 'when a new otp secret has been set in the session' do
subject do subject do
get :new, session: { challenge_passed_at: Time.now.utc, new_otp_secret: 'thisisasecretforthespecofnewview' } get :new, session: { challenge_passed_at: Time.now.utc, new_otp_secret: otp_secret_value }
end end
it_behaves_like 'renders expected page' it_behaves_like 'renders expected page'
@ -47,7 +55,7 @@ RSpec.describe Settings::TwoFactorAuthentication::ConfirmationsController do
describe 'POST #create' do describe 'POST #create' do
describe 'when form_two_factor_confirmation parameter is not provided' do describe 'when form_two_factor_confirmation parameter is not provided' do
it 'raises ActionController::ParameterMissing' do it 'raises ActionController::ParameterMissing' do
post :create, params: {}, session: { challenge_passed_at: Time.now.utc, new_otp_secret: 'thisisasecretforthespecofnewview' } post :create, params: {}, session: { challenge_passed_at: Time.now.utc, new_otp_secret: otp_secret_value }
expect(response).to have_http_status(400) expect(response).to have_http_status(400)
end end
@ -64,7 +72,7 @@ RSpec.describe Settings::TwoFactorAuthentication::ConfirmationsController do
it 'renders page with success' do it 'renders page with success' do
expect { post_create_with_options } expect { post_create_with_options }
.to change { user.reload.otp_secret }.to 'thisisasecretforthespecofnewview' .to change { user.reload.otp_secret }.to otp_secret_value
expect(flash[:notice]) expect(flash[:notice])
.to eq(I18n.t('two_factor_authentication.enabled_success')) .to eq(I18n.t('two_factor_authentication.enabled_success'))
@ -102,7 +110,7 @@ RSpec.describe Settings::TwoFactorAuthentication::ConfirmationsController do
def post_create_with_options def post_create_with_options
post :create, post :create,
params: { form_two_factor_confirmation: { otp_attempt: '123456' } }, params: { form_two_factor_confirmation: { otp_attempt: '123456' } },
session: { challenge_passed_at: Time.now.utc, new_otp_secret: 'thisisasecretforthespecofnewview' } session: { challenge_passed_at: Time.now.utc, new_otp_secret: otp_secret_value }
end end
def prepare_user_otp_generation def prepare_user_otp_generation
@ -112,7 +120,7 @@ RSpec.describe Settings::TwoFactorAuthentication::ConfirmationsController do
end end
def prepare_user_otp_consumption_response(result) def prepare_user_otp_consumption_response(result)
options = { otp_secret: 'thisisasecretforthespecofnewview' } options = { otp_secret: otp_secret_value }
allow(user) allow(user)
.to receive(:validate_and_consume_otp!) .to receive(:validate_and_consume_otp!)
.with('123456', options) .with('123456', options)