Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Léo-Paul Géneau
gitlab-ce
Commits
298eb449
Commit
298eb449
authored
Jun 14, 2016
by
Timothy Andrew
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Update `u2f_spec` to cover U2F being disabled until authenticator is set up.
parent
fbb06125
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
23 additions
and
34 deletions
+23
-34
spec/features/u2f_spec.rb
spec/features/u2f_spec.rb
+23
-34
No files found.
spec/features/u2f_spec.rb
View file @
298eb449
...
@@ -12,39 +12,24 @@ feature 'Using U2F (Universal 2nd Factor) Devices for Authentication', feature:
...
@@ -12,39 +12,24 @@ feature 'Using U2F (Universal 2nd Factor) Devices for Authentication', feature:
describe
"registration"
do
describe
"registration"
do
let
(
:user
)
{
create
(
:user
)
}
let
(
:user
)
{
create
(
:user
)
}
before
{
login_as
(
user
)
}
describe
'when 2FA via OTP is disabled'
do
before
do
it
'allows registering a new device'
do
login_as
(
user
)
visit
profile_account_path
user
.
update_attribute
(
:otp_required_for_login
,
true
)
click_on
'Enable Two-Factor Authentication'
end
register_u2f_device
expect
(
page
.
body
).
to
match
(
'Your U2F device was registered'
)
describe
'when 2FA via OTP is disabled'
do
end
before
{
user
.
update_attribute
(
:otp_required_for_login
,
false
)
}
it
'
allows registering more than one
device'
do
it
'
does not allow registering a new
device'
do
visit
profile_account_path
visit
profile_account_path
# First device
click_on
'Enable Two-Factor Authentication'
click_on
'Enable Two-Factor Authentication'
register_u2f_device
expect
(
page
.
body
).
to
match
(
'Your U2F device was registered'
)
# Second device
click_on
'Manage Two-Factor Authentication'
register_u2f_device
expect
(
page
.
body
).
to
match
(
'Your U2F device was registered'
)
click_on
'Manage Two-Factor Authentication'
expect
(
page
.
body
).
to
match
(
'You have 2 U2F devices registered'
)
expect
(
page
).
to
have_button
(
'Setup New U2F Device'
,
disabled:
true
)
end
end
end
end
describe
'when 2FA via OTP is enabled'
do
describe
'when 2FA via OTP is enabled'
do
before
{
user
.
update_attributes
(
otp_required_for_login:
true
)
}
it
'allows registering a new device'
do
it
'allows registering a new device'
do
visit
profile_account_path
visit
profile_account_path
click_on
'Manage Two-Factor Authentication'
click_on
'Manage Two-Factor Authentication'
...
@@ -67,7 +52,6 @@ feature 'Using U2F (Universal 2nd Factor) Devices for Authentication', feature:
...
@@ -67,7 +52,6 @@ feature 'Using U2F (Universal 2nd Factor) Devices for Authentication', feature:
click_on
'Manage Two-Factor Authentication'
click_on
'Manage Two-Factor Authentication'
register_u2f_device
register_u2f_device
expect
(
page
.
body
).
to
match
(
'Your U2F device was registered'
)
expect
(
page
.
body
).
to
match
(
'Your U2F device was registered'
)
click_on
'Manage Two-Factor Authentication'
click_on
'Manage Two-Factor Authentication'
expect
(
page
.
body
).
to
match
(
'You have 2 U2F devices registered'
)
expect
(
page
.
body
).
to
match
(
'You have 2 U2F devices registered'
)
end
end
...
@@ -76,15 +60,16 @@ feature 'Using U2F (Universal 2nd Factor) Devices for Authentication', feature:
...
@@ -76,15 +60,16 @@ feature 'Using U2F (Universal 2nd Factor) Devices for Authentication', feature:
it
'allows the same device to be registered for multiple users'
do
it
'allows the same device to be registered for multiple users'
do
# First user
# First user
visit
profile_account_path
visit
profile_account_path
click_on
'
Enabl
e Two-Factor Authentication'
click_on
'
Manag
e Two-Factor Authentication'
u2f_device
=
register_u2f_device
u2f_device
=
register_u2f_device
expect
(
page
.
body
).
to
match
(
'Your U2F device was registered'
)
expect
(
page
.
body
).
to
match
(
'Your U2F device was registered'
)
logout
logout
# Second user
# Second user
login_as
(
:user
)
user
=
login_as
(
:user
)
user
.
update_attribute
(
:otp_required_for_login
,
true
)
visit
profile_account_path
visit
profile_account_path
click_on
'
Enabl
e Two-Factor Authentication'
click_on
'
Manag
e Two-Factor Authentication'
register_u2f_device
(
u2f_device
)
register_u2f_device
(
u2f_device
)
expect
(
page
.
body
).
to
match
(
'Your U2F device was registered'
)
expect
(
page
.
body
).
to
match
(
'Your U2F device was registered'
)
...
@@ -94,7 +79,7 @@ feature 'Using U2F (Universal 2nd Factor) Devices for Authentication', feature:
...
@@ -94,7 +79,7 @@ feature 'Using U2F (Universal 2nd Factor) Devices for Authentication', feature:
context
"when there are form errors"
do
context
"when there are form errors"
do
it
"doesn't register the device if there are errors"
do
it
"doesn't register the device if there are errors"
do
visit
profile_account_path
visit
profile_account_path
click_on
'
Enabl
e Two-Factor Authentication'
click_on
'
Manag
e Two-Factor Authentication'
# Have the "u2f device" respond with bad data
# Have the "u2f device" respond with bad data
page
.
execute_script
(
"u2f.register = function(_,_,_,callback) { callback('bad response'); };"
)
page
.
execute_script
(
"u2f.register = function(_,_,_,callback) { callback('bad response'); };"
)
...
@@ -109,7 +94,7 @@ feature 'Using U2F (Universal 2nd Factor) Devices for Authentication', feature:
...
@@ -109,7 +94,7 @@ feature 'Using U2F (Universal 2nd Factor) Devices for Authentication', feature:
it
"allows retrying registration"
do
it
"allows retrying registration"
do
visit
profile_account_path
visit
profile_account_path
click_on
'
Enabl
e Two-Factor Authentication'
click_on
'
Manag
e Two-Factor Authentication'
# Failed registration
# Failed registration
page
.
execute_script
(
"u2f.register = function(_,_,_,callback) { callback('bad response'); };"
)
page
.
execute_script
(
"u2f.register = function(_,_,_,callback) { callback('bad response'); };"
)
...
@@ -133,8 +118,9 @@ feature 'Using U2F (Universal 2nd Factor) Devices for Authentication', feature:
...
@@ -133,8 +118,9 @@ feature 'Using U2F (Universal 2nd Factor) Devices for Authentication', feature:
before
do
before
do
# Register and logout
# Register and logout
login_as
(
user
)
login_as
(
user
)
user
.
update_attribute
(
:otp_required_for_login
,
true
)
visit
profile_account_path
visit
profile_account_path
click_on
'
Enabl
e Two-Factor Authentication'
click_on
'
Manag
e Two-Factor Authentication'
@u2f_device
=
register_u2f_device
@u2f_device
=
register_u2f_device
logout
logout
end
end
...
@@ -154,7 +140,7 @@ feature 'Using U2F (Universal 2nd Factor) Devices for Authentication', feature:
...
@@ -154,7 +140,7 @@ feature 'Using U2F (Universal 2nd Factor) Devices for Authentication', feature:
describe
"when 2FA via OTP is enabled"
do
describe
"when 2FA via OTP is enabled"
do
it
"allows logging in with the U2F device"
do
it
"allows logging in with the U2F device"
do
user
.
update_attribute
s
(
otp_required_for_login:
true
)
user
.
update_attribute
(
:otp_required_for_login
,
true
)
login_with
(
user
)
login_with
(
user
)
@u2f_device
.
respond_to_u2f_authentication
@u2f_device
.
respond_to_u2f_authentication
...
@@ -171,8 +157,9 @@ feature 'Using U2F (Universal 2nd Factor) Devices for Authentication', feature:
...
@@ -171,8 +157,9 @@ feature 'Using U2F (Universal 2nd Factor) Devices for Authentication', feature:
it
"does not allow logging in with that particular device"
do
it
"does not allow logging in with that particular device"
do
# Register current user with the different U2F device
# Register current user with the different U2F device
current_user
=
login_as
(
:user
)
current_user
=
login_as
(
:user
)
current_user
.
update_attribute
(
:otp_required_for_login
,
true
)
visit
profile_account_path
visit
profile_account_path
click_on
'
Enabl
e Two-Factor Authentication'
click_on
'
Manag
e Two-Factor Authentication'
register_u2f_device
register_u2f_device
logout
logout
...
@@ -191,8 +178,9 @@ feature 'Using U2F (Universal 2nd Factor) Devices for Authentication', feature:
...
@@ -191,8 +178,9 @@ feature 'Using U2F (Universal 2nd Factor) Devices for Authentication', feature:
it
"allows logging in with that particular device"
do
it
"allows logging in with that particular device"
do
# Register current user with the same U2F device
# Register current user with the same U2F device
current_user
=
login_as
(
:user
)
current_user
=
login_as
(
:user
)
current_user
.
update_attribute
(
:otp_required_for_login
,
true
)
visit
profile_account_path
visit
profile_account_path
click_on
'
Enabl
e Two-Factor Authentication'
click_on
'
Manag
e Two-Factor Authentication'
register_u2f_device
(
@u2f_device
)
register_u2f_device
(
@u2f_device
)
logout
logout
...
@@ -227,8 +215,9 @@ feature 'Using U2F (Universal 2nd Factor) Devices for Authentication', feature:
...
@@ -227,8 +215,9 @@ feature 'Using U2F (Universal 2nd Factor) Devices for Authentication', feature:
before
do
before
do
login_as
(
user
)
login_as
(
user
)
user
.
update_attribute
(
:otp_required_for_login
,
true
)
visit
profile_account_path
visit
profile_account_path
click_on
'
Enabl
e Two-Factor Authentication'
click_on
'
Manag
e Two-Factor Authentication'
register_u2f_device
register_u2f_device
end
end
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment