about summary refs log tree commit diff
path: root/spec/controllers/auth
diff options
context:
space:
mode:
authorClaire <claire.github-309c@sitedethib.com>2021-09-30 05:26:29 +0200
committerGitHub <noreply@github.com>2021-09-30 05:26:29 +0200
commit24f9ea781850ee8d105aa3e396eaef8499bc5efc (patch)
tree5f961eba4c5878b9e5d653dc4d08f0c02a84f457 /spec/controllers/auth
parent2e549fa2d5963c617a0670245b769e5d276d17e8 (diff)
Fix webauthn secure key authentication (#16792)
* Add tests

* Fix webauthn secure key authentication

Fixes #16769
Diffstat (limited to 'spec/controllers/auth')
-rw-r--r--spec/controllers/auth/sessions_controller_spec.rb29
1 files changed, 29 insertions, 0 deletions
diff --git a/spec/controllers/auth/sessions_controller_spec.rb b/spec/controllers/auth/sessions_controller_spec.rb
index 051a0807d..f718f5dd9 100644
--- a/spec/controllers/auth/sessions_controller_spec.rb
+++ b/spec/controllers/auth/sessions_controller_spec.rb
@@ -519,4 +519,33 @@ RSpec.describe Auth::SessionsController, type: :controller do
       end
     end
   end
+
+  describe 'GET #webauthn_options' do
+    context 'with WebAuthn and OTP enabled as second factor' do
+      let(:domain) { "#{Rails.configuration.x.use_https ? 'https' : 'http' }://#{Rails.configuration.x.web_domain}" }
+
+      let(:fake_client) { WebAuthn::FakeClient.new(domain) }
+
+      let!(:user) do
+        Fabricate(:user, email: 'x@y.com', password: 'abcdefgh', otp_required_for_login: true, otp_secret: User.generate_otp_secret(32))
+      end
+
+      before do
+        user.update(webauthn_id: WebAuthn.generate_user_id)
+        public_key_credential = WebAuthn::Credential.from_create(fake_client.create)
+        user.webauthn_credentials.create(
+          nickname: 'SecurityKeyNickname',
+          external_id: public_key_credential.id,
+          public_key: public_key_credential.public_key,
+          sign_count: '1000'
+        )
+        post :create, params: { user: { email: user.email, password: user.password } }
+      end
+
+      it 'returns http success' do
+        get :webauthn_options
+        expect(response).to have_http_status :ok
+      end
+    end
+  end
 end