Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Jérome Perrin
gitlab-ce
Commits
298eb449
Commit
298eb449
authored
Jun 14, 2016
by
Timothy Andrew
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Update `u2f_spec` to cover U2F being disabled until authenticator is set up.
parent
fbb06125
Changes
1
Show whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
23 additions
and
34 deletions
+23
-34
spec/features/u2f_spec.rb
spec/features/u2f_spec.rb
+23
-34
No files found.
spec/features/u2f_spec.rb
View file @
298eb449
...
...
@@ -12,39 +12,24 @@ feature 'Using U2F (Universal 2nd Factor) Devices for Authentication', feature:
describe
"registration"
do
let
(
:user
)
{
create
(
:user
)
}
before
{
login_as
(
user
)
}
describe
'when 2FA via OTP is disabled'
do
it
'allows registering a new device'
do
visit
profile_account_path
click_on
'Enable Two-Factor Authentication'
register_u2f_device
expect
(
page
.
body
).
to
match
(
'Your U2F device was registered'
)
before
do
login_as
(
user
)
user
.
update_attribute
(
:otp_required_for_login
,
true
)
end
it
'allows registering more than one device
'
do
visit
profile_account_path
describe
'when 2FA via OTP is disabled
'
do
before
{
user
.
update_attribute
(
:otp_required_for_login
,
false
)
}
# First device
it
'does not allow registering a new device'
do
visit
profile_account_path
click_on
'Enable Two-Factor Authentication'
register_u2f_device
expect
(
page
.
body
).
to
match
(
'Your U2F device was registered'
)
# Second device
click_on
'Manage Two-Factor Authentication'
register_u2f_device
expect
(
page
.
body
).
to
match
(
'Your U2F device was registered'
)
click_on
'Manage Two-Factor Authentication'
expect
(
page
.
body
).
to
match
(
'You have 2 U2F devices registered'
)
expect
(
page
).
to
have_button
(
'Setup New U2F Device'
,
disabled:
true
)
end
end
describe
'when 2FA via OTP is enabled'
do
before
{
user
.
update_attributes
(
otp_required_for_login:
true
)
}
it
'allows registering a new device'
do
visit
profile_account_path
click_on
'Manage Two-Factor Authentication'
...
...
@@ -67,7 +52,6 @@ feature 'Using U2F (Universal 2nd Factor) Devices for Authentication', feature:
click_on
'Manage Two-Factor Authentication'
register_u2f_device
expect
(
page
.
body
).
to
match
(
'Your U2F device was registered'
)
click_on
'Manage Two-Factor Authentication'
expect
(
page
.
body
).
to
match
(
'You have 2 U2F devices registered'
)
end
...
...
@@ -76,15 +60,16 @@ feature 'Using U2F (Universal 2nd Factor) Devices for Authentication', feature:
it
'allows the same device to be registered for multiple users'
do
# First user
visit
profile_account_path
click_on
'
Enabl
e Two-Factor Authentication'
click_on
'
Manag
e Two-Factor Authentication'
u2f_device
=
register_u2f_device
expect
(
page
.
body
).
to
match
(
'Your U2F device was registered'
)
logout
# Second user
login_as
(
:user
)
user
=
login_as
(
:user
)
user
.
update_attribute
(
:otp_required_for_login
,
true
)
visit
profile_account_path
click_on
'
Enabl
e Two-Factor Authentication'
click_on
'
Manag
e Two-Factor Authentication'
register_u2f_device
(
u2f_device
)
expect
(
page
.
body
).
to
match
(
'Your U2F device was registered'
)
...
...
@@ -94,7 +79,7 @@ feature 'Using U2F (Universal 2nd Factor) Devices for Authentication', feature:
context
"when there are form errors"
do
it
"doesn't register the device if there are errors"
do
visit
profile_account_path
click_on
'
Enabl
e Two-Factor Authentication'
click_on
'
Manag
e Two-Factor Authentication'
# Have the "u2f device" respond with bad data
page
.
execute_script
(
"u2f.register = function(_,_,_,callback) { callback('bad response'); };"
)
...
...
@@ -109,7 +94,7 @@ feature 'Using U2F (Universal 2nd Factor) Devices for Authentication', feature:
it
"allows retrying registration"
do
visit
profile_account_path
click_on
'
Enabl
e Two-Factor Authentication'
click_on
'
Manag
e Two-Factor Authentication'
# Failed registration
page
.
execute_script
(
"u2f.register = function(_,_,_,callback) { callback('bad response'); };"
)
...
...
@@ -133,8 +118,9 @@ feature 'Using U2F (Universal 2nd Factor) Devices for Authentication', feature:
before
do
# Register and logout
login_as
(
user
)
user
.
update_attribute
(
:otp_required_for_login
,
true
)
visit
profile_account_path
click_on
'
Enabl
e Two-Factor Authentication'
click_on
'
Manag
e Two-Factor Authentication'
@u2f_device
=
register_u2f_device
logout
end
...
...
@@ -154,7 +140,7 @@ feature 'Using U2F (Universal 2nd Factor) Devices for Authentication', feature:
describe
"when 2FA via OTP is enabled"
do
it
"allows logging in with the U2F device"
do
user
.
update_attribute
s
(
otp_required_for_login:
true
)
user
.
update_attribute
(
:otp_required_for_login
,
true
)
login_with
(
user
)
@u2f_device
.
respond_to_u2f_authentication
...
...
@@ -171,8 +157,9 @@ feature 'Using U2F (Universal 2nd Factor) Devices for Authentication', feature:
it
"does not allow logging in with that particular device"
do
# Register current user with the different U2F device
current_user
=
login_as
(
:user
)
current_user
.
update_attribute
(
:otp_required_for_login
,
true
)
visit
profile_account_path
click_on
'
Enabl
e Two-Factor Authentication'
click_on
'
Manag
e Two-Factor Authentication'
register_u2f_device
logout
...
...
@@ -191,8 +178,9 @@ feature 'Using U2F (Universal 2nd Factor) Devices for Authentication', feature:
it
"allows logging in with that particular device"
do
# Register current user with the same U2F device
current_user
=
login_as
(
:user
)
current_user
.
update_attribute
(
:otp_required_for_login
,
true
)
visit
profile_account_path
click_on
'
Enabl
e Two-Factor Authentication'
click_on
'
Manag
e Two-Factor Authentication'
register_u2f_device
(
@u2f_device
)
logout
...
...
@@ -227,8 +215,9 @@ feature 'Using U2F (Universal 2nd Factor) Devices for Authentication', feature:
before
do
login_as
(
user
)
user
.
update_attribute
(
:otp_required_for_login
,
true
)
visit
profile_account_path
click_on
'
Enabl
e Two-Factor Authentication'
click_on
'
Manag
e Two-Factor Authentication'
register_u2f_device
end
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment