You are here

Home » API reference » Google Authenticator login 8 » GALoginTotpValidationPluginTest.php » GALoginTotpValidationPluginTest

public function GALoginTotpValidationPluginTest::testTotpLogin in Google Authenticator login 8

Test that a user can login with GALoginTotpValidation.

File

tests/src/Functional/GALoginTotpValidationPluginTest.php, line 106

Class

GALoginTotpValidationPluginTest
Class GALoginTotpValidationPluginTest.

Namespace

Drupal\Tests\ga_login\Functional

Code

public function testTotpLogin() {
  $assert = $this
    ->assertSession();
  $edit = [
    'name' => $this->userAccount
      ->getAccountName(),
    'pass' => $this->userAccount->passRaw,
  ];
  $this
    ->drupalPostForm('user/login', $edit, 'Log in');
  $assert
    ->statusCodeEquals(200);
  $assert
    ->pageTextContains('Verification code is application generated and 6 digits long.');

  // Try invalid code.
  $edit = [
    'code' => 112233,
  ];
  $this
    ->drupalPostForm(NULL, $edit, 'Verify');
  $assert
    ->statusCodeEquals(200);
  $assert
    ->pageTextContains('Invalid application code. Please try again.');

  // Try a code that is 30 minutes old.
  $this->validationPlugin->auth->otp
    ->setTotpOffset(-1800);
  $old_code = $this->validationPlugin->auth->otp
    ->totp(Encoding::base32DecodeUpper($this->seed));
  $edit = [
    'code' => $old_code,
  ];
  $this
    ->drupalPostForm(NULL, $edit, 'Verify');
  $assert
    ->statusCodeEquals(200);
  $assert
    ->pageTextContains('Invalid application code. Please try again.');

  // Try valid code. We need to offset the timing on Totp so that we don't
  // generate the same code we used during setup.
  $this->validationPlugin->auth->otp
    ->setTotpOffset($this->validationPlugin
    ->getTimeSkew() * 30);
  $valid_code = $this->validationPlugin->auth->otp
    ->totp(Encoding::base32DecodeUpper($this->seed));
  $edit = [
    'code' => $valid_code,
  ];
  $this
    ->drupalPostForm(NULL, $edit, 'Verify');
  $assert
    ->statusCodeEquals(200);
  $assert
    ->pageTextContains($this->userAccount
    ->getDisplayName());

  // Check for replay attack.
  $this
    ->drupalLogout();
  $edit = [
    'name' => $this->userAccount
      ->getAccountName(),
    'pass' => $this->userAccount->passRaw,
  ];
  $this
    ->drupalPostForm('user/login', $edit, 'Log in');
  $assert
    ->statusCodeEquals(200);
  $assert
    ->pageTextContains('Verification code is application generated and 6 digits long.');
  $edit = [
    'code' => $valid_code,
  ];
  $this
    ->drupalPostForm(NULL, $edit, 'Verify');
  $assert
    ->statusCodeEquals(200);
  $assert
    ->pageTextContains('Invalid code, it was recently used for a login. Please try a new code.');
}