You are here

Home » API reference » Two-factor Authentication (TFA) 7.2 » tfa.test » TfaTestCase

public function TfaTestCase::testAuthentication in Two-factor Authentication (TFA) 7.2

Same name and namespace in other branches
  1. 7 tfa.test \TFATestCase::testAuthentication()

Test authentication.

File

tests/tfa.test, line 37
Drupal test cases for TFA.

Class

TfaTestCase
Tests the functionality of the TFA module.

Code

public function testAuthentication() {

  // Enable test plugin.
  variable_set('tfa_validate_plugin', 'tfa_test_send');
  $code = $this
    ->randomName();
  variable_set('tfa_test_code', $code);
  $account = $this->web_user;
  $edit = array(
    'name' => $account->name,
    'pass' => $account->pass_raw,
  );

  // Not using drupalLogin() since it tests for actual login.
  $this
    ->drupalPost('user/login', $edit, 'Log in');

  // Get login hash. Could user tfa_login_hash() but would require reloading
  // account.
  $url_parts = explode('/', $this->url);
  $login_hash = array_pop($url_parts);

  // Check that TFA process has begun.
  $this
    ->assertNoLink('Log out', 'Logout link does not appear');
  $this
    ->assertFieldById('edit-code', '', 'The send code input appears');

  // Confirm no fallback button.
  $this
    ->assertNoFieldById('edit-fallback', '', 'Fallback button does not appear');

  // Confirm validation error.
  $edit = array(
    'code' => $this
      ->randomName(),
  );
  $this
    ->drupalPost('system/tfa/' . $account->uid . '/' . $login_hash, $edit, 'Submit');
  $this
    ->assertText('Invalid sent code', 'Error message appears for random code');

  // Check resend text.
  $this
    ->drupalPost(NULL, array(), 'Resend');
  $this
    ->assertText('Code resent', 'Resent message appears');

  // Confirm login.
  $edit = array(
    'code' => $code,
  );
  $this
    ->drupalPost('system/tfa/' . $account->uid . '/' . $login_hash, $edit, 'Submit');
  $this
    ->assertLink('Log out', 0, 'Logout link appears');
  $this
    ->drupalGet('user/logout');

  // Enable TOTP and two fallback.
  variable_set('tfa_validate_plugin', 'tfa_test_totp');
  variable_set('tfa_fallback_plugins', array(
    'tfa_test_send',
    'tfa_test_fallback',
  ));
  $edit = array(
    'name' => $account->name,
    'pass' => $account->pass_raw,
  );
  $this
    ->drupalPost('user/login', $edit, 'Log in');
  $url_parts = explode('/', $this->url);
  $login_hash = array_pop($url_parts);

  // Check that TOTP has begun.
  $this
    ->assertText('TOTP code', 'TOTP code appears');
  $this
    ->assertFieldById('edit-fallback', '', 'Fallback button appears');

  // Begin fallback.
  $this
    ->drupalPost(NULL, array(), $this
    ->uiStrings('fallback-button'));
  $this
    ->assertText('Enter sent code', 'The send code input appears');

  // Second fallback.
  $this
    ->drupalPost(NULL, array(), $this
    ->uiStrings('fallback-button'));
  $this
    ->assertText('Enter recovery code', 'The recovery code input appears');

  // Confirm validation error.
  $edit = array(
    'recover' => $this
      ->randomName(),
  );
  $this
    ->drupalPost('system/tfa/' . $account->uid . '/' . $login_hash, $edit, 'Submit');
  $this
    ->assertText('Invalid recovery code', 'Error message appears for random code');

  // Confirm login.
  $edit = array(
    'recover' => 'FAILSAFE',
  );
  $this
    ->drupalPost('system/tfa/' . $account->uid . '/' . $login_hash, $edit, 'Submit');
  $this
    ->assertLink('Log out', 0, 'Logout link appears');
}