public function TfaBasicTestCase::_testAppAndRecoverySetup in TFA Basic plugins 7
1 call to TfaBasicTestCase::_testAppAndRecoverySetup()
File
- tests/
tfa_basic.test, line 62 - tfa_basic.test. Drupal test cases for TFA basic plugins.
Class
- TfaBasicTestCase
- Tests the functionality of the TFA basic plugins.
Code
public function _testAppAndRecoverySetup() {
variable_set('tfa_enabled', FALSE);
$account = $this->web_user;
$this
->drupalLogin($account);
// Enable TFA and begin configuration.
variable_set('tfa_enabled', TRUE);
variable_set('tfa_validate_plugin', 'tfa_basic_totp');
variable_set('tfa_fallback_plugins', array(
'tfa_basic_recovery_code',
));
$this
->drupalGet('user/' . $account->uid . '/security/tfa');
$this
->assertLink($this
->uiStrings('setup-app'));
// Set up application.
$this
->drupalGet('user/' . $account->uid . '/security/tfa/app-setup');
$this
->assertText($this
->uiStrings('password-request'));
// Test incorrect password.
$edit = array(
'current_pass' => $this
->randomName(),
);
$this
->drupalPost(NULL, $edit, 'Confirm');
$this
->assertText($this
->uiStrings('pass-error'));
$edit = array(
'current_pass' => $account->pass_raw,
);
$this
->drupalPost(NULL, $edit, 'Confirm');
$this
->assertText($this
->uiStrings('app-step1'));
$this
->assertFieldById('edit-seed', '', 'Seed input appears');
$this
->assertFieldById('edit-code', '', 'Code input appears');
// Extract and store seed to generate codes with.
$result = $this
->xpath('//input[@name="seed"]');
if (empty($result)) {
$this
->fail('Unable to extract seed from page. Aborting test.');
return;
}
$element = $result[0];
$this->seed = (string) $element['value'];
// Try invalid code.
$edit = array(
'code' => $this
->randomName(),
);
$this
->drupalPost(NULL, $edit, 'Verify and save');
$this
->assertText($this
->uiStrings('invalid-code-retry'));
// Submit valid code.
$edit = array(
'code' => $this->ga
->getCode($this->seed),
);
$this
->drupalPost(NULL, $edit, 'Verify and save');
// Setup recovery codes.
$this
->assertText($this
->uiStrings('set-recovery-codes'));
// Store codes.
$result = $this
->xpath('//li');
while (list(, $node) = each($result)) {
$this->recoveryCodes[] = (string) $node;
}
$this
->drupalPost(NULL, array(), 'Save');
$this
->assertText($this
->uiStrings('setup-complete'));
// Logout to test TFA app process.
$this
->drupalGet('user/logout');
$edit = array(
'name' => $account->name,
'pass' => $account->pass_raw,
);
// Do not use drupalLogin() since it tests for actual login.
$this
->drupalPost('user/login', $edit, 'Log in');
// Get login hash. Could user tfa_login_hash() but would require reloading
// account.
$url_parts = explode('/', $this->url);
$login_hash = array_pop($url_parts);
// Try invalid code.
$edit = array(
'code' => $this
->randomName(),
);
$this
->drupalPost('system/tfa/' . $account->uid . '/' . $login_hash, $edit, 'Verify');
$this
->assertText($this
->uiStrings('invalid-code-retry'));
// Submit valid code.
$edit = array(
'code' => $this->ga
->getCode($this->seed),
);
$this
->drupalPost('system/tfa/' . $account->uid . '/' . $login_hash, $edit, 'Verify');
$this
->assertText('My account');
// Logout to test recovery code process.
$this
->drupalGet('user/logout');
$edit = array(
'name' => $account->name,
'pass' => $account->pass_raw,
);
$this
->drupalPost('user/login', $edit, 'Log in');
$url_parts = explode('/', $this->url);
$login_hash = array_pop($url_parts);
// Begin fallback.
$this
->drupalPost('system/tfa/' . $account->uid . '/' . $login_hash, array(), $this
->uiStrings('fallback-button'));
$this
->assertText($this
->uiStrings('recovery-prompt'));
// Try invalid code.
$edit = array(
'recover' => $this
->randomName(),
);
$this
->drupalPost('system/tfa/' . $account->uid . '/' . $login_hash, $edit, 'Verify');
$this
->assertText($this
->uiStrings('invalid-recovery-code'));
// Submit valid code.
$edit = array(
'recover' => array_pop($this->recoveryCodes),
);
$this
->drupalPost('system/tfa/' . $account->uid . '/' . $login_hash, $edit, 'Verify');
$this
->assertText('My account');
}