You are here

public function TfaBasicTestCase::_testAppAndRecoverySetup in TFA Basic plugins 7

1 call to TfaBasicTestCase::_testAppAndRecoverySetup()
TfaBasicTestCase::testTfaBasic in tests/tfa_basic.test

File

tests/tfa_basic.test, line 62
tfa_basic.test. Drupal test cases for TFA basic plugins.

Class

TfaBasicTestCase
Tests the functionality of the TFA basic plugins.

Code

public function _testAppAndRecoverySetup() {
  variable_set('tfa_enabled', FALSE);
  $account = $this->web_user;
  $this
    ->drupalLogin($account);

  // Enable TFA and begin configuration.
  variable_set('tfa_enabled', TRUE);
  variable_set('tfa_validate_plugin', 'tfa_basic_totp');
  variable_set('tfa_fallback_plugins', array(
    'tfa_basic_recovery_code',
  ));
  $this
    ->drupalGet('user/' . $account->uid . '/security/tfa');
  $this
    ->assertLink($this
    ->uiStrings('setup-app'));

  // Set up application.
  $this
    ->drupalGet('user/' . $account->uid . '/security/tfa/app-setup');
  $this
    ->assertText($this
    ->uiStrings('password-request'));

  // Test incorrect password.
  $edit = array(
    'current_pass' => $this
      ->randomName(),
  );
  $this
    ->drupalPost(NULL, $edit, 'Confirm');
  $this
    ->assertText($this
    ->uiStrings('pass-error'));
  $edit = array(
    'current_pass' => $account->pass_raw,
  );
  $this
    ->drupalPost(NULL, $edit, 'Confirm');
  $this
    ->assertText($this
    ->uiStrings('app-step1'));
  $this
    ->assertFieldById('edit-seed', '', 'Seed input appears');
  $this
    ->assertFieldById('edit-code', '', 'Code input appears');

  // Extract and store seed to generate codes with.
  $result = $this
    ->xpath('//input[@name="seed"]');
  if (empty($result)) {
    $this
      ->fail('Unable to extract seed from page. Aborting test.');
    return;
  }
  $element = $result[0];
  $this->seed = (string) $element['value'];

  // Try invalid code.
  $edit = array(
    'code' => $this
      ->randomName(),
  );
  $this
    ->drupalPost(NULL, $edit, 'Verify and save');
  $this
    ->assertText($this
    ->uiStrings('invalid-code-retry'));

  // Submit valid code.
  $edit = array(
    'code' => $this->ga
      ->getCode($this->seed),
  );
  $this
    ->drupalPost(NULL, $edit, 'Verify and save');

  // Setup recovery codes.
  $this
    ->assertText($this
    ->uiStrings('set-recovery-codes'));

  // Store codes.
  $result = $this
    ->xpath('//li');
  while (list(, $node) = each($result)) {
    $this->recoveryCodes[] = (string) $node;
  }
  $this
    ->drupalPost(NULL, array(), 'Save');
  $this
    ->assertText($this
    ->uiStrings('setup-complete'));

  // Logout to test TFA app process.
  $this
    ->drupalGet('user/logout');
  $edit = array(
    'name' => $account->name,
    'pass' => $account->pass_raw,
  );

  // Do not use drupalLogin() since it tests for actual login.
  $this
    ->drupalPost('user/login', $edit, 'Log in');

  // Get login hash. Could user tfa_login_hash() but would require reloading
  // account.
  $url_parts = explode('/', $this->url);
  $login_hash = array_pop($url_parts);

  // Try invalid code.
  $edit = array(
    'code' => $this
      ->randomName(),
  );
  $this
    ->drupalPost('system/tfa/' . $account->uid . '/' . $login_hash, $edit, 'Verify');
  $this
    ->assertText($this
    ->uiStrings('invalid-code-retry'));

  // Submit valid code.
  $edit = array(
    'code' => $this->ga
      ->getCode($this->seed),
  );
  $this
    ->drupalPost('system/tfa/' . $account->uid . '/' . $login_hash, $edit, 'Verify');
  $this
    ->assertText('My account');

  // Logout to test recovery code process.
  $this
    ->drupalGet('user/logout');
  $edit = array(
    'name' => $account->name,
    'pass' => $account->pass_raw,
  );
  $this
    ->drupalPost('user/login', $edit, 'Log in');
  $url_parts = explode('/', $this->url);
  $login_hash = array_pop($url_parts);

  // Begin fallback.
  $this
    ->drupalPost('system/tfa/' . $account->uid . '/' . $login_hash, array(), $this
    ->uiStrings('fallback-button'));
  $this
    ->assertText($this
    ->uiStrings('recovery-prompt'));

  // Try invalid code.
  $edit = array(
    'recover' => $this
      ->randomName(),
  );
  $this
    ->drupalPost('system/tfa/' . $account->uid . '/' . $login_hash, $edit, 'Verify');
  $this
    ->assertText($this
    ->uiStrings('invalid-recovery-code'));

  // Submit valid code.
  $edit = array(
    'recover' => array_pop($this->recoveryCodes),
  );
  $this
    ->drupalPost('system/tfa/' . $account->uid . '/' . $login_hash, $edit, 'Verify');
  $this
    ->assertText('My account');
}