You are here

Home » API reference » TFA Basic plugins 7 » tfa_basic.test » TfaBasicTestCase

public function TfaBasicTestCase::testTotpReplay in TFA Basic plugins 7

File

tests/tfa_basic.test, line 205
tfa_basic.test. Drupal test cases for TFA basic plugins.

Class

TfaBasicTestCase
Tests the functionality of the TFA basic plugins.

Code

public function testTotpReplay() {
  variable_set('tfa_enabled', TRUE);
  variable_set('tfa_validate_plugin', 'tfa_basic_totp');
  $account = $this
    ->drupalCreateUser(array(
    'access content',
    'setup own tfa',
  ));
  $edit = array(
    'name' => $account->name,
    'pass' => $account->pass_raw,
  );
  $this
    ->drupalPost('user/login', $edit, 'Log in');

  // Set up application.
  $this
    ->drupalGet('user/' . $account->uid . '/security/tfa/app-setup');
  $pass_form = array(
    'current_pass' => $account->pass_raw,
  );
  $this
    ->drupalPost(NULL, $pass_form, 'Confirm');
  $result = $this
    ->xpath('//input[@name="seed"]');
  if (empty($result)) {
    $this
      ->fail('Unable to extract seed from page. Aborting test.');
    return;
  }
  $element = $result[0];
  $this->seed = (string) $element['value'];

  // Submit valid code.
  $code_form = array(
    'code' => $this->ga
      ->getCode($this->seed),
  );
  $this
    ->drupalPost(NULL, $code_form, 'Verify and save');
  $this
    ->drupalLogout();
  $edit = array(
    'name' => $account->name,
    'pass' => $account->pass_raw,
  );
  $this
    ->drupalPost('user/login', $edit, 'Log in');
  $url_parts = explode('/', $this->url);
  $login_hash = array_pop($url_parts);

  // Submit valid code.
  $code = $this->ga
    ->getCode($this->seed);
  $code_form = array(
    'code' => $code,
  );
  $this
    ->drupalPost('system/tfa/' . $account->uid . '/' . $login_hash, $code_form, 'Verify');
  $this
    ->assertText('My account');

  // Logout and retry same code.
  $this
    ->drupalLogout();
  $edit = array(
    'name' => $account->name,
    'pass' => $account->pass_raw,
  );
  $this
    ->drupalPost('user/login', $edit, 'Log in');
  $url_parts = explode('/', $this->url);
  $login_hash = array_pop($url_parts);
  $code_form = array(
    'code' => $code,
  );
  $this
    ->drupalPost('system/tfa/' . $account->uid . '/' . $login_hash, $code_form, 'Verify');
  $this
    ->assertNoText('My account');
  $this
    ->assertText($this
    ->uiStrings('tfa-replay'));

  // Set expire time and run cron to delete saved code to log in.
  variable_set('tfa_basic_accepted_code_expiration', '0');
  $this
    ->cronRun();
  $code_form = array(
    'code' => $code,
  );
  $this
    ->drupalPost('system/tfa/' . $account->uid . '/' . $login_hash, $code_form, 'Verify');
  $this
    ->assertText('My account');
}