Add totp field for Minecraft auth protocol to login into accounts, protected with 2FA [deploy]

2025-05-31 14:11:46 +05:30 · 2021-03-08 11:26:47 +01:00
parent 125caa7e4e
commit 9a3534ea2b
3 changed files with 38 additions and 0 deletions
--- a/api/tests/functional/authserver/AuthorizationCest.php
+++ b/api/tests/functional/authserver/AuthorizationCest.php
@@ -5,6 +5,7 @@ namespace api\tests\functional\authserver;

 use api\tests\FunctionalTester;
 use Codeception\Example;
+use OTPHP\TOTP;
 use Ramsey\Uuid\Uuid;

 class AuthorizationCest {
@@ -91,6 +92,22 @@ class AuthorizationCest {
        ]);
    }

+    public function byEmailWithEnabledTwoFactorAuthAndCorrectToken(FunctionalTester $I) {
+        $I->sendPOST('/api/authserver/authentication/authenticate', [
+            'username' => 'otp@gmail.com',
+            'password' => 'password_0',
+            'totp' => TOTP::create('BBBB')->now(),
+            'clientToken' => Uuid::uuid4()->toString(),
+        ]);
+        $I->canSeeResponseCodeIs(200);
+        $I->canSeeResponseContainsJson([
+            'selectedProfile' => [
+                'id' => '15d0afa7a2bb44d39f31964cbccc6043',
+                'name' => 'AccountWithEnabledOtp',
+            ],
+        ]);
+    }
+
    public function tooLongClientToken(FunctionalTester $I) {
        $I->wantTo('send non uuid clientToken with more then 255 characters length');
        $I->sendPOST('/api/authserver/authentication/authenticate', [
--- a/api/tests/unit/modules/authserver/models/AuthenticationFormTest.php
+++ b/api/tests/unit/modules/authserver/models/AuthenticationFormTest.php
@@ -10,6 +10,7 @@ use common\models\OauthClient;
 use common\models\OauthSession;
 use common\tests\fixtures\AccountFixture;
 use common\tests\fixtures\OauthClientFixture;
+use OTPHP\TOTP;
 use Ramsey\Uuid\Uuid;

 class AuthenticationFormTest extends TestCase {
@@ -51,6 +52,19 @@ class AuthenticationFormTest extends TestCase {
        ], $result['user']);
    }

+    public function testAuthenticateByValidCredentialsWith2FA() {
+        $authForm = new AuthenticationForm();
+        $authForm->username = 'otp@gmail.com';
+        $authForm->password = 'password_0';
+        $authForm->totp = TOTP::create('BBBB')->now();
+        $authForm->clientToken = Uuid::uuid4()->toString();
+
+        // Just ensure that there is no exception
+        $this->expectNotToPerformAssertions();
+
+        $authForm->authenticate();
+    }
+
    /**
     * @dataProvider getInvalidCredentialsCases
     */