summaryrefslogtreecommitdiff
path: root/tests/units/Auth/TotpAuthTest.php
blob: 3a82c01c0b892ec2461675b43a1e328c468949e3 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
<?php

require_once __DIR__.'/../Base.php';

use Kanboard\Auth\TotpAuth;

class TotpAuthTest extends Base
{
    public function testGetName()
    {
        $provider = new TotpAuth($this->container);
        $this->assertEquals('Time-based One-time Password Algorithm', $provider->getName());
    }

    public function testGetSecret()
    {
        $provider = new TotpAuth($this->container);
        $this->assertEmpty($provider->getSecret());

        $provider->generateSecret();
        $secret = $provider->getSecret();

        $this->assertNotEmpty($secret);
        $this->assertEquals($secret, $provider->getSecret());
        $this->assertEquals($secret, $provider->getSecret());
    }

    public function testSetSecret()
    {
        $provider = new TotpAuth($this->container);
        $provider->setSecret('mySecret');
        $this->assertEquals('mySecret', $provider->getSecret());
    }

    public function testGetUrl()
    {
        $provider = new TotpAuth($this->container);

        $this->assertEmpty($provider->getQrCodeUrl('me'));
        $this->assertEmpty($provider->getKeyUrl('me'));

        $provider->setSecret('mySecret');
        $this->assertEquals(
            'https://chart.googleapis.com/chart?chs=200x200&cht=qr&chld=M|0&chl=otpauth%3A%2F%2Ftotp%2Fme%3Fsecret%3DmySecret%26issuer%3DKanboard',
            $provider->getQrCodeUrl('me')
        );

        $this->assertEquals('otpauth://totp/me?secret=mySecret&issuer=Kanboard', $provider->getKeyUrl('me'));
    }

    public function testAuthentication()
    {
        $provider = new TotpAuth($this->container);

        $secret = $provider->generateSecret();
        $this->assertNotEmpty($secret);

        $provider->setCode('1234');
        $this->assertFalse($provider->authenticate());

        if (!!`which oathtool`) {
            $code = shell_exec('oathtool --totp -b '.$secret);
            $provider->setCode(trim($code));
            $this->assertTrue($provider->authenticate());
        }
    }
}