mirror of
https://github.com/bitwarden/browser
synced 2025-12-11 22:03:36 +00:00
acbff6953c
* PM-8113 - Deprecate TwoFactorComponentRefactor feature flag in favor of UnauthenticatedExtensionUIRefresh flag * PM-8113 - Rename all existing 2FA components as V1. * PM-8113 - TwoFactorAuthComp - Add comment explaining that tagged unused import is used a dialog. * PM-8113 - 2FA Auth Comp - deprecate captcha * PM-8113 - LoginStrategySvc - add todo for deprecation of captcha response * PM-8113 - TwoFactorAuth tests - remove captcha * PM-8113 - TwoFactorAuthComp HTML - remove captcha * PM-8113 - Web Two Factor Auth - update deps * PM-8113 - Move all new two-factor-auth components into libs/auth instead of libs/angular/src/auth * PM-8113 - Add new child-components folder to help differentiate between top level page component and child components * PM-8113 - Add todo for browser TwoFactorAuthEmailComponent * PM-8113 - TwoFactorAuth - progress on consolidation * PM-8113 - TwoFactorAuth - add TODO to ensure I don't miss web on success logic * PM-8113 - TwoFactorAuth - Deprecate browser implementation of two-factor-auth and move all logic into single component - WIP * PM-8113 - Bring across 2FA session timeout to new 2FA orchestrator comp * PM-8113 - Export TwoFactorAuth from libs/auth * PM-8113 - Fix 2FA Auth Comp tests by adding new service deps. * PM-8113 - Fix TwoFactorAuthExpiredComp imports + TwoFactorAuthComponent imports on other clients. * PM-8113 - 2FA Auth Comp - Progress on removing onSuccessfulLogin callback * PM-8113 - 2FA Auth - update deps to private as inheritance will no longer be used. * PM-8113 - TwoFactorAuthComp - Refactor init a bit. * PM-8113 - TwoFactorAuthComp - More naming refactors * PM-8113 - TwoFactorAuth - (1) more refactoring (2) removed onSuccessfulLoginNavigate (3) after successful login we always loginEmailService.clearValues() * PM-8113 - TwoFactorAuthComp Tests - clean up tests for removed callbacks. * PM-8113 - TwoFactorAuthComponent - refactor default success route handling * PM-8113 - TwoFactorAuthComp - More refactoring * PM-8113 - TwoFactorAuthComp - more refactors * PM-8113 - TwoFactorAuth - Remove unused service dep * PM-8113 - TwoFactorAuthComp - Refactor out unused button action text and move checks for continue button visibility into component * PM-8113 - TwoFactorAuthComponent - Add type for providerData * PM-8113 - TwoFactorAuthComponent - Add todo * PM-8113 - TwoFactorAuthComponent - Add client type * PM-8113 - TwoFactorAuth - implement browser specific SSO + 2FA logic * PM-8113 - TwoFactorService Abstraction - refactor to use proper functions + mark methods as abstract properly + add null return to getProviders * PM-8113 - Refactor 2FA Guard logic out of ngOnInit and into own tested guard. Updated all routes. * PM-8113 - TwoFactorAuthComponent - WIP on webauthn init. * PM-8113 - TwoFactorAuthComponent - pull webauthn fallback response handling into primary init with checks based on client for if it should be processed. * PM-8113 - TwoFactorAuthComponent - move linux popup width extension logic into ExtensionTwoFactorAuthComponentService * PM-8113 - WebTwoFactorAuthComponentService - add explicit override for web's determineLegacyKeyMigrationAction method. * PM-8113 - Implement new TwoFactorAuthComponentService .openPopoutIfApprovedForEmail2fa to replace extension specific init logic. * PM-8113 - TwoFactorAuthComponent - misc cleanup * PM-8113 - TwoFactorAuthComponent - more clean up * PM-8113 - TwoFactorAuthComponent - WIP on removing TDE callbacks * PM-8113 - TwoFactorAuthComponent - finish refactoring out all callbacks * PM-8113 - TwoFactorAuthComponent - remove now unused method * PM-8113 - TwoFactorAuthComponent - refactor routes. * PM-8113 - TwoFactorAuthComponent - add TODO * PM-8113 - TwoFactorAuthComp - isTrustedDeviceEncEnabled - add undefined check for optional window close. + Add todo * PM-8113 - TwoFactorAuthComponent tests - updated to pass * PM-8113 - (1) Consolidate TwoFactorAuthEmail component into new service architecture (2) Move openPopoutIfApprovedForEmail2fa to new TwoFactorAuthEmailComponentService * PM-8113 - Refactor libs/auth/2fa into barrel files. * PM-8113 - Move TwoFactorAuthEmail content to own folder. * PM-8113 - Move 2FA Duo to own comp folder. * PM-8113 - ExtensionTwoFactorAuthEmailComponentService - Add comment * PM-8113 - TwoFactorAuthEmailComponentService - add docs * PM-8113 - TwoFactorAuthDuoComponentService - define top level abstraction and each clients implementation of the duo2faResultListener * PM-8113 - TwoFactorAuthDuoCompService - add client specific handling for launchDuoFrameless * PM-8113 - Delete no longer used client specific two factor auth duo components. * PM-8113 - Register TwoFactorAuthDuoComponentService implementation in each client. * PM-8113 - TwoFactorAuthComp - add destroy ref to fix warnings. * PM-8113 - Remove accidentally checked in dev change * PM-8113 - TwoFactorAuthComp - (1) Add loading state (2) Add missing CheckboxModule import * PM-8113 - TwoFactorAuthDuoComponent - update takeUntilDestroyed to pass in destroy context as you can't use takeUntilDestroyed in ngOnInit without it. * PM-8113 - TwoFactorAuthWebAuthnComponent - remove no longer necessary webauthn new tab check as webauthn seems to work without it * PM-8113 - TwoFactorAuthWebAuthnComp - refactor names and add todo * PM-8113 - (1) Move WebAuthn 2FA comp to own folder (2) build out client service for new tab logic * PM-8113 - Register TwoFactorAuthWebAuthnComponentServices * PM-8113 - Tweak TwoFactorAuthWebAuthnComponentService and add to TwoFactorAuthWebAuthnComponent * PM-8113 - WebTwoFactorAuthDuoComponentService - fix type issue * PM-8113 - ExtensionTwoFactorAuthDuoComponentService - attempt to fix type issue. * PM-8113 - Remove ts-strict-ignore * PM-8113 - TwoFactorAuthWebAuthnComponent - satisfy strict typescript reqs. * PM-8113 - TwoFactorAuthComponent - some progress on strict TS conversion * PM-8113 - TwoFactorAuthComp - fixed all strict typescript issues. * PM-8113 - TwoFactorAuthComp - remove no longer necessary webauthn code * PM-8113 - ExtensionTwoFactorAuthComponentService - handleSso2faFlowSuccess - add more context * PM-8113 - TwoFactorAuthComp - TDE should use same success handler method * PM-8113 - Fix SSO + 2FA result handling by closing proper popout window * PM-8113 - Add todo * PM-8113 - Webauthn 2FA - As webauthn popout doesn't persist SSO state, have to genercize success logic (which should be a good thing but requires confirmation testing). * PM-8113 - Per main changes, remove deprecated I18nPipe from 2fa comps that use it. * PM-8113 - Remove more incorrect i18nPipes * PM-8113 - TwoFactorAuth + Webauthn - Refactor logic * PM-8113 - TwoFactorAuth - build submitting loading logic * PM-8113 - TwoFactorAuth - remove loading as submitting. * PM-8113 - TwoFactorAuth - update to latest authN session timeout logic * PM-8113 - AuthPopoutWindow - Add new single action popout for email 2FA so we can close it programmatically * PM-8113 - Update ExtensionTwoFactorAuthComponentService to close email 2FA single action popouts. * PM-8113 - Fix build after merge conflict issue * PM-8113 - 2FA - Duo & Email comps - strict typescript adherence. * PM-8113 - TwoFactorAuth - Clean up unused stuff and get tests passing * PM-8113 - Clean up used service method + TODO as I've confirmed it works for other flows. * PM-8113 - TODO: test all comp services * PM-8113 - TwoFactorAuthComponent Tests - fix tests by removing mock of removed method. * PM-8113 - Revert changes to login strategies to avoid scope creep for the sake of typescript strictness. * PM-8113 - ExtensionTwoFactorAuthComponentService tests * PM-8113 - Test ExtensionTwoFactorAuthDuoComponentService * PM-8113 - ExtensionTwoFactorAuthEmailComponentService - add tests * PM-8113 - Test ExtensionTwoFactorAuthWebAuthnComponentService * PM-8113 - Add 2fa icons (icons need tweaking still) * PM-8113 - TwoFactorAuthComponent - add setAnonLayoutDataByTwoFactorProviderType and handle email case as POC * PM-8113 - TwoFactorEmailComp - work on converting to new design * PM-8113 - Update icons with proper svg with scaling via viewbox * PM-8113 - Update icons to use proper classes * PM-8113 - 2FA Auth Comp - Progress on implementing design changes * PM-8113 - TwoFactorOptionsComponent - add todos * PM-8113 - 2fa Email Comp - add style changes per discussion with design * PM-8113 - TwoFactorAuthComponent - use2faRecoveryCode - build out method per discussion with design * PM-8113 - TwoFactorAuthComp - fix comp tests * PM-8113 - TwoFactorAuthComp - progress on adding 2fa provider page icons and subtitles * PM-8113 - Browser Translations - update duoTwoFactorRequiredPageSubtitle to match design discussion * PM-8113 - TwoFactorAuthComp - more work on getting page title / icons working * PM-8113 - Add todo * PM-8113 - TwoFactorAuthDuoComponent Html - remove text that was moved to page subtitle. * PM-8113 - 2FA Auth Comp - Duo icon works * PM-8113 - (1) Add Yubico logo icon (2) Rename Yubikey icon to security key icon * PM-8113 - TwoFactorAuthComp - remove icon from launch duo button per figma * PM-8113 - Mark old two-factor-options component as v1. * PM-8113 - Web - TwoFactorOptionsComponentV1 - Fix import * PM-8113 - Fix more imports * PM-8113 - Adjust translations based on meeting with Design * PM-8113 - TwoFactorOptionsComponent - deprecate recovery code functionality * PM-8113 - TwoFactorOptionsComponent - remove icon disable logic and unused imports * PM-8113 - 2FA Options Comp rewritten to match figma * PM-8113 - TwoFactorOptions - (1) Sort providers like setup screen (2) Add responsive scaling * PM-8113 - Webauthn 2FA - WIP on updating connectors to latest style * PM-8113 - Webauthn connector - clean up commented out code and restore block style * PM-8113 - TwoFactorAuthWebAuthn - Add loading state for iframe until webauthn ready * PM-8113 - Webauthn Iframe - update translation per figma * PM-8113 - TwoFactorAuthComp - per figma, put webauthn after checkbox. * PM-8113 - WebAuthn Fallback connector - UI refreshed * PM-8113 - Two Factor Options - Implement wrapping * PM-8113 - TwoFactorAuthAuthenticator - Remove text per figma * PM-8113 - TwoFactorAuthYubikey - Clean up design per figma * PM-8113 - Refactor all 2FA flows to use either reactive forms or programmatic submission so we get the benefit of onSubmit form validation like we have elsewhere. * PM-8113 - 2FA Auth Comp - for form validated 2FA methods, add enter support. * PM-8113 - TwoFactorAuthComp - Add loginSuccessHandlerService * PM-8113 - DesktopTwoFactorAuthDuoComponentService - add tests * PM-8113 - WebTwoFactorAuthDuoComponentService test file - WIP on tests * PM-8113 - WebTwoFactorAuthDuoComponentService - test listenForDuo2faResult * PM-8113 - TwoFactorAuthComp - (1) remove unused deps (2) get tests passing * PM-8113 - Add required to inputs * PM-8113 - TwoFactorAuth - Save off 2FA providers map so we can only show the select another 2FA method if the user actually has more than 1 configured 2FA method. * PM-8113 - Webauthn iframe styling must be adjusted per client so adjust desktop and browser extension * PM-8113 - TwoFactorAuthComp - Integrate latest ssoLoginService changes * PM-8113 - Desktop & Browser routing modules - add new page title per figma * PM-8113 - WebAuthn - added optional awaiting security key interaction button state to improve UX. * PM-8113 - TwoFactorAuthComp - refactor to avoid reactive race condition with retrieval of active user id. * PM-8113 - ExtensionTwoFactorAuthEmailComponentService - force close the popup since it has stopped closing when the popup opens. * PM-8113 - TwoFactorAuth - refactor enter key press to exempt non-applicable flows from enter key handling * PM-8113 - Refactor ExtensionTwoFactorAuthComponentService methods to solve issues with submission * PM-8113 - TwoFactorAuth - fix programmatic submit of form * PM-8113 - Fix ExtensionTwoFactorAuthComponentService tests * PM-8113 - Extension - Webauthn iframe - remove -10px margin * PM-8113 - Extension Routing module - 2FA screens need back button * PM-8113 - Get Duo working in extension * PM-8113 - TwoFactorOptions - tweak styling of row styling to better work for extension * PM-8113 - TwoFactorWebauthnComp - new tab button styling per figma * PM-8113 - 2FA Comp - Update logic for hiding / showing the remember me checkbox * PM-8113 - TwoFactorAuthWebAuthnComp - new tab flow - fix remember me * PM-8113 - Per PR feedback, add TODO for better provider and module structure for auth component client logic services. * PM-8113 - TwoFactorAuth - add missing TDE offboarding logic. * PM-8113 - TwoFactorAuthComponent tests - fix tests * PM-8113 - 2FA Auth Comp HTML - per PR feedback, remove unnecessary margin bottom * PM-8113 - 2FA Comp - per PR feedback, remove inSsoFlow as it isn't used. * PM-8113 - TwoFactorOptionsComp - Clean up no longer needed emitters. * PM-8113 - TwoFactorOptions - per PR feedback, clean up any usage * PM-8113 - TwoFactorAuthComp - per PR feedback, rename method from selectOtherTwofactorMethod to selectOtherTwoFactorMethod * PM-8113 - Per PR feedback, fix translations misspelling * PM-8113 - TwoFactorAuthSecurityKeyIcon - fix hardcoded value * PM-8113 - TwoFactorAuthSecurityKeyIcon - fix extra " * PM-8113 - TwoFactorAuthDuo - Per PR feedback, remove empty template. * PM-8113 - LooseComponentsModule - re-add accidentally removed component * PM-8113 - TwoFactorAuthWebAuthnIcon - per PR feedback, fix hardcoded stroke value. * PM-8113 - Desktop AppRoutingModule - per PR feedback, remove unnecessary AnonLayoutWrapperComponent component property. * PM-8113 - Update apps/browser/src/auth/services/extension-two-factor-auth-duo-component.service.spec.ts to fix misspelling Co-authored-by: rr-bw <102181210+rr-bw@users.noreply.github.com> * PM-8113 - TwoFactorAuthComp - Per PR feedback, add trim to token value * PM-8113 - TwoFactorService - add typescript strict * PM-8113 - TwoFactorService - per PR feedback, add jsdocs * PM-8113 - Per PR feedback, fix misspelling * PM-8113 - Webauthn fallback - per PR feedback fix stroke * PM-8113 - Update apps/web/src/connectors/webauthn-fallback.html Co-authored-by: rr-bw <102181210+rr-bw@users.noreply.github.com> * PM-8113 - Update libs/auth/src/angular/icons/two-factor-auth/two-factor-auth-webauthn.icon.ts Co-authored-by: rr-bw <102181210+rr-bw@users.noreply.github.com> --------- Co-authored-by: rr-bw <102181210+rr-bw@users.noreply.github.com>
456 lines
19 KiB
TypeScript
456 lines
19 KiB
TypeScript
// FIXME: Update this file to be type safe and remove this and next line
|
|
// @ts-strict-ignore
|
|
import { Component } from "@angular/core";
|
|
import { ComponentFixture, TestBed } from "@angular/core/testing";
|
|
import { ActivatedRoute, convertToParamMap, Router } from "@angular/router";
|
|
import { mock, MockProxy } from "jest-mock-extended";
|
|
import { BehaviorSubject } from "rxjs";
|
|
|
|
// eslint-disable-next-line no-restricted-imports
|
|
import { WINDOW } from "@bitwarden/angular/services/injection-tokens";
|
|
import {
|
|
LoginStrategyServiceAbstraction,
|
|
LoginEmailServiceAbstraction,
|
|
FakeKeyConnectorUserDecryptionOption as KeyConnectorUserDecryptionOption,
|
|
FakeTrustedDeviceUserDecryptionOption as TrustedDeviceUserDecryptionOption,
|
|
FakeUserDecryptionOptions as UserDecryptionOptions,
|
|
UserDecryptionOptionsServiceAbstraction,
|
|
LoginSuccessHandlerService,
|
|
} from "@bitwarden/auth/common";
|
|
import { ApiService } from "@bitwarden/common/abstractions/api.service";
|
|
import { AccountService } from "@bitwarden/common/auth/abstractions/account.service";
|
|
import { InternalMasterPasswordServiceAbstraction } from "@bitwarden/common/auth/abstractions/master-password.service.abstraction";
|
|
import { SsoLoginServiceAbstraction } from "@bitwarden/common/auth/abstractions/sso-login.service.abstraction";
|
|
import { TwoFactorService } from "@bitwarden/common/auth/abstractions/two-factor.service";
|
|
import { AuthenticationType } from "@bitwarden/common/auth/enums/authentication-type";
|
|
import { AuthResult } from "@bitwarden/common/auth/models/domain/auth-result";
|
|
import { ForceSetPasswordReason } from "@bitwarden/common/auth/models/domain/force-set-password-reason";
|
|
import { TokenTwoFactorRequest } from "@bitwarden/common/auth/models/request/identity-token/token-two-factor.request";
|
|
import { FakeMasterPasswordService } from "@bitwarden/common/auth/services/master-password/fake-master-password.service";
|
|
import { AppIdService } from "@bitwarden/common/platform/abstractions/app-id.service";
|
|
import { EnvironmentService } from "@bitwarden/common/platform/abstractions/environment.service";
|
|
import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service";
|
|
import { LogService } from "@bitwarden/common/platform/abstractions/log.service";
|
|
import { PlatformUtilsService } from "@bitwarden/common/platform/abstractions/platform-utils.service";
|
|
import { StateService } from "@bitwarden/common/platform/abstractions/state.service";
|
|
import { FakeAccountService, mockAccountServiceWith } from "@bitwarden/common/spec";
|
|
import { UserId } from "@bitwarden/common/types/guid";
|
|
import { DialogService, ToastService } from "@bitwarden/components";
|
|
|
|
import { AnonLayoutWrapperDataService } from "../anon-layout/anon-layout-wrapper-data.service";
|
|
|
|
import { TwoFactorAuthComponentService } from "./two-factor-auth-component.service";
|
|
import { TwoFactorAuthComponent } from "./two-factor-auth.component";
|
|
|
|
@Component({})
|
|
class TestTwoFactorComponent extends TwoFactorAuthComponent {}
|
|
|
|
describe("TwoFactorAuthComponent", () => {
|
|
let component: TestTwoFactorComponent;
|
|
|
|
let fixture: ComponentFixture<TestTwoFactorComponent>;
|
|
const userId = "userId" as UserId;
|
|
|
|
// Mock Services
|
|
let mockLoginStrategyService: MockProxy<LoginStrategyServiceAbstraction>;
|
|
let mockRouter: MockProxy<Router>;
|
|
let mockI18nService: MockProxy<I18nService>;
|
|
let mockApiService: MockProxy<ApiService>;
|
|
let mockPlatformUtilsService: MockProxy<PlatformUtilsService>;
|
|
let mockWin: MockProxy<Window>;
|
|
let mockStateService: MockProxy<StateService>;
|
|
let mockLogService: MockProxy<LogService>;
|
|
let mockTwoFactorService: MockProxy<TwoFactorService>;
|
|
let mockAppIdService: MockProxy<AppIdService>;
|
|
let mockLoginEmailService: MockProxy<LoginEmailServiceAbstraction>;
|
|
let mockUserDecryptionOptionsService: MockProxy<UserDecryptionOptionsServiceAbstraction>;
|
|
let mockSsoLoginService: MockProxy<SsoLoginServiceAbstraction>;
|
|
let mockMasterPasswordService: FakeMasterPasswordService;
|
|
let mockAccountService: FakeAccountService;
|
|
let mockDialogService: MockProxy<DialogService>;
|
|
let mockToastService: MockProxy<ToastService>;
|
|
let mockTwoFactorAuthCompService: MockProxy<TwoFactorAuthComponentService>;
|
|
let anonLayoutWrapperDataService: MockProxy<AnonLayoutWrapperDataService>;
|
|
let mockEnvService: MockProxy<EnvironmentService>;
|
|
let mockLoginSuccessHandlerService: MockProxy<LoginSuccessHandlerService>;
|
|
|
|
let mockUserDecryptionOpts: {
|
|
noMasterPassword: UserDecryptionOptions;
|
|
withMasterPassword: UserDecryptionOptions;
|
|
withMasterPasswordAndTrustedDevice: UserDecryptionOptions;
|
|
withMasterPasswordAndTrustedDeviceWithManageResetPassword: UserDecryptionOptions;
|
|
withMasterPasswordAndKeyConnector: UserDecryptionOptions;
|
|
noMasterPasswordWithTrustedDevice: UserDecryptionOptions;
|
|
noMasterPasswordWithTrustedDeviceWithManageResetPassword: UserDecryptionOptions;
|
|
noMasterPasswordWithKeyConnector: UserDecryptionOptions;
|
|
};
|
|
|
|
let selectedUserDecryptionOptions: BehaviorSubject<UserDecryptionOptions>;
|
|
|
|
beforeEach(() => {
|
|
mockLoginStrategyService = mock<LoginStrategyServiceAbstraction>();
|
|
mockRouter = mock<Router>();
|
|
mockI18nService = mock<I18nService>();
|
|
mockApiService = mock<ApiService>();
|
|
mockPlatformUtilsService = mock<PlatformUtilsService>();
|
|
mockWin = mock<Window>();
|
|
|
|
mockStateService = mock<StateService>();
|
|
mockLogService = mock<LogService>();
|
|
mockTwoFactorService = mock<TwoFactorService>();
|
|
mockAppIdService = mock<AppIdService>();
|
|
mockLoginEmailService = mock<LoginEmailServiceAbstraction>();
|
|
mockUserDecryptionOptionsService = mock<UserDecryptionOptionsServiceAbstraction>();
|
|
mockSsoLoginService = mock<SsoLoginServiceAbstraction>();
|
|
mockAccountService = mockAccountServiceWith(userId);
|
|
mockMasterPasswordService = new FakeMasterPasswordService();
|
|
mockDialogService = mock<DialogService>();
|
|
mockToastService = mock<ToastService>();
|
|
mockTwoFactorAuthCompService = mock<TwoFactorAuthComponentService>();
|
|
|
|
mockEnvService = mock<EnvironmentService>();
|
|
mockLoginSuccessHandlerService = mock<LoginSuccessHandlerService>();
|
|
|
|
anonLayoutWrapperDataService = mock<AnonLayoutWrapperDataService>();
|
|
|
|
mockUserDecryptionOpts = {
|
|
noMasterPassword: new UserDecryptionOptions({
|
|
hasMasterPassword: false,
|
|
trustedDeviceOption: undefined,
|
|
keyConnectorOption: undefined,
|
|
}),
|
|
withMasterPassword: new UserDecryptionOptions({
|
|
hasMasterPassword: true,
|
|
trustedDeviceOption: undefined,
|
|
keyConnectorOption: undefined,
|
|
}),
|
|
withMasterPasswordAndTrustedDevice: new UserDecryptionOptions({
|
|
hasMasterPassword: true,
|
|
trustedDeviceOption: new TrustedDeviceUserDecryptionOption(true, false, false, false),
|
|
keyConnectorOption: undefined,
|
|
}),
|
|
withMasterPasswordAndTrustedDeviceWithManageResetPassword: new UserDecryptionOptions({
|
|
hasMasterPassword: true,
|
|
trustedDeviceOption: new TrustedDeviceUserDecryptionOption(true, false, true, false),
|
|
keyConnectorOption: undefined,
|
|
}),
|
|
withMasterPasswordAndKeyConnector: new UserDecryptionOptions({
|
|
hasMasterPassword: true,
|
|
trustedDeviceOption: undefined,
|
|
keyConnectorOption: new KeyConnectorUserDecryptionOption("http://example.com"),
|
|
}),
|
|
noMasterPasswordWithTrustedDevice: new UserDecryptionOptions({
|
|
hasMasterPassword: false,
|
|
trustedDeviceOption: new TrustedDeviceUserDecryptionOption(true, false, false, false),
|
|
keyConnectorOption: undefined,
|
|
}),
|
|
noMasterPasswordWithTrustedDeviceWithManageResetPassword: new UserDecryptionOptions({
|
|
hasMasterPassword: false,
|
|
trustedDeviceOption: new TrustedDeviceUserDecryptionOption(true, false, true, false),
|
|
keyConnectorOption: undefined,
|
|
}),
|
|
noMasterPasswordWithKeyConnector: new UserDecryptionOptions({
|
|
hasMasterPassword: false,
|
|
trustedDeviceOption: undefined,
|
|
keyConnectorOption: new KeyConnectorUserDecryptionOption("http://example.com"),
|
|
}),
|
|
};
|
|
|
|
selectedUserDecryptionOptions = new BehaviorSubject<UserDecryptionOptions>(undefined);
|
|
mockUserDecryptionOptionsService.userDecryptionOptions$ = selectedUserDecryptionOptions;
|
|
|
|
TestBed.configureTestingModule({
|
|
declarations: [TestTwoFactorComponent],
|
|
providers: [
|
|
{ provide: LoginStrategyServiceAbstraction, useValue: mockLoginStrategyService },
|
|
{ provide: Router, useValue: mockRouter },
|
|
{ provide: I18nService, useValue: mockI18nService },
|
|
{ provide: ApiService, useValue: mockApiService },
|
|
{ provide: PlatformUtilsService, useValue: mockPlatformUtilsService },
|
|
{ provide: WINDOW, useValue: mockWin },
|
|
{ provide: StateService, useValue: mockStateService },
|
|
{
|
|
provide: ActivatedRoute,
|
|
useValue: {
|
|
snapshot: {
|
|
// Default to standard 2FA flow - not SSO + 2FA
|
|
queryParamMap: convertToParamMap({ sso: "false" }),
|
|
},
|
|
},
|
|
},
|
|
{ provide: LogService, useValue: mockLogService },
|
|
{ provide: TwoFactorService, useValue: mockTwoFactorService },
|
|
{ provide: AppIdService, useValue: mockAppIdService },
|
|
{ provide: LoginEmailServiceAbstraction, useValue: mockLoginEmailService },
|
|
{
|
|
provide: UserDecryptionOptionsServiceAbstraction,
|
|
useValue: mockUserDecryptionOptionsService,
|
|
},
|
|
{ provide: SsoLoginServiceAbstraction, useValue: mockSsoLoginService },
|
|
{ provide: InternalMasterPasswordServiceAbstraction, useValue: mockMasterPasswordService },
|
|
{ provide: AccountService, useValue: mockAccountService },
|
|
{ provide: DialogService, useValue: mockDialogService },
|
|
{ provide: ToastService, useValue: mockToastService },
|
|
{ provide: TwoFactorAuthComponentService, useValue: mockTwoFactorAuthCompService },
|
|
{ provide: EnvironmentService, useValue: mockEnvService },
|
|
{ provide: AnonLayoutWrapperDataService, useValue: anonLayoutWrapperDataService },
|
|
{ provide: LoginSuccessHandlerService, useValue: mockLoginSuccessHandlerService },
|
|
],
|
|
});
|
|
|
|
fixture = TestBed.createComponent(TestTwoFactorComponent);
|
|
component = fixture.componentInstance;
|
|
});
|
|
|
|
afterEach(() => {
|
|
// Reset all mocks after each test
|
|
jest.resetAllMocks();
|
|
});
|
|
|
|
it("should create", () => {
|
|
expect(component).toBeTruthy();
|
|
});
|
|
|
|
// Shared tests
|
|
const testChangePasswordOnSuccessfulLogin = () => {
|
|
it("navigates to the component's defined change password route when user doesn't have a MP and key connector isn't enabled", async () => {
|
|
// Act
|
|
await component.submit("testToken");
|
|
|
|
// Assert
|
|
expect(mockRouter.navigate).toHaveBeenCalledTimes(1);
|
|
expect(mockRouter.navigate).toHaveBeenCalledWith(["set-password"], {
|
|
queryParams: {
|
|
identifier: component.orgSsoIdentifier,
|
|
},
|
|
});
|
|
});
|
|
};
|
|
|
|
const testForceResetOnSuccessfulLogin = (reasonString: string) => {
|
|
it(`navigates to the component's defined forcePasswordResetRoute route when response.forcePasswordReset is ${reasonString}`, async () => {
|
|
// Act
|
|
await component.submit("testToken");
|
|
|
|
// expect(mockRouter.navigate).toHaveBeenCalledTimes(1);
|
|
expect(mockRouter.navigate).toHaveBeenCalledWith(["update-temp-password"], {
|
|
queryParams: {
|
|
identifier: component.orgSsoIdentifier,
|
|
},
|
|
});
|
|
});
|
|
};
|
|
|
|
describe("Standard 2FA scenarios", () => {
|
|
describe("submit", () => {
|
|
const token = "testToken";
|
|
const remember = false;
|
|
const currentAuthTypeSubject = new BehaviorSubject<AuthenticationType>(
|
|
AuthenticationType.Password,
|
|
);
|
|
|
|
beforeEach(() => {
|
|
selectedUserDecryptionOptions.next(mockUserDecryptionOpts.withMasterPassword);
|
|
|
|
mockLoginStrategyService.currentAuthType$ = currentAuthTypeSubject.asObservable();
|
|
});
|
|
|
|
it("calls authService.logInTwoFactor with correct parameters when form is submitted", async () => {
|
|
// Arrange
|
|
mockLoginStrategyService.logInTwoFactor.mockResolvedValue(new AuthResult());
|
|
|
|
// Act
|
|
await component.submit(token, remember);
|
|
|
|
// Assert
|
|
expect(mockLoginStrategyService.logInTwoFactor).toHaveBeenCalledWith(
|
|
new TokenTwoFactorRequest(component.selectedProviderType, token, remember),
|
|
"",
|
|
);
|
|
});
|
|
|
|
it("calls loginEmailService.clearValues() when login is successful", async () => {
|
|
// Arrange
|
|
mockLoginStrategyService.logInTwoFactor.mockResolvedValue(new AuthResult());
|
|
// spy on loginEmailService.clearValues
|
|
const clearValuesSpy = jest.spyOn(mockLoginEmailService, "clearValues");
|
|
|
|
// Act
|
|
await component.submit(token, remember);
|
|
|
|
// Assert
|
|
expect(clearValuesSpy).toHaveBeenCalled();
|
|
});
|
|
|
|
describe("Set Master Password scenarios", () => {
|
|
beforeEach(() => {
|
|
const authResult = new AuthResult();
|
|
mockLoginStrategyService.logInTwoFactor.mockResolvedValue(authResult);
|
|
});
|
|
|
|
describe("Given user needs to set a master password", () => {
|
|
beforeEach(() => {
|
|
// Only need to test the case where the user has no master password to test the primary change mp flow here
|
|
selectedUserDecryptionOptions.next(mockUserDecryptionOpts.noMasterPassword);
|
|
});
|
|
|
|
testChangePasswordOnSuccessfulLogin();
|
|
});
|
|
|
|
it("does not navigate to the change password route when the user has key connector even if user has no master password", async () => {
|
|
selectedUserDecryptionOptions.next(
|
|
mockUserDecryptionOpts.noMasterPasswordWithKeyConnector,
|
|
);
|
|
|
|
await component.submit(token, remember);
|
|
|
|
expect(mockRouter.navigate).not.toHaveBeenCalledWith(["set-password"], {
|
|
queryParams: {
|
|
identifier: component.orgSsoIdentifier,
|
|
},
|
|
});
|
|
});
|
|
});
|
|
|
|
describe("Force Master Password Reset scenarios", () => {
|
|
[
|
|
ForceSetPasswordReason.AdminForcePasswordReset,
|
|
ForceSetPasswordReason.WeakMasterPassword,
|
|
].forEach((forceResetPasswordReason) => {
|
|
const reasonString = ForceSetPasswordReason[forceResetPasswordReason];
|
|
|
|
beforeEach(() => {
|
|
// use standard user with MP because this test is not concerned with password reset.
|
|
selectedUserDecryptionOptions.next(mockUserDecryptionOpts.withMasterPassword);
|
|
|
|
const authResult = new AuthResult();
|
|
authResult.forcePasswordReset = forceResetPasswordReason;
|
|
mockLoginStrategyService.logInTwoFactor.mockResolvedValue(authResult);
|
|
});
|
|
|
|
testForceResetOnSuccessfulLogin(reasonString);
|
|
});
|
|
});
|
|
|
|
it("navigates to the component's defined success route (vault is default) when the login is successful", async () => {
|
|
mockLoginStrategyService.logInTwoFactor.mockResolvedValue(new AuthResult());
|
|
|
|
// Act
|
|
await component.submit("testToken");
|
|
|
|
// Assert
|
|
expect(mockRouter.navigate).toHaveBeenCalledTimes(1);
|
|
expect(mockRouter.navigate).toHaveBeenCalledWith(["vault"], {
|
|
queryParams: {
|
|
identifier: component.orgSsoIdentifier,
|
|
},
|
|
});
|
|
});
|
|
|
|
it.each([
|
|
[AuthenticationType.Sso, "lock"],
|
|
[AuthenticationType.UserApiKey, "lock"],
|
|
])(
|
|
"navigates to the lock component when the authentication type is %s",
|
|
async (authType, expectedRoute) => {
|
|
mockLoginStrategyService.logInTwoFactor.mockResolvedValue(new AuthResult());
|
|
currentAuthTypeSubject.next(authType);
|
|
|
|
// Act
|
|
await component.submit("testToken");
|
|
|
|
// Assert
|
|
expect(mockRouter.navigate).toHaveBeenCalledTimes(1);
|
|
expect(mockRouter.navigate).toHaveBeenCalledWith(["lock"], {
|
|
queryParams: {
|
|
identifier: component.orgSsoIdentifier,
|
|
},
|
|
});
|
|
},
|
|
);
|
|
});
|
|
});
|
|
|
|
describe("SSO > 2FA scenarios", () => {
|
|
beforeEach(() => {
|
|
const mockActivatedRoute = TestBed.inject(ActivatedRoute);
|
|
mockActivatedRoute.snapshot.queryParamMap.get = jest.fn().mockReturnValue("true");
|
|
});
|
|
|
|
describe("submit", () => {
|
|
const token = "testToken";
|
|
const remember = false;
|
|
|
|
describe("Trusted Device Encryption scenarios", () => {
|
|
describe("Given Trusted Device Encryption is enabled and user needs to set a master password", () => {
|
|
beforeEach(() => {
|
|
selectedUserDecryptionOptions.next(
|
|
mockUserDecryptionOpts.noMasterPasswordWithTrustedDeviceWithManageResetPassword,
|
|
);
|
|
|
|
const authResult = new AuthResult();
|
|
authResult.userId = userId;
|
|
mockLoginStrategyService.logInTwoFactor.mockResolvedValue(authResult);
|
|
});
|
|
|
|
it("navigates to the login-initiated route and sets correct flag when user doesn't have a MP and key connector isn't enabled", async () => {
|
|
// Act
|
|
await component.submit(token, remember);
|
|
|
|
// Assert
|
|
expect(mockMasterPasswordService.mock.setForceSetPasswordReason).toHaveBeenCalledWith(
|
|
ForceSetPasswordReason.TdeUserWithoutPasswordHasPasswordResetPermission,
|
|
userId,
|
|
);
|
|
|
|
expect(mockRouter.navigate).toHaveBeenCalledTimes(1);
|
|
expect(mockRouter.navigate).toHaveBeenCalledWith(["login-initiated"]);
|
|
});
|
|
});
|
|
|
|
describe("Given Trusted Device Encryption is enabled, user doesn't need to set a MP, and forcePasswordReset is required", () => {
|
|
[
|
|
ForceSetPasswordReason.AdminForcePasswordReset,
|
|
ForceSetPasswordReason.WeakMasterPassword,
|
|
].forEach((forceResetPasswordReason) => {
|
|
const reasonString = ForceSetPasswordReason[forceResetPasswordReason];
|
|
|
|
beforeEach(() => {
|
|
// use standard user with MP because this test is not concerned with password reset.
|
|
selectedUserDecryptionOptions.next(
|
|
mockUserDecryptionOpts.withMasterPasswordAndTrustedDevice,
|
|
);
|
|
|
|
const authResult = new AuthResult();
|
|
authResult.forcePasswordReset = forceResetPasswordReason;
|
|
mockLoginStrategyService.logInTwoFactor.mockResolvedValue(authResult);
|
|
});
|
|
|
|
testForceResetOnSuccessfulLogin(reasonString);
|
|
});
|
|
});
|
|
|
|
describe("Given Trusted Device Encryption is enabled, user doesn't need to set a MP, and forcePasswordReset is not required", () => {
|
|
let authResult;
|
|
beforeEach(() => {
|
|
selectedUserDecryptionOptions.next(
|
|
mockUserDecryptionOpts.withMasterPasswordAndTrustedDevice,
|
|
);
|
|
|
|
authResult = new AuthResult();
|
|
authResult.forcePasswordReset = ForceSetPasswordReason.None;
|
|
mockLoginStrategyService.logInTwoFactor.mockResolvedValue(authResult);
|
|
});
|
|
|
|
it("navigates to the login-initiated route when login is successful", async () => {
|
|
await component.submit(token, remember);
|
|
|
|
expect(mockRouter.navigate).toHaveBeenCalledTimes(1);
|
|
expect(mockRouter.navigate).toHaveBeenCalledWith(["login-initiated"]);
|
|
});
|
|
});
|
|
});
|
|
});
|
|
});
|
|
});
|