bitwarden/mobile
1
0
Fork 0
mirror of https://github.com/bitwarden/mobile synced 2025-12-05 23:53:33 +00:00
Code Issues Releases Wiki Activity

[PM-5731] feat: add rp mismatch test

Browse Source
This commit is contained in:
Andreas Coroiu
2024-01-18 10:15:21 +01:00
parent 32c2f2aac4
commit cc89b6a5d5
2 changed files with 52 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
src/Core/Services/Fido2AuthenticatorService.cs
View File

@@ -5,6 +5,13 @@ namespace Bit.Core.Services
{ {
public class Fido2AuthenticatorService : IFido2AuthenticatorService public class Fido2AuthenticatorService : IFido2AuthenticatorService
{ {
private ICipherService _cipherService;
public Fido2AuthenticatorService(ICipherService cipherService)
{
_cipherService = cipherService;
}
public Task<Fido2AuthenticatorGetAssertionResult> GetAssertionAsync(Fido2AuthenticatorGetAssertionParams assertionParams) public Task<Fido2AuthenticatorGetAssertionResult> GetAssertionAsync(Fido2AuthenticatorGetAssertionParams assertionParams)
{ {
throw new NotAllowedError(); throw new NotAllowedError();

58
test/Core.Test/Services/Fido2AuthenticatorTests.cs
View File

@@ -1,7 +1,10 @@
using System;
using System.Threading.Tasks; using System.Threading.Tasks;
using Bit.Core.Abstractions; using Bit.Core.Abstractions;
using Bit.Core.Exceptions; using Bit.Core.Exceptions;
using Bit.Core.Services; using Bit.Core.Services;
using Bit.Core.Models.Domain;
using Bit.Core.Models.View;
using Bit.Core.Test.AutoFixture; using Bit.Core.Test.AutoFixture;
using Bit.Core.Utilities.Fido2; using Bit.Core.Utilities.Fido2;
using Bit.Test.Common.AutoFixture; using Bit.Test.Common.AutoFixture;
@@ -9,29 +12,58 @@ using Bit.Test.Common.AutoFixture.Attributes;
using NSubstitute; using NSubstitute;
using NSubstitute.ExceptionExtensions; using NSubstitute.ExceptionExtensions;
using Xunit; using Xunit;
using Bit.Core.Utilities;
using System.Collections.Generic;
namespace Bit.Core.Test.Services namespace Bit.Core.Test.Services
{ {
public class Fido2AuthenticatorTests public class Fido2AuthenticatorTests
{ {
#region missing non-discoverable credential
// Spec: If credentialOptions is now empty, return an error code equivalent to "NotAllowedError" and terminate the operation. // Spec: If credentialOptions is now empty, return an error code equivalent to "NotAllowedError" and terminate the operation.
[Theory, SutAutoData] [Theory]
public async Task GetAssertionAsync_Throws_NoCredentialExists(Fido2AuthenticatorService sut) [InlineCustomAutoData(new[] { typeof(SutProviderCustomization) })]
public async Task GetAssertionAsync_Throws_NoCredentialExists(SutProvider<Fido2AuthenticatorService> sutProvider, Fido2AuthenticatorGetAssertionParams aParams)
{ {
var assertionParams = CreateAssertionParams(); var exception = await Assert.ThrowsAsync<NotAllowedError>(() => sutProvider.Sut.GetAssertionAsync(aParams));
var exception = await Assert.ThrowsAsync<NotAllowedError>(() => sut.GetAssertionAsync(assertionParams));
} }
private Fido2AuthenticatorGetAssertionParams CreateAssertionParams() [Theory]
[InlineCustomAutoData(new[] { typeof(SutProviderCustomization) })]
public async Task GetAssertionAsync_Throws_CredentialExistsButRpIdDoesNotMatch(SutProvider<Fido2AuthenticatorService> sutProvider, Fido2AuthenticatorGetAssertionParams aParams)
{ {
return new Fido2AuthenticatorGetAssertionParams var credentialId = RandomBytes(32);
{ aParams.RpId = "bitwarden.com";
RpId = "bitwarden.com", aParams.AllowCredentialDescriptorList = [
Hash = new byte[32], new PublicKeyCredentialDescriptor {
AllowCredentialDescriptorList = new PublicKeyCredentialDescriptor[0], Id = credentialId,
RequireUserVerification = true, Type = "public-key"
Extensions = new object() }
}; ];
sutProvider.GetDependency<ICipherService>().GetAllDecryptedAsync().Returns(new List<CipherView> {
new CipherView {
Login = new LoginView {
Fido2Credentials = new List<Fido2CredentialView> {
new Fido2CredentialView {
CredentialId = CoreHelpers.Base64UrlEncode(credentialId),
RpId = "mismatch-rpid"
}
}
}
}
});
var exception = await Assert.ThrowsAsync<NotAllowedError>(() => sutProvider.Sut.GetAssertionAsync(aParams));
}
#endregion
private byte[] RandomBytes(int length)
{
var bytes = new byte[length];
new Random().NextBytes(bytes);
return bytes;
} }
} }
} }