bitwarden/mobile
1
0
Fork 0
mirror of https://github.com/bitwarden/mobile synced 2026-02-13 23:03:19 +00:00
Code Issues Releases Wiki Activity
Files
299899f9520912e8023790b28e54095dfd24515f
mobile/test/Core.Test/Services/AssetLinksServiceTest.cs
Federico Maccaroni 299899f952 [PM-7576] Implemented digital asset links verification on Fido2 flows (#3191) 
* PM-7553 Fix native apps passkeys autofill and creation

* PM-7658 Implemented Fido2 priviliged apps verification

* PM-7576 Implemented digital asset links verification on Fido2 flows for native apps.

* PM-7576 Renamed to ValidateAssetLinksAndGetOriginAsync to go along with Google naming and also changed method to private given that public is not necessary

* PM-7576 Moved digital asset links verification to a Core service AssetLinksService and added unit tests for it.
2024-04-25 15:00:01 -03:00

165 lines
6.3 KiB
C#
Raw Blame History

using System;
using System.Collections.Generic;
using System.IO;
using System.Threading.Tasks;
using Bit.Core.Abstractions;
using Bit.Core.Services;
using Bit.Core.Utilities.DigitalAssetLinks;
using Bit.Test.Common.AutoFixture;
using Newtonsoft.Json;
using NSubstitute;
using Xunit;
namespace Bit.Core.Test.Services
{
public class AssetLinksServiceTest : IDisposable
{
private readonly SutProvider<AssetLinksService> _sutProvider = new SutProvider<AssetLinksService>().Create();
private readonly string _validRpId = "example.com";
private readonly string _validPackageName = "com.example.app";
private readonly string _validFingerprint = "00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00";
private List<Statement> Deserialize(string json)
{
return JsonConvert.DeserializeObject<List<Statement>>(json);
}
[Fact]
public async Task ValidateAssetLinksAsync_Returns_True_When_Data_Has_One_Statement_And_One_Fingerprint()
{
// Arrange
_sutProvider.GetDependency<IApiService>()
.GetDigitalAssetLinksForRpAsync(_validRpId)
.Returns(Task.FromResult(Deserialize(BasicAssetLinksTestData.OneStatementOneFingerprintJson())));
// Act
var isValid = await _sutProvider.Sut.ValidateAssetLinksAsync(_validRpId, _validPackageName, _validFingerprint);
// Assert
Assert.True(isValid);
}
[Fact]
public async Task ValidateAssetLinksAsync_Returns_True_When_Data_Has_One_Statement_And_Multiple_Fingerprints()
{
// Arrange
_sutProvider.GetDependency<IApiService>()
.GetDigitalAssetLinksForRpAsync(_validRpId)
.Returns(Task.FromResult(Deserialize(BasicAssetLinksTestData.OneStatementMultipleFingerprintsJson())));
// Act
var isValid = await _sutProvider.Sut.ValidateAssetLinksAsync(_validRpId, _validPackageName, _validFingerprint);
// Assert
Assert.True(isValid);
}
[Fact]
public async Task ValidateAssetLinksAsync_Returns_True_When_Data_Has_Multiple_Statements()
{
// Arrange
_sutProvider.GetDependency<IApiService>()
.GetDigitalAssetLinksForRpAsync(_validRpId)
.Returns(Task.FromResult(Deserialize(BasicAssetLinksTestData.MultipleStatementsJson())));
// Act
var isValid = await _sutProvider.Sut.ValidateAssetLinksAsync(_validRpId, _validPackageName, _validFingerprint);
// Assert
Assert.True(isValid);
}
[Fact]
public async Task ValidateAssetLinksAsync_Returns_False_When_Data_Statement_Has_No_GetLoginCreds_Relation()
{
// Arrange
_sutProvider.GetDependency<IApiService>()
.GetDigitalAssetLinksForRpAsync(_validRpId)
.Returns(Task.FromResult(Deserialize(BasicAssetLinksTestData.OneStatementNoGetLoginCredsRelationJson())));
// Act
var isValid = await _sutProvider.Sut.ValidateAssetLinksAsync(_validRpId, _validPackageName, _validFingerprint);
// Assert
Assert.False(isValid);
}
[Fact]
public async Task ValidateAssetLinksAsync_Returns_False_When_Data_Statement_Has_No_HandleAllUrls_Relation()
{
// Arrange
_sutProvider.GetDependency<IApiService>()
.GetDigitalAssetLinksForRpAsync(_validRpId)
.Returns(Task.FromResult(Deserialize(BasicAssetLinksTestData.OneStatementNoHandleAllUrlsRelationJson())));
// Act
var isValid = await _sutProvider.Sut.ValidateAssetLinksAsync(_validRpId, _validPackageName, _validFingerprint);
// Assert
Assert.False(isValid);
}
[Fact]
public async Task ValidateAssetLinksAsync_Returns_False_When_Data_Statement_Has_Wrong_Namespace()
{
// Arrange
_sutProvider.GetDependency<IApiService>()
.GetDigitalAssetLinksForRpAsync(_validRpId)
.Returns(Task.FromResult(Deserialize(BasicAssetLinksTestData.OneStatementWrongNamespaceJson())));
// Act
var isValid = await _sutProvider.Sut.ValidateAssetLinksAsync(_validRpId, _validPackageName, _validFingerprint);
// Assert
Assert.False(isValid);
}
[Fact]
public async Task ValidateAssetLinksAsync_Returns_False_When_Data_Statement_Has_No_Fingerprints()
{
// Arrange
_sutProvider.GetDependency<IApiService>()
.GetDigitalAssetLinksForRpAsync(_validRpId)
.Returns(Task.FromResult(Deserialize(BasicAssetLinksTestData.OneStatementNoFingerprintsJson())));
// Act
var isValid = await _sutProvider.Sut.ValidateAssetLinksAsync(_validRpId, _validPackageName, _validFingerprint);
// Assert
Assert.False(isValid);
}
[Fact]
public async Task ValidateAssetLinksAsync_Returns_False_When_Data_PackageName_Doesnt_Match()
{
// Arrange
_sutProvider.GetDependency<IApiService>()
.GetDigitalAssetLinksForRpAsync(_validRpId)
.Returns(Task.FromResult(Deserialize(BasicAssetLinksTestData.OneStatementOneFingerprintJson())));
// Act
var isValid = await _sutProvider.Sut.ValidateAssetLinksAsync(_validRpId, "com.foo.another", _validFingerprint);
// Assert
Assert.False(isValid);
}
[Fact]
public async Task ValidateAssetLinksAsync_Returns_False_When_Data_Fingerprint_Doesnt_Match()
{
// Arrange
_sutProvider.GetDependency<IApiService>()
.GetDigitalAssetLinksForRpAsync(_validRpId)
.Returns(Task.FromResult(Deserialize(BasicAssetLinksTestData.OneStatementOneFingerprintJson())));
// Act
var isValid = await _sutProvider.Sut.ValidateAssetLinksAsync(_validRpId, _validPackageName, _validFingerprint.Replace("00", "33"));
// Assert
Assert.False(isValid);
}
public void Dispose() {}
}
}
Reference in New Issue View Git Blame Copy Permalink