2019-04-25 04:52:08 +07:00
|
|
|
import { POST_Expect403, GET_Expect403 } from "../../../helpers/utils/Requests";
|
2019-02-10 05:20:37 +07:00
|
|
|
|
|
|
|
export default function() {
|
|
|
|
// POST
|
2019-04-25 04:52:08 +07:00
|
|
|
it('should return 403 error when posting to https://login.example.com:8080/api/secondfactor/totp', async function() {
|
|
|
|
await POST_Expect403('https://login.example.com:8080/api/secondfactor/totp', { token: 'MALICIOUS_TOKEN' });
|
2019-02-10 05:20:37 +07:00
|
|
|
});
|
|
|
|
|
2019-04-25 04:52:08 +07:00
|
|
|
it('should return 403 error when posting to https://login.example.com:8080/api/secondfactor/u2f/sign', async function() {
|
|
|
|
await POST_Expect403('https://login.example.com:8080/api/secondfactor/u2f/sign');
|
2019-02-10 05:20:37 +07:00
|
|
|
});
|
|
|
|
|
2019-04-25 04:52:08 +07:00
|
|
|
it('should return 403 error when posting to https://login.example.com:8080/api/secondfactor/u2f/register', async function() {
|
|
|
|
await POST_Expect403('https://login.example.com:8080/api/secondfactor/u2f/register');
|
2019-02-10 05:20:37 +07:00
|
|
|
});
|
|
|
|
|
2019-04-25 04:52:08 +07:00
|
|
|
it('should return 403 error on GET to https://login.example.com:8080/api/secondfactor/u2f/sign_request', async function() {
|
|
|
|
await POST_Expect403('https://login.example.com:8080/api/secondfactor/u2f/sign_request');
|
|
|
|
});
|
|
|
|
|
|
|
|
it('should return 403 error when posting to https://login.example.com:8080/api/secondfactor/preferences', async function() {
|
|
|
|
await POST_Expect403('https://login.example.com:8080/api/secondfactor/preferences');
|
2019-02-10 05:20:37 +07:00
|
|
|
});
|
|
|
|
|
2019-04-25 04:52:08 +07:00
|
|
|
it('should return 403 error on GET to https://login.example.com:8080/api/secondfactor/preferences', async function() {
|
|
|
|
await GET_Expect403('https://login.example.com:8080/api/secondfactor/preferences');
|
|
|
|
});
|
|
|
|
|
|
|
|
it('should return 403 error on GET to https://login.example.com:8080/api/secondfactor/available', async function() {
|
|
|
|
await GET_Expect403('https://login.example.com:8080/api/secondfactor/available');
|
2019-02-10 05:20:37 +07:00
|
|
|
});
|
|
|
|
|
|
|
|
|
|
|
|
describe('Identity validation endpoints blocked to unauthenticated users', function() {
|
2019-04-25 04:52:08 +07:00
|
|
|
it('should return 403 error on POST to https://login.example.com:8080/api/secondfactor/u2f/identity/start', async function() {
|
|
|
|
await POST_Expect403('https://login.example.com:8080/api/secondfactor/u2f/identity/start');
|
2019-02-10 05:20:37 +07:00
|
|
|
});
|
|
|
|
|
2019-04-25 04:52:08 +07:00
|
|
|
it('should return 403 error on POST to https://login.example.com:8080/api/secondfactor/u2f/identity/finish', async function() {
|
|
|
|
await POST_Expect403('https://login.example.com:8080/api/secondfactor/u2f/identity/finish');
|
2019-02-10 05:20:37 +07:00
|
|
|
});
|
|
|
|
|
2019-04-25 04:52:08 +07:00
|
|
|
it('should return 403 error on POST to https://login.example.com:8080/api/secondfactor/totp/identity/start', async function() {
|
|
|
|
await POST_Expect403('https://login.example.com:8080/api/secondfactor/totp/identity/start');
|
2019-02-10 05:20:37 +07:00
|
|
|
});
|
|
|
|
|
2019-04-25 04:52:08 +07:00
|
|
|
it('should return 403 error on POST to https://login.example.com:8080/api/secondfactor/totp/identity/finish', async function() {
|
|
|
|
await POST_Expect403('https://login.example.com:8080/api/secondfactor/totp/identity/finish');
|
2019-02-10 05:20:37 +07:00
|
|
|
});
|
|
|
|
});
|
|
|
|
}
|