authelia/internal/configuration/validator/totp_test.go
James Elliott ad8e844af6
feat(totp): algorithm and digits config (#2634)
Allow users to configure the TOTP Algorithm and Digits. This should be used with caution as many TOTP applications do not support it. Some will also fail to notify the user that there is an issue. i.e. if the algorithm in the QR code is sha512, they continue to generate one time passwords with sha1. In addition this drastically refactors TOTP in general to be more user friendly by not forcing them to register a new device if the administrator changes the period (or algorithm).

Fixes #1226.
2021-12-01 23:11:29 +11:00

74 lines
1.9 KiB
Go

package validator
import (
"fmt"
"strings"
"testing"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
"github.com/authelia/authelia/v4/internal/configuration/schema"
)
func TestShouldSetDefaultTOTPValues(t *testing.T) {
validator := schema.NewStructValidator()
config := &schema.Configuration{
TOTP: &schema.TOTPConfiguration{},
}
ValidateTOTP(config, validator)
require.Len(t, validator.Errors(), 0)
assert.Equal(t, "Authelia", config.TOTP.Issuer)
assert.Equal(t, schema.DefaultTOTPConfiguration.Algorithm, config.TOTP.Algorithm)
assert.Equal(t, schema.DefaultTOTPConfiguration.Skew, config.TOTP.Skew)
assert.Equal(t, schema.DefaultTOTPConfiguration.Period, config.TOTP.Period)
}
func TestShouldNormalizeTOTPAlgorithm(t *testing.T) {
validator := schema.NewStructValidator()
config := &schema.Configuration{
TOTP: &schema.TOTPConfiguration{
Algorithm: "sha1",
},
}
ValidateTOTP(config, validator)
assert.Len(t, validator.Errors(), 0)
assert.Equal(t, "SHA1", config.TOTP.Algorithm)
}
func TestShouldRaiseErrorWhenInvalidTOTPAlgorithm(t *testing.T) {
validator := schema.NewStructValidator()
config := &schema.Configuration{
TOTP: &schema.TOTPConfiguration{
Algorithm: "sha3",
},
}
ValidateTOTP(config, validator)
require.Len(t, validator.Errors(), 1)
assert.EqualError(t, validator.Errors()[0], fmt.Sprintf(errFmtTOTPInvalidAlgorithm, "SHA3", strings.Join(schema.TOTPPossibleAlgorithms, ", ")))
}
func TestShouldRaiseErrorWhenInvalidTOTPValues(t *testing.T) {
validator := schema.NewStructValidator()
config := &schema.Configuration{
TOTP: &schema.TOTPConfiguration{
Period: 5,
Digits: 20,
},
}
ValidateTOTP(config, validator)
require.Len(t, validator.Errors(), 2)
assert.EqualError(t, validator.Errors()[0], fmt.Sprintf(errFmtTOTPInvalidPeriod, 5))
assert.EqualError(t, validator.Errors()[1], fmt.Sprintf(errFmtTOTPInvalidDigits, 20))
}