mirror of
https://github.com/0rangebananaspy/authelia.git
synced 2024-09-14 22:47:21 +07:00
ad8e844af6
Allow users to configure the TOTP Algorithm and Digits. This should be used with caution as many TOTP applications do not support it. Some will also fail to notify the user that there is an issue. i.e. if the algorithm in the QR code is sha512, they continue to generate one time passwords with sha1. In addition this drastically refactors TOTP in general to be more user friendly by not forcing them to register a new device if the administrator changes the period (or algorithm). Fixes #1226.
41 lines
1.2 KiB
Go
41 lines
1.2 KiB
Go
package models
|
|
|
|
import (
|
|
"encoding/json"
|
|
"testing"
|
|
|
|
"github.com/stretchr/testify/assert"
|
|
"github.com/stretchr/testify/require"
|
|
)
|
|
|
|
/*
|
|
TestShouldOnlyMarshalPeriodAndDigitsAndAbsolutelyNeverSecret.
|
|
This test is vital to ensuring the TOTP configuration is marshalled correctly. If encoding/json suddenly changes
|
|
upstream and the json tag value of '-' doesn't exclude the field from marshalling then this test will pickup this
|
|
issue prior to code being shipped.
|
|
|
|
For this reason it's essential that the marshalled object contains all values populated, especially the secret.
|
|
*/
|
|
func TestShouldOnlyMarshalPeriodAndDigitsAndAbsolutelyNeverSecret(t *testing.T) {
|
|
object := TOTPConfiguration{
|
|
ID: 1,
|
|
Username: "john",
|
|
Issuer: "Authelia",
|
|
Algorithm: "SHA1",
|
|
Digits: 6,
|
|
Period: 30,
|
|
|
|
// DO NOT CHANGE THIS VALUE UNLESS YOU FULLY UNDERSTAND THE COMMENT AT THE TOP OF THIS TEST.
|
|
Secret: []byte("ABC123"),
|
|
}
|
|
|
|
data, err := json.Marshal(object)
|
|
assert.NoError(t, err)
|
|
|
|
assert.Equal(t, "{\"digits\":6,\"period\":30}", string(data))
|
|
|
|
// DO NOT REMOVE OR CHANGE THESE TESTS UNLESS YOU FULLY UNDERSTAND THE COMMENT AT THE TOP OF THIS TEST.
|
|
require.NotContains(t, string(data), "secret")
|
|
require.NotContains(t, string(data), "ABC123")
|
|
}
|