88use CodedMonkey \Dirigent \Tests \Helper \WebTestCaseTrait ;
99use Doctrine \ORM \EntityManagerInterface ;
1010use PHPUnit \Framework \Attributes \CoversClass ;
11- use PHPUnit \Framework \Attributes \RequiresFunction ;
1211use Scheb \TwoFactorBundle \Security \TwoFactor \Provider \Totp \TotpFactory ;
1312use Symfony \Bundle \FrameworkBundle \Test \WebTestCase ;
1413use Symfony \Component \HttpFoundation \Response ;
@@ -28,7 +27,7 @@ public function testMfaUnauthenticated(): void
2827 $ this ->assertResponseRedirects ('/login ' , Response::HTTP_FOUND );
2928 }
3029
31- #[RequiresFunction('\Safe\unpack ' )] // todo test fails with Lowest Composer dependencies
30+ // #[RequiresFunction('\Safe\unpack')] // todo test fails with Lowest Composer dependencies
3231 public function testMfaSetup (): void
3332 {
3433 $ client = static ::createClient ();
@@ -48,9 +47,60 @@ public function testMfaSetup(): void
4847
4948 $ this ->assertResponseRedirects ('/account ' , Response::HTTP_FOUND );
5049
50+ $ user = $ this ->getService (EntityManagerInterface::class)->find (User::class, $ user ->getId ());
51+
5152 $ this ->assertNotNull ($ user ->getTotpSecret ());
5253 }
5354
55+ public function testMfaSetupWrongPassword (): void
56+ {
57+ $ client = static ::createClient ();
58+ $ totpFactory = $ this ->getService (TotpFactory::class, 'scheb_two_factor.security.totp_factory ' );
59+
60+ $ user = $ this ->createMockUser ();
61+ $ this ->persistEntities ($ user );
62+
63+ $ client ->loginUser ($ user );
64+
65+ $ client ->request ('GET ' , '/account/mfa ' );
66+
67+ $ client ->submitForm ('Enable MFA authentication ' , [
68+ 'mfa_setup_form[currentPassword] ' => 'OddPassword11 ' ,
69+ 'mfa_setup_form[totpCode] ' => $ totpFactory ->createTotpForUser ($ user )->now (),
70+ ]);
71+
72+ $ this ->assertResponseStatusCodeSame (Response::HTTP_UNPROCESSABLE_ENTITY );
73+
74+ $ this ->clearEntities ();
75+ $ user = $ this ->getService (EntityManagerInterface::class)->find (User::class, $ user ->getId ());
76+
77+ $ this ->assertNull ($ user ->getTotpSecret ());
78+ }
79+
80+ public function testMfaSetupWrongTotpCode (): void
81+ {
82+ $ client = static ::createClient ();
83+
84+ $ user = $ this ->createMockUser ();
85+ $ this ->persistEntities ($ user );
86+
87+ $ client ->loginUser ($ user );
88+
89+ $ client ->request ('GET ' , '/account/mfa ' );
90+
91+ $ client ->submitForm ('Enable MFA authentication ' , [
92+ 'mfa_setup_form[currentPassword] ' => 'PlainPassword99 ' ,
93+ 'mfa_setup_form[totpCode] ' => 'abcdef ' ,
94+ ]);
95+
96+ $ this ->assertResponseStatusCodeSame (Response::HTTP_UNPROCESSABLE_ENTITY );
97+
98+ $ this ->clearEntities ();
99+ $ user = $ this ->getService (EntityManagerInterface::class)->find (User::class, $ user ->getId ());
100+
101+ $ this ->assertNull ($ user ->getTotpSecret ());
102+ }
103+
54104 public function testMfaClear (): void
55105 {
56106 $ client = static ::createClient ();
@@ -73,6 +123,28 @@ public function testMfaClear(): void
73123 $ this ->assertNull ($ user ->getTotpSecret ());
74124 }
75125
126+ public function testMfaClearWrongPassword (): void
127+ {
128+ $ client = static ::createClient ();
129+
130+ $ user = $ this ->createMockUser (mfaEnabled: true );
131+ $ this ->persistEntities ($ user );
132+
133+ $ client ->loginUser ($ user );
134+
135+ $ client ->request ('GET ' , '/account/mfa ' );
136+
137+ $ client ->submitForm ('Disable MFA authentication ' , [
138+ 'mfa_clear_form[currentPassword] ' => 'OddPassword11 ' ,
139+ ]);
140+
141+ $ this ->assertResponseStatusCodeSame (Response::HTTP_UNPROCESSABLE_ENTITY );
142+
143+ $ user = $ this ->getService (EntityManagerInterface::class)->find (User::class, $ user ->getId ());
144+
145+ $ this ->assertNotNull ($ user ->getTotpSecret ());
146+ }
147+
76148 public function testMfaQrCodeUnauthenticated (): void
77149 {
78150 $ client = static ::createClient ();
0 commit comments