fix test

2024-10-03 22:50:47 +09:00 · 2024-10-03 22:50:47 +09:00 · 51c5bc69b5
parent d5c96edbd8
commit 51c5bc69b5
1 changed files with 51 additions and 45 deletions
--- a/packages/backend/test/e2e/2fa.ts
+++ b/packages/backend/test/e2e/2fa.ts
@ -136,13 +136,7 @@ describe('2要素認証', () => {
 		keyName: string,
 		credentialId: Buffer,
 		requestOptions: PublicKeyCredentialRequestOptionsJSON,
-	}): {
+	}): misskey.entities.SigninRequest => {
 		username: string,
 		password: string,
 		credential: AuthenticationResponseJSON,
 		'g-recaptcha-response'?: string | null,
 		'hcaptcha-response'?: string | null,
 	} => {
 		// AuthenticatorAssertionResponse.authenticatorData
 		// https://developer.mozilla.org/en-US/docs/Web/API/AuthenticatorAssertionResponse/authenticatorData
 		const authenticatorData = Buffer.concat([
@ -202,11 +196,16 @@ describe('2要素認証', () => {
 		}, alice);
 		assert.strictEqual(doneResponse.status, 200);
-		const usersShowResponse = await api('users/show', {
+		const signinWithoutTokenResponse = await api('signin', {
-			username,
+			...signinParam(),
-		}, alice);
+		});
-		assert.strictEqual(usersShowResponse.status, 200);
+		assert.strictEqual(signinWithoutTokenResponse.status, 403);
-		assert.strictEqual((usersShowResponse.body as unknown as { twoFactorEnabled: boolean }).twoFactorEnabled, true);
+		assert.deepStrictEqual(signinWithoutTokenResponse.body, {
 			error: {
 				id: '144ff4f8-bd6c-41bc-82c3-b672eb09efbf',
 				next: 'totp',
 			},
 		});
 		const signinResponse = await api('signin', {
 			...signinParam(),
@ -253,26 +252,28 @@ describe('2要素認証', () => {
 		assert.strictEqual(keyDoneResponse.body.id, credentialId.toString('base64url'));
 		assert.strictEqual(keyDoneResponse.body.name, keyName);
 		const usersShowResponse = await api('users/show', {
 			username,
 		});
 		assert.strictEqual(usersShowResponse.status, 200);
 		assert.strictEqual((usersShowResponse.body as unknown as { securityKeys: boolean }).securityKeys, true);
 		const signinResponse = await api('signin', {
 			...signinParam(),
 		});
-		assert.strictEqual(signinResponse.status, 200);
+		const signinResponseBody = signinResponse.body as unknown as {
-		assert.strictEqual(signinResponse.body.i, undefined);
+			error: {
-		assert.notEqual((signinResponse.body as unknown as { challenge: unknown | undefined }).challenge, undefined);
+				id: string;
-		assert.notEqual((signinResponse.body as unknown as { allowCredentials: unknown | undefined }).allowCredentials, undefined);
+				next: 'passkey';
-		assert.strictEqual((signinResponse.body as unknown as { allowCredentials: {id: string}[] }).allowCredentials[0].id, credentialId.toString('base64url'));
+				authRequest: PublicKeyCredentialRequestOptionsJSON;
 			};
 		};
 		assert.strictEqual(signinResponse.status, 403);
 		assert.strictEqual(signinResponseBody.error.id, '06e661b9-8146-4ae3-bde5-47138c0ae0c4');
 		assert.strictEqual(signinResponseBody.error.next, 'passkey');
 		assert.notEqual(signinResponseBody.error.authRequest.challenge, undefined);
 		assert.notEqual(signinResponseBody.error.authRequest.allowCredentials, undefined);
 		assert.strictEqual(signinResponseBody.error.authRequest.allowCredentials && signinResponseBody.error.authRequest.allowCredentials[0]?.id, credentialId.toString('base64url'));
 		const signinResponse2 = await api('signin', signinWithSecurityKeyParam({
 			keyName,
 			credentialId,
-			requestOptions: signinResponse.body,
+			requestOptions: signinResponseBody.error.authRequest,
-		} as any));
+		}));
 		assert.strictEqual(signinResponse2.status, 200);
 		assert.notEqual(signinResponse2.body.i, undefined);
@ -315,9 +316,7 @@ describe('2要素認証', () => {
 		}, alice);
 		assert.strictEqual(passwordLessResponse.status, 204);
-		const usersShowResponse = await api('users/show', {
+		const usersShowResponse = await api('i', {}, alice);
 			username,
 		});
 		assert.strictEqual(usersShowResponse.status, 200);
 		assert.strictEqual((usersShowResponse.body as unknown as { usePasswordLessLogin: boolean }).usePasswordLessLogin, true);
@ -325,14 +324,25 @@ describe('2要素認証', () => {
 			...signinParam(),
 			password: '',
 		});
-		assert.strictEqual(signinResponse.status, 200);
+		const signinResponseBody = signinResponse.body as unknown as {
-		assert.strictEqual(signinResponse.body.i, undefined);
+			error: {
 				id: string;
 				next: 'passkey';
 				authRequest: PublicKeyCredentialRequestOptionsJSON;
 			};
 		};
 		assert.strictEqual(signinResponse.status, 403);
 		assert.strictEqual(signinResponseBody.error.id, '06e661b9-8146-4ae3-bde5-47138c0ae0c4');
 		assert.strictEqual(signinResponseBody.error.next, 'passkey');
 		assert.notEqual(signinResponseBody.error.authRequest.challenge, undefined);
 		assert.notEqual(signinResponseBody.error.authRequest.allowCredentials, undefined);
 		assert.strictEqual(signinResponseBody.error.authRequest.allowCredentials && signinResponseBody.error.authRequest.allowCredentials[0]?.id, credentialId.toString('base64url'));
 		const signinResponse2 = await api('signin', {
 			...signinWithSecurityKeyParam({
 				keyName,
 				credentialId,
-				requestOptions: signinResponse.body,
+				requestOptions: signinResponseBody.error.authRequest,
 			} as any),
 			password: '',
 		});
@ -424,11 +434,11 @@ describe('2要素認証', () => {
 		assert.strictEqual(keyDoneResponse.status, 200);
 		// テストの実行順によっては複数残ってるので全部消す
-		const iResponse = await api('i', {
+		const beforeIResponse = await api('i', {
 		}, alice);
-		assert.strictEqual(iResponse.status, 200);
+		assert.strictEqual(beforeIResponse.status, 200);
-		assert.ok(iResponse.body.securityKeysList);
+		assert.ok(beforeIResponse.body.securityKeysList);
-		for (const key of iResponse.body.securityKeysList) {
+		for (const key of beforeIResponse.body.securityKeysList) {
 			const removeKeyResponse = await api('i/2fa/remove-key', {
 				token: otpToken(registerResponse.body.secret),
 				password,
@ -437,11 +447,9 @@ describe('2要素認証', () => {
 			assert.strictEqual(removeKeyResponse.status, 200);
 		}
-		const usersShowResponse = await api('users/show', {
+		const afterIResponse = await api('i', {}, alice);
-			username,
+		assert.strictEqual(afterIResponse.status, 200);
-		});
+		assert.strictEqual(afterIResponse.body.securityKeys, false);
 		assert.strictEqual(usersShowResponse.status, 200);
 		assert.strictEqual((usersShowResponse.body as unknown as { securityKeys: boolean }).securityKeys, false);
 		const signinResponse = await api('signin', {
 			...signinParam(),
@ -468,11 +476,9 @@ describe('2要素認証', () => {
 		}, alice);
 		assert.strictEqual(doneResponse.status, 200);
-		const usersShowResponse = await api('users/show', {
+		const iResponse = await api('i', {}, alice);
-			username,
+		assert.strictEqual(iResponse.status, 200);
-		});
+		assert.strictEqual(iResponse.body.twoFactorEnabled, true);
 		assert.strictEqual(usersShowResponse.status, 200);
 		assert.strictEqual((usersShowResponse.body as unknown as { twoFactorEnabled: boolean }).twoFactorEnabled, true);
 		const unregisterResponse = await api('i/2fa/unregister', {
 			token: otpToken(registerResponse.body.secret),