Google2FATest.php
8.4 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
<?php
namespace PragmaRX\Google2FA\Tests;
use PHPUnit\Framework\TestCase;
use PragmaRX\Google2FA\Google2FA;
use PragmaRX\Google2FA\Support\Constants as Google2FAConstants;
class Google2FATest extends TestCase
{
public function setUp()
{
$this->google2fa = new Google2FA();
}
public function testIsInitializable()
{
$this->assertInstanceOf('PragmaRX\Google2FA\Google2FA', $this->google2fa);
}
public function testGeneratesAValidSecretKey()
{
$this->assertEquals(16, strlen($this->google2fa->generateSecretKey()));
$this->assertEquals(32, strlen($this->google2fa->generateSecretKey(32)));
$this->assertStringStartsWith('MFXHI', $this->google2fa->generateSecretKey(59, 'ant'));
$this->assertStringStartsWith('MFXHI', $this->google2fa->generateSecretKey(59, 'ant'));
$this->assertEquals($key = $this->google2fa->generateSecretKey(), preg_replace('/[^'.Google2FAConstants::VALID_FOR_B32.']/', '', $key));
}
/**
* @expectedException \PragmaRX\Google2FA\Exceptions\IncompatibleWithGoogleAuthenticatorException
*/
public function testGeneratesASecretKeysCompatibleWithGoogleAuthenticatorOrNot()
{
$this->google2fa->setEnforceGoogleAuthenticatorCompatibility(true)->generateSecretKey(17);
$this->assertEquals(17, strlen($this->google2fa->setEnforceGoogleAuthenticatorCompatibility(false)->generateSecretKey(17)));
}
public function testConvertsInvalidCharsToBase32()
{
$converted = $this->google2fa->generateBase32RandomKey(16, '1234'.chr(250).chr(251).chr(252).chr(253).chr(254).chr(255));
$valid = preg_replace('/[^'.Google2FAConstants::VALID_FOR_B32.']/', '', $converted);
$this->assertEquals($converted, $valid);
}
public function testGetsValidTimestamps()
{
$ts = $this->google2fa->getTimestamp();
$this->assertLessThanOrEqual(PHP_INT_MAX, $ts);
$this->assertGreaterThanOrEqual(~PHP_INT_MAX, $ts);
}
public function testDecodesBase32Strings()
{
$result = chr(0)
.chr(232)
.chr(196)
.chr(187)
.chr(190)
.chr(223)
.chr(26)
.chr(241)
.chr(145)
.chr(86);
$this->assertEquals($result, $this->google2fa->base32Decode(Constants::SECRET));
}
public function testCreatesAOneTimePassword()
{
$this->assertEquals(6, strlen($this->google2fa->getCurrentOtp(Constants::SECRET)));
}
public function testVerifiesKeys()
{
// $ts 26213400 with KEY_REGENERATION 30 seconds is
// timestamp 786402000, which is 1994-12-02 21:00:00 UTC
$this->assertTrue($this->google2fa->verifyKey(Constants::SECRET, '558854', 2, 26213400)); // 26213398
$this->assertTrue($this->google2fa->verifyKey(Constants::SECRET, '981084', 2, 26213400)); // 26213399
$this->assertTrue($this->google2fa->verifyKey(Constants::SECRET, '512396', 2, 26213400)); // 26213400
$this->assertTrue($this->google2fa->verifyKey(Constants::SECRET, '410272', 2, 26213400)); // 26213401
$this->assertTrue($this->google2fa->verifyKey(Constants::SECRET, '239815', 2, 26213400)); // 26213402
$this->assertFalse($this->google2fa->verifyKey(Constants::SECRET, '313366', 2, 26213400)); // 26213403
$this->assertFalse($this->google2fa->verifyKey(Constants::SECRET, '093183', 2, 26213400)); // 26213397
}
public function testVerifiesKeysNewer()
{
$this->assertFalse($this->google2fa->verifyKeyNewer(Constants::SECRET, '512396', 26213401, 2, 26213400));
$this->assertFalse($this->google2fa->verifyKeyNewer(Constants::SECRET, '410272', 26213401, 2, 26213400));
$this->assertEquals(26213402, $this->google2fa->verifyKeyNewer(Constants::SECRET, '239815', 26213401, 2, 26213400));
$this->assertFalse($this->google2fa->verifyKeyNewer(Constants::SECRET, '313366', 26213401, 2, 26213400));
$this->assertEquals(26213400, $this->google2fa->verifyKeyNewer(Constants::SECRET, '512396', null, 2, 26213400));
$this->assertEquals(26213401, $this->google2fa->verifyKeyNewer(Constants::SECRET, '410272', null, 2, 26213400));
$this->assertEquals(26213402, $this->google2fa->verifyKeyNewer(Constants::SECRET, '239815', null, 2, 26213400));
$this->assertFalse($this->google2fa->verifyKeyNewer(Constants::SECRET, '313366', null, 2, 26213400));
}
public function testRemovesInvalidCharsFromSecret()
{
$this->assertEquals(Constants::SECRET, $this->google2fa->removeInvalidChars(Constants::SECRET.'!1-@@@'));
}
public function testCreatesAQrCode()
{
$this->assertEquals(Constants::URL, $this->google2fa->setAllowInsecureCallToGoogleApis(true)->getQRCodeGoogleUrl('PragmaRX', 'acr+pragmarx@antoniocarlosribeiro.com', Constants::SECRET));
}
/**
* @expectedException \PragmaRX\Google2FA\Exceptions\InsecureCallException
*/
public function testGetExceptionWhenUsingGoogleApis()
{
$this->assertEquals(Constants::URL, $this->google2fa->getQRCodeGoogleUrl('PragmaRX', 'acr+pragmarx@antoniocarlosribeiro.com', Constants::SECRET));
}
public function testConvertsToBase32()
{
$this->assertEquals('KBZGCZ3NMFJFQ', $this->google2fa->toBase32('PragmaRX'));
}
public function testSetsTheWindow()
{
$this->google2fa->setWindow(6);
$this->assertEquals(6, $this->google2fa->getWindow());
$this->assertEquals(1, $this->google2fa->getWindow(1));
$this->google2fa->setWindow(0);
$this->assertFalse($this->google2fa->verifyKey(Constants::SECRET, '558854', null, 26213400));
$this->google2fa->setWindow(2);
$this->assertTrue($this->google2fa->verifyKey(Constants::SECRET, '558854', null, 26213400));
$this->assertTrue($this->google2fa->verifyKey(Constants::SECRET, '558854', null, 26213399));
$this->assertTrue($this->google2fa->verifyKey(Constants::SECRET, '558854', null, 26213398));
$this->assertTrue($this->google2fa->verifyKey(Constants::SECRET, '558854', null, 26213396));
$this->assertFalse($this->google2fa->verifyKey(Constants::SECRET, '558854', null, 26213395));
}
public function testSetsTheSecret()
{
$this->assertFalse($this->google2fa->verify('558854', Constants::WRONG_SECRET));
$this->google2fa->setWindow(2);
$this->assertTrue($this->google2fa->verify('558854', Constants::SECRET, null, 26213400));
$this->google2fa->setSecret(Constants::SECRET);
$this->assertTrue($this->google2fa->verify('558854', null, null, 26213400));
}
public function testGetsKeyRegeneration()
{
$this->google2fa->setKeyRegeneration(11);
$this->assertEquals(11, $this->google2fa->getKeyRegeneration());
}
public function testGetsOtpLength()
{
$this->google2fa->setOneTimePasswordLength(7);
$this->assertEquals(7, $this->google2fa->getOneTimePasswordLength());
}
public function testGeneratesPasswordsInManyDifferentSizes()
{
$this->google2fa->setWindow(2);
$this->google2fa->setOneTimePasswordLength(6);
$this->assertTrue($this->google2fa->verifyKey(Constants::SECRET, '558854', null, 26213400));
$this->google2fa->setOneTimePasswordLength(7);
$this->assertTrue($this->google2fa->verifyKey(Constants::SECRET, '8981084', null, 26213400));
}
/**
* @expectedException \PragmaRX\Google2FA\Exceptions\SecretKeyTooShortException
*/
public function testShortSecretKey()
{
$this->google2fa->setEnforceGoogleAuthenticatorCompatibility(false);
$this->google2fa->verifyKey(Constants::SHORT_SECRET, '558854', null, 26213400);
}
/**
* @expectedException \PragmaRX\Google2FA\Exceptions\InvalidCharactersException
*/
public function testValidateKey()
{
$this->assertTrue(is_numeric($this->google2fa->getCurrentOtp(Constants::SECRET)));
$this->google2fa->setEnforceGoogleAuthenticatorCompatibility(false);
$this->google2fa->getCurrentOtp(Constants::INVALID_SECRET);
}
public function testQrcodeInline()
{
$this->assertEquals(
phpversion() >= '7.2' ? Constants::QRCODEPHPABOVE72 : Constants::QRCODEPHPBELOW72,
$this->google2fa->getQRCodeInline('PragmaRX', 'acr+pragmarx@antoniocarlosribeiro.com', Constants::SECRET)
);
}
}