class GoogleAuthenticatorTests(TestCase): def setUp(self): self.api_client = ApiClient() self.auth_client = OktaAuthClient(OktaFactors(self.api_client)) self.mb = MountebankProcess() def tearDown(self): self.mb.destroy_all_imposters() def setup_imposter(self, file_name): port = self.mb.create_imposter("test_auth_client/stubs/" + file_name) imposter_url = self.mb.get_imposter_url(port) self.api_client.settings.set("BASE_URL", imposter_url) return imposter_url def test_enrollment_requirements(self): with self.assertRaises(AssertionError): self.auth_client.enroll_user_for_google_authenticator(None) def test_activation_requirements(self): with self.assertRaises(AssertionError): self.auth_client.activate_google_authenticator_factor(None, "123456") with self.assertRaises(AssertionError): self.auth_client.activate_google_authenticator_factor("0001", None) def test_verification_requirements(self): with self.assertRaises(AssertionError): self.auth_client.verify_google_authenticator_factor(None, "123456") with self.assertRaises(AssertionError): self.auth_client.verify_google_authenticator_factor("0001", None) def test_is_enrolled_requirements(self): with self.assertRaises(AssertionError): self.auth_client.is_user_enrolled_for_google_authenticator(None) def test_delete_requirements(self): with self.assertRaises(AssertionError): self.auth_client.delete_google_authenticator_factor(None) def test_enrollment_success(self): self.setup_imposter("test_google_authenticator_enrollment.json") response, message, error_code, extras = self.auth_client.enroll_user_for_google_authenticator(USER_ONE["id"]) self.assertTrue(response) self.assertIsNotNone(response["id"]) self.assertEqual("token:software:totp", response["factorType"]) self.assertEqual("GOOGLE", response["provider"]) self.assertEqual(message, "Success") self.assertIsNone(error_code) self.assertIn("shared_secret", extras) self.assertIsNotNone(extras["shared_secret"]) self.assertIn("qr_code", extras) self.assertIsNotNone(extras["qr_code"]) def test_enrollment_failure(self): self.setup_imposter("test_google_authenticator_enrollment.json") response, message, error_code, extras = self.auth_client.enroll_user_for_google_authenticator(USER_TWO["id"]) self.assertFalse(response) self.assertEqual("Factor already exists.", message) self.assertIsNotNone(error_code) def test_activation_success(self): self.setup_imposter("test_google_authenticator_activation.json") response, message, error_code = self.auth_client.activate_google_authenticator_factor(USER_ONE["id"], "12345") self.assertTrue(response) self.assertEqual("Success", message) self.assertIsNone(error_code) def test_activation_failure_one(self): self.setup_imposter("test_google_authenticator_activation.json") response, message, error_code = self.auth_client.activate_google_authenticator_factor(USER_TWO["id"], "1") self.assertFalse(response) self.assertEqual("Your passcode doesn't match our records. Please try again.", message) self.assertEqual("E0000068", error_code) def test_activation_failure_two(self): self.setup_imposter("test_google_authenticator_activation.json") response, message, error_code = self.auth_client.activate_google_authenticator_factor( USER_THREE["id"], "not-enrolled" ) self.assertFalse(response) self.assertEqual("Not enrolled in factor.", message) self.assertIsNotNone(error_code) def test_activation_failure_three(self): self.setup_imposter("test_google_authenticator_activation.json") response, message, error_code = self.auth_client.activate_google_authenticator_factor( USER_FOUR["id"], "not-found" ) self.assertFalse(response) self.assertEqual("Not found: Resource not found: invalid_id (User)", message) self.assertIsNotNone(error_code) def test_verify_challenge_success(self): self.setup_imposter("test_google_authenticator_challenge.json") response, message, error_code = self.auth_client.verify_google_authenticator_factor(USER_ONE["id"], "12345") self.assertTrue(response) self.assertEqual(response.get("factorResult"), "SUCCESS") self.assertEqual("Success", message) self.assertIsNone(error_code) def test_verify_challenge_failure_one(self): self.setup_imposter("test_google_authenticator_challenge.json") response, message, error_code = self.auth_client.verify_google_authenticator_factor( USER_ONE["id"], "invalid-passcode" ) self.assertFalse(response) self.assertEqual("Your passcode doesn't match our records. Please try again.", message) self.assertEqual("E0000068", error_code) def test_verify_challenge_two(self): self.setup_imposter("test_google_authenticator_challenge.json") response, message, error_code = self.auth_client.verify_google_authenticator_factor(USER_THREE["id"], "12345") self.assertFalse(response) self.assertEqual("Not enrolled in factor.", message) def test_verify_challenge_failure_three(self): self.setup_imposter("test_google_authenticator_challenge.json") response, message, error_code = self.auth_client.verify_google_authenticator_factor(USER_FOUR["id"], "12345") self.assertFalse(response) self.assertEqual("Not found: Resource not found: invalid_id (User)", message) def test_user_is_enrolled(self): self.setup_imposter("test_google_authenticator_challenge.json") is_enrolled = self.auth_client.is_user_enrolled_for_google_authenticator(USER_ONE["id"]) self.assertTrue(is_enrolled) def test_user_is_not_enrolled_in_pending_activation(self): self.setup_imposter("test_google_authenticator_challenge.json") is_enrolled = self.auth_client.is_user_enrolled_for_google_authenticator(USER_TWO["id"]) self.assertFalse(is_enrolled) def test_user_is_not_enrolled_different_factor(self): self.setup_imposter("test_google_authenticator_challenge.json") is_enrolled = self.auth_client.is_user_enrolled_for_google_authenticator(USER_THREE["id"]) self.assertFalse(is_enrolled) def test_user_is_not_enrolled_invalid_id(self): self.setup_imposter("test_google_authenticator_challenge.json") is_enrolled = self.auth_client.is_user_enrolled_for_google_authenticator("invalid_id") self.assertFalse(is_enrolled) def test_delete_factor(self): self.setup_imposter("test_google_authenticator_challenge.json") response, message, error_code = self.auth_client.delete_google_authenticator_factor(USER_ONE["id"]) self.assertEqual(message, "Success") self.assertIsNone(error_code)
def setUp(self): self.api_client = ApiClient() self.auth_client = OktaAuthClient(OktaFactors(self.api_client)) self.mb = MountebankProcess()
class GoogleAuthenticatorTests(TestCase): def setUp(self): self.api_client = ApiClient() self.auth_client = OktaAuthClient(OktaFactors(self.api_client)) self.mb = MountebankProcess() def tearDown(self): self.mb.destroy_all_imposters() def setup_imposter(self, file_name): port = self.mb.create_imposter('test_auth_client/stubs/' + file_name) imposter_url = self.mb.get_imposter_url(port) self.api_client.settings.set('BASE_URL', imposter_url) return imposter_url def test_enrollment_requirements(self): with self.assertRaises(AssertionError): self.auth_client.enroll_user_for_google_authenticator(None) def test_activation_requirements(self): with self.assertRaises(AssertionError): self.auth_client.activate_google_authenticator_factor( None, '123456') with self.assertRaises(AssertionError): self.auth_client.activate_google_authenticator_factor('0001', None) def test_verification_requirements(self): with self.assertRaises(AssertionError): self.auth_client.verify_google_authenticator_factor(None, '123456') with self.assertRaises(AssertionError): self.auth_client.verify_google_authenticator_factor('0001', None) def test_is_enrolled_requirements(self): with self.assertRaises(AssertionError): self.auth_client.is_user_enrolled_for_google_authenticator(None) def test_delete_requirements(self): with self.assertRaises(AssertionError): self.auth_client.delete_google_authenticator_factor(None) def test_enrollment_success(self): self.setup_imposter('test_google_authenticator_enrollment.json') response, message, error_code, extras = self.auth_client.enroll_user_for_google_authenticator( USER_ONE['id']) self.assertTrue(response) self.assertIsNotNone(response['id']) self.assertEqual('token:software:totp', response['factorType']) self.assertEqual('GOOGLE', response['provider']) self.assertEqual(message, "Success") self.assertIsNone(error_code) self.assertIn('shared_secret', extras) self.assertIsNotNone(extras['shared_secret']) self.assertIn('qr_code', extras) self.assertIsNotNone(extras['qr_code']) def test_enrollment_failure(self): self.setup_imposter('test_google_authenticator_enrollment.json') response, message, error_code, extras = self.auth_client.enroll_user_for_google_authenticator( USER_TWO['id']) self.assertFalse(response) self.assertEqual('Factor already exists.', message) self.assertIsNotNone(error_code) def test_activation_success(self): self.setup_imposter('test_google_authenticator_activation.json') response, message, error_code = self.auth_client.activate_google_authenticator_factor( USER_ONE['id'], '12345') self.assertTrue(response) self.assertEqual("Success", message) self.assertIsNone(error_code) def test_activation_failure_one(self): self.setup_imposter('test_google_authenticator_activation.json') response, message, error_code = self.auth_client.activate_google_authenticator_factor( USER_TWO['id'], '1') self.assertFalse(response) self.assertEqual( "Your passcode doesn't match our records. Please try again.", message) self.assertEqual('E0000068', error_code) def test_activation_failure_two(self): self.setup_imposter('test_google_authenticator_activation.json') response, message, error_code = self.auth_client.activate_google_authenticator_factor( USER_THREE['id'], 'not-enrolled') self.assertFalse(response) self.assertEqual("Not enrolled in factor.", message) self.assertIsNotNone(error_code) def test_activation_failure_three(self): self.setup_imposter('test_google_authenticator_activation.json') response, message, error_code = self.auth_client.activate_google_authenticator_factor( USER_FOUR['id'], 'not-found') self.assertFalse(response) self.assertEqual("Not found: Resource not found: invalid_id (User)", message) self.assertIsNotNone(error_code) def test_verify_challenge_success(self): self.setup_imposter('test_google_authenticator_challenge.json') response, message, error_code = self.auth_client.verify_google_authenticator_factor( USER_ONE['id'], '12345') self.assertTrue(response) self.assertEqual(response.get('factorResult'), 'SUCCESS') self.assertEqual("Success", message) self.assertIsNone(error_code) def test_verify_challenge_failure_one(self): self.setup_imposter('test_google_authenticator_challenge.json') response, message, error_code = self.auth_client.verify_google_authenticator_factor( USER_ONE['id'], 'invalid-passcode') self.assertFalse(response) self.assertEqual( "Your passcode doesn't match our records. Please try again.", message) self.assertEqual('E0000068', error_code) def test_verify_challenge_two(self): self.setup_imposter('test_google_authenticator_challenge.json') response, message, error_code = self.auth_client.verify_google_authenticator_factor( USER_THREE['id'], '12345') self.assertFalse(response) self.assertEqual("Not enrolled in factor.", message) def test_verify_challenge_failure_three(self): self.setup_imposter('test_google_authenticator_challenge.json') response, message, error_code = self.auth_client.verify_google_authenticator_factor( USER_FOUR['id'], '12345') self.assertFalse(response) self.assertEqual("Not found: Resource not found: invalid_id (User)", message) def test_user_is_enrolled(self): self.setup_imposter('test_google_authenticator_challenge.json') is_enrolled = self.auth_client.is_user_enrolled_for_google_authenticator( USER_ONE['id']) self.assertTrue(is_enrolled) def test_user_is_not_enrolled_in_pending_activation(self): self.setup_imposter('test_google_authenticator_challenge.json') is_enrolled = self.auth_client.is_user_enrolled_for_google_authenticator( USER_TWO['id']) self.assertFalse(is_enrolled) def test_user_is_not_enrolled_different_factor(self): self.setup_imposter('test_google_authenticator_challenge.json') is_enrolled = self.auth_client.is_user_enrolled_for_google_authenticator( USER_THREE['id']) self.assertFalse(is_enrolled) def test_user_is_not_enrolled_invalid_id(self): self.setup_imposter('test_google_authenticator_challenge.json') is_enrolled = self.auth_client.is_user_enrolled_for_google_authenticator( "invalid_id") self.assertFalse(is_enrolled) def test_delete_factor(self): self.setup_imposter('test_google_authenticator_challenge.json') response, message, error_code = self.auth_client.delete_google_authenticator_factor( USER_ONE['id']) self.assertEqual(message, 'Success') self.assertIsNone(error_code)
def setup_imposter(self, file_name): imposter = self.mb.create_imposter('test_auth_client/stubs/' + file_name) api_client = ApiClient(BASE_URL=self.mb.get_imposter_url(imposter)) return OktaAuthClient(OktaFactors(api_client))
def setUp(self): self.api_client = ApiClient(API_TOKEN='jrr-tolkien') self.auth_client = OktaAuthClient(OktaFactors(self.api_client)) self.mb = MountebankProcess()
class SMSAuthTests(unittest.TestCase): def setUp(self): self.api_client = ApiClient(API_TOKEN='jrr-tolkien') self.auth_client = OktaAuthClient(OktaFactors(self.api_client)) self.mb = MountebankProcess() def tearDown(self): self.mb.destroy_all_imposters() def setup_imposter(self, file_name): imposter = self.mb.create_imposter('test_auth_client/stubs/' + file_name) api_client = ApiClient(BASE_URL=self.mb.get_imposter_url(imposter)) return OktaAuthClient(OktaFactors(api_client)) def test_sms_enrollment_requirements(self): with self.assertRaises(AssertionError): self.auth_client.enroll_user_for_sms(user_no_id.get('id'), user_no_id.get('phone_number')) with self.assertRaises(AssertionError): self.auth_client.enroll_user_for_sms( user_no_phone_number.get('id'), user_no_phone_number.get('phone_number')) def test_sms_enrollment_success(self): auth_client = self.setup_imposter('test_sms_enrollment.json') response, message, error_code = auth_client.enroll_user_for_sms( user_one.get('id'), user_one.get('phone_number')) self.assertTrue(response) self.assertEqual(response.get('id'), user_one.get('id')) self.assertEqual(message, "Success") self.assertIsNone(error_code) def test_sms_enrollment_failure(self): auth_client = self.setup_imposter('test_sms_enrollment.json') response, message, error_code = auth_client.enroll_user_for_sms( user_two.get('id'), user_two.get('phone_number')) self.assertFalse(response) self.assertEqual(message, "Factor already exists.") self.assertIsNotNone(error_code) def test_sms_activation_requirements(self): with self.assertRaises(AssertionError): self.auth_client.activate_sms_factor(user_no_id.get('id'), '123') with self.assertRaises(AssertionError): self.auth_client.activate_sms_factor(user_one.get('id'), None) def test_sms_activation_success(self): auth_client = self.setup_imposter('test_sms_activation.json') response, message, error_code = auth_client.activate_sms_factor(user_one.get('id'), '12345') self.assertTrue(response) self.assertEqual(response.get('id'), user_one.get('id')) self.assertEqual(message, "Success") self.assertIsNone(error_code) def test_sms_activation_failure_one(self): auth_client = self.setup_imposter('test_sms_activation.json') response, message, error_code = auth_client.activate_sms_factor(user_two.get('id'), 'invalid-passcode') self.assertFalse(response) self.assertEqual(message, "Your passcode doesn't match our records. Please try again.") self.assertEqual('E0000068', error_code) def test_sms_activation_failure_two(self): auth_client = self.setup_imposter('test_sms_activation.json') response, message, error_code = auth_client.activate_sms_factor(user_three.get('id'), '12345') self.assertFalse(response) self.assertEqual(message, "Not enrolled in factor.") self.assertIsNotNone(error_code) def test_sms_activation_failure_three(self): auth_client = self.setup_imposter('test_sms_activation.json') response, message, error_code = auth_client.activate_sms_factor(user_invalid_id.get('id'), '12345') self.assertFalse(response) self.assertEqual(message, "Not found: Resource not found: invalid_id (User)") self.assertIsNotNone(error_code) def test_sms_challenge_requirements(self): with self.assertRaises(AssertionError): self.auth_client.send_sms_challenge(user_no_id.get('id')) def test_sms_challenge_success(self): auth_client = self.setup_imposter('test_send_sms_challenge.json') response, message, error_code = auth_client.send_sms_challenge(user_one.get('id')) self.assertTrue(response) self.assertEqual(response.get('factorResult'), 'CHALLENGE') self.assertEqual(message, "Success") self.assertIsNone(error_code) def test_sms_challenge_failure_one(self): auth_client = self.setup_imposter('test_send_sms_challenge.json') response, message, error_code = auth_client.send_sms_challenge(user_two.get('id')) self.assertFalse(response) self.assertEqual(message, "Your passcode doesn't match our records. Please try again.") self.assertEqual('E0000068', error_code) def test_sms_challenge_failure_two(self): auth_client = self.setup_imposter('test_send_sms_challenge.json') response, message, error_code = auth_client.send_sms_challenge(user_invalid_id.get('id')) self.assertFalse(response) self.assertEqual(message, "Not found: Resource not found: invalid_id (User)") def test_sms_challenge_failure_three(self): auth_client = self.setup_imposter('test_send_sms_challenge.json') response, message, error_code = auth_client.send_sms_challenge(user_three.get('id')) self.assertFalse(response) self.assertEqual('Not enrolled in factor.', message) self.assertIsNotNone(error_code) def test_verify_sms_challenge_requirements(self): with self.assertRaises(AssertionError): self.auth_client.verify_sms_challenge_passcode(user_no_id.get('id'), '12345') def test_verify_sms_challenge_success(self): auth_client = self.setup_imposter('test_verify_sms_challenge.json') response, message, error_code = auth_client.verify_sms_challenge_passcode(user_one.get('id'), '12345') self.assertTrue(response) self.assertEqual(response.get('factorResult'), 'SUCCESS') self.assertEqual(message, "Success") self.assertIsNone(error_code) def test_verify_sms_challenge_failure_one(self): auth_client = self.setup_imposter('test_verify_sms_challenge.json') response, message, error_code = auth_client.verify_sms_challenge_passcode( user_two.get('id'), "invalid-passcode") self.assertFalse(response) self.assertEqual(message, "Your passcode doesn't match our records. Please try again.") self.assertEqual('E0000068', error_code) def test_verify_sms_challenge_failure_two(self): auth_client = self.setup_imposter('test_verify_sms_challenge.json') response, message, error_code = auth_client.verify_sms_challenge_passcode(user_invalid_id.get('id'), '12345') self.assertFalse(response) self.assertEqual(message, "Not found: Resource not found: invalid_id (User)") def test_verify_sms_challenge_three(self): auth_client = self.setup_imposter('test_verify_sms_challenge.json') response, message, error_code = auth_client.verify_sms_challenge_passcode(user_three.get('id'), '12345') self.assertFalse(response) self.assertEqual("Not enrolled in factor.", message) def test_user_is_enrolled_in_sms(self): auth_client = self.setup_imposter('test_sms_is_enrolled.json') is_enrolled = auth_client.is_user_enrolled_for_sms(user_one.get('id')) self.assertTrue(is_enrolled) def test_user_is_not_enrolled_in_sms_pending_activation(self): auth_client = self.setup_imposter('test_sms_is_enrolled.json') is_enrolled = auth_client.is_user_enrolled_for_sms(user_two.get('id')) self.assertFalse(is_enrolled) def test_user_is_not_enrolled_in_sms_different_factor(self): auth_client = self.setup_imposter('test_sms_is_enrolled.json') is_enrolled = auth_client.is_user_enrolled_for_sms(user_three.get('id')) self.assertFalse(is_enrolled) def test_user_is_not_enrolled_in_sms_invalid_id(self): auth_client = self.setup_imposter('test_sms_is_enrolled.json') is_enrolled = auth_client.is_user_enrolled_for_sms("invalid_id") self.assertFalse(is_enrolled) def test_delete_sms_factor(self): auth_client = self.setup_imposter('test_sms_delete_factor.json') response, message, error_code = auth_client.delete_sms_factor(user_one['id']) self.assertEqual(message, 'Success') self.assertIsNone(error_code) def test_update_sms_phone_number(self): auth_client = self.setup_imposter('test_sms_delete_factor.json') new_phone_number = '+1 666-666-6666' response, message, error_code = auth_client.update_sms_phone_number(user_one['id'], new_phone_number) self.assertTrue(response) self.assertEqual(response.get('id'), user_one.get('id')) self.assertEqual(response['profile']['phoneNumber'], new_phone_number) self.assertEqual(message, "Success") self.assertIsNone(error_code) def test_update_sms_phone_number_failure(self): auth_client = self.setup_imposter('test_sms_delete_factor.json') response, message, error_code = auth_client.update_sms_phone_number(user_two['id'], '+1 666-666-6666') self.assertFalse(response) self.assertEqual('Tom wanted 100% test coverage.', message) self.assertIsNotNone(error_code) def test_update_sms_phone_number_delete_failure(self): auth_client = self.setup_imposter('test_sms_delete_factor.json') response, message, error_code = auth_client.update_sms_phone_number(user_three['id'], '+1 666-666-6666') self.assertFalse(response) self.assertEqual('Tom wanted 100% test coverage.', message) self.assertIsNotNone(error_code)