def test_credential_invalid(self): request = pretend.stub(remote_addr="127.0.0.1") user_service = pretend.stub( record_event=pretend.call_recorder(lambda *a, **kw: None), verify_webauthn_assertion=pretend.raiser( AuthenticationRejectedError("foo")), ) form = forms.WebAuthnAuthenticationForm( request=request, credential=json.dumps({}), user_id=1, user_service=user_service, challenge=pretend.stub(), origin=pretend.stub(), rp_id=pretend.stub(), ) assert not form.validate() assert form.credential.errors.pop() == "foo" assert user_service.record_event.calls == [ pretend.call( 1, tag="account:login:failure", ip_address="127.0.0.1", additional={"reason": "invalid_webauthn"}, ) ]
def test_credential_bad_payload(self): form = forms.WebAuthnAuthenticationForm( credential="not valid json", user_id=pretend.stub(), user_service=pretend.stub(), challenge=pretend.stub(), origin=pretend.stub(), rp_id=pretend.stub(), ) assert not form.validate() assert form.credential.errors.pop() == "Invalid WebAuthn assertion: Bad payload"
def test_credential_invalid(self): form = forms.WebAuthnAuthenticationForm( credential=json.dumps({}), user_id=pretend.stub(), user_service=pretend.stub(verify_webauthn_assertion=pretend.raiser( AuthenticationRejectedException("foo"))), challenge=pretend.stub(), origin=pretend.stub(), rp_id=pretend.stub(), ) assert not form.validate() assert form.credential.errors.pop() == "foo"
def test_credential_valid(self): form = forms.WebAuthnAuthenticationForm( credential=json.dumps({}), user_id=pretend.stub(), user_service=pretend.stub( verify_webauthn_assertion=pretend.call_recorder( lambda *a, **kw: ("foo", 123456))), challenge=pretend.stub(), origin=pretend.stub(), rp_id=pretend.stub(), ) assert form.validate() assert form.validated_credential == ("foo", 123456)
def test_credential_bad_payload(self, pyramid_config): request = pretend.stub() form = forms.WebAuthnAuthenticationForm( request=request, credential="not valid json", user_id=pretend.stub(), user_service=pretend.stub(), challenge=pretend.stub(), origin=pretend.stub(), rp_id=pretend.stub(), ) assert not form.validate() assert (str(form.credential.errors.pop()) == "Invalid WebAuthn assertion: Bad payload")
def test_creation(self): user_id = pretend.stub() user_service = pretend.stub() challenge = pretend.stub() origin = pretend.stub() rp_id = pretend.stub() form = forms.WebAuthnAuthenticationForm( user_id=user_id, user_service=user_service, challenge=challenge, origin=origin, rp_id=rp_id, ) assert form.challenge is challenge