async def test_new_users_admin(mock_hass): """Test newly created users are admin.""" manager = await auth.auth_manager_from_config(mock_hass, [{ 'type': 'insecure_example', 'users': [{ 'username': '******', 'password': '******', 'name': 'Test Name' }] }], []) ensure_auth_manager_loaded(manager) user = await manager.async_create_user('Hello') assert user.is_admin user_cred = await manager.async_get_or_create_user( auth_models.Credentials( id='mock-id', auth_provider_type='insecure_example', auth_provider_id=None, data={'username': '******'}, is_new=True, )) assert user_cred.is_admin
async def test_new_users_admin(mock_hass): """Test newly created users are admin.""" manager = await auth.auth_manager_from_config( mock_hass, [ { "type": "insecure_example", "users": [ { "username": "******", "password": "******", "name": "Test Name", } ], } ], [], ) ensure_auth_manager_loaded(manager) user = await manager.async_create_user("Hello") assert user.is_admin user_cred = await manager.async_get_or_create_user( auth_models.Credentials( id="mock-id", auth_provider_type="insecure_example", auth_provider_id=None, data={"username": "******"}, is_new=True, ) ) assert user_cred.is_admin
async def test_auth_module_expired_session(mock_hass): """Test login as existing user.""" manager = await auth.auth_manager_from_config( mock_hass, [ { "type": "insecure_example", "users": [ { "username": "******", "password": "******", "name": "Test Name", } ], } ], [ { "type": "insecure_example", "data": [{"user_id": "mock-user", "pin": "test-pin"}], } ], ) mock_hass.auth = manager ensure_auth_manager_loaded(manager) # Add fake user with credentials for example auth provider. user = MockUser( id="mock-user", is_owner=False, is_active=False, name="Paulus" ).add_to_auth_manager(manager) user.credentials.append( auth_models.Credentials( id="mock-id", auth_provider_type="insecure_example", auth_provider_id=None, data={"username": "******"}, is_new=False, ) ) step = await manager.login_flow.async_init(("insecure_example", None)) assert step["type"] == data_entry_flow.RESULT_TYPE_FORM step = await manager.login_flow.async_configure( step["flow_id"], {"username": "******", "password": "******"} ) assert step["type"] == data_entry_flow.RESULT_TYPE_FORM assert step["step_id"] == "mfa" with patch( "homeassistant.util.dt.utcnow", return_value=dt_util.utcnow() + MFA_SESSION_EXPIRATION, ): step = await manager.login_flow.async_configure( step["flow_id"], {"pin": "test-pin"} ) # login flow abort due session timeout assert step["type"] == data_entry_flow.RESULT_TYPE_ABORT assert step["reason"] == "login_expired"
async def test_login_as_existing_user(mock_hass): """Test login as existing user.""" manager = await auth.auth_manager_from_config(mock_hass, [{ 'type': 'insecure_example', 'users': [{ 'username': '******', 'password': '******', 'name': 'Test Name' }] }], []) mock_hass.auth = manager ensure_auth_manager_loaded(manager) # Add a fake user that we're not going to log in with user = MockUser( id='mock-user2', is_owner=False, is_active=False, name='Not user', ).add_to_auth_manager(manager) user.credentials.append(auth_models.Credentials( id='mock-id2', auth_provider_type='insecure_example', auth_provider_id=None, data={'username': '******'}, is_new=False, )) # Add fake user with credentials for example auth provider. user = MockUser( id='mock-user', is_owner=False, is_active=False, name='Paulus', ).add_to_auth_manager(manager) user.credentials.append(auth_models.Credentials( id='mock-id', auth_provider_type='insecure_example', auth_provider_id=None, data={'username': '******'}, is_new=False, )) step = await manager.login_flow.async_init(('insecure_example', None)) assert step['type'] == data_entry_flow.RESULT_TYPE_FORM step = await manager.login_flow.async_configure(step['flow_id'], { 'username': '******', 'password': '******', }) assert step['type'] == data_entry_flow.RESULT_TYPE_CREATE_ENTRY user = step['result'] assert user is not None assert user.id == 'mock-user' assert user.is_owner is False assert user.is_active is False assert user.name == 'Paulus'
async def test_login_as_existing_user(mock_hass): """Test login as existing user.""" manager = await auth.auth_manager_from_config(mock_hass, [{ 'type': 'insecure_example', 'users': [{ 'username': '******', 'password': '******', 'name': 'Test Name' }] }], []) mock_hass.auth = manager ensure_auth_manager_loaded(manager) # Add a fake user that we're not going to log in with user = MockUser( id='mock-user2', is_owner=False, is_active=False, name='Not user', ).add_to_auth_manager(manager) user.credentials.append(auth_models.Credentials( id='mock-id2', auth_provider_type='insecure_example', auth_provider_id=None, data={'username': '******'}, is_new=False, )) # Add fake user with credentials for example auth provider. user = MockUser( id='mock-user', is_owner=False, is_active=False, name='Paulus', ).add_to_auth_manager(manager) user.credentials.append(auth_models.Credentials( id='mock-id', auth_provider_type='insecure_example', auth_provider_id=None, data={'username': '******'}, is_new=False, )) step = await manager.login_flow.async_init(('insecure_example', None)) assert step['type'] == data_entry_flow.RESULT_TYPE_FORM step = await manager.login_flow.async_configure(step['flow_id'], { 'username': '******', 'password': '******', }) assert step['type'] == data_entry_flow.RESULT_TYPE_CREATE_ENTRY user = step['result'] assert user is not None assert user.id == 'mock-user' assert user.is_owner is False assert user.is_active is False assert user.name == 'Paulus'
async def test_new_users(mock_hass): """Test newly created users.""" manager = await auth.auth_manager_from_config( mock_hass, [{ "type": "insecure_example", "users": [ { "username": "******", "password": "******", "name": "Test Name", }, { "username": "******", "password": "******", "name": "Test Name", }, { "username": "******", "password": "******", "name": "Test Name", }, ], }], [], ) ensure_auth_manager_loaded(manager) user = await manager.async_create_user("Hello") # first user in the system is owner and admin assert user.is_owner assert user.is_admin assert not user.local_only assert user.groups == [] user = await manager.async_create_user("Hello 2") assert not user.is_admin assert user.groups == [] user = await manager.async_create_user("Hello 3", group_ids=["system-admin"], local_only=True) assert user.is_admin assert user.groups[0].id == "system-admin" assert user.local_only user_cred = await manager.async_get_or_create_user( auth_models.Credentials( id="mock-id", auth_provider_type="insecure_example", auth_provider_id=None, data={"username": "******"}, is_new=True, )) assert user_cred.is_admin
async def test_auth_module_expired_session(mock_hass): """Test login as existing user.""" manager = await auth.auth_manager_from_config(mock_hass, [{ 'type': 'insecure_example', 'users': [{ 'username': '******', 'password': '******', 'name': 'Test Name' }], }], [{ 'type': 'insecure_example', 'data': [{ 'user_id': 'mock-user', 'pin': 'test-pin' }] }]) mock_hass.auth = manager ensure_auth_manager_loaded(manager) # Add fake user with credentials for example auth provider. user = MockUser( id='mock-user', is_owner=False, is_active=False, name='Paulus', ).add_to_auth_manager(manager) user.credentials.append( auth_models.Credentials( id='mock-id', auth_provider_type='insecure_example', auth_provider_id=None, data={'username': '******'}, is_new=False, )) step = await manager.login_flow.async_init(('insecure_example', None)) assert step['type'] == data_entry_flow.RESULT_TYPE_FORM step = await manager.login_flow.async_configure(step['flow_id'], { 'username': '******', 'password': '******', }) assert step['type'] == data_entry_flow.RESULT_TYPE_FORM assert step['step_id'] == 'mfa' with patch('homeassistant.util.dt.utcnow', return_value=dt_util.utcnow() + SESSION_EXPIRATION): step = await manager.login_flow.async_configure( step['flow_id'], { 'pin': 'test-pin', }) # login flow abort due session timeout assert step['type'] == data_entry_flow.RESULT_TYPE_ABORT assert step['reason'] == 'login_expired'
async def test_auth_module_expired_session(mock_hass): """Test login as existing user.""" manager = await auth.auth_manager_from_config(mock_hass, [{ 'type': 'insecure_example', 'users': [{ 'username': '******', 'password': '******', 'name': 'Test Name' }], }], [{ 'type': 'insecure_example', 'data': [{ 'user_id': 'mock-user', 'pin': 'test-pin' }] }]) mock_hass.auth = manager ensure_auth_manager_loaded(manager) # Add fake user with credentials for example auth provider. user = MockUser( id='mock-user', is_owner=False, is_active=False, name='Paulus', ).add_to_auth_manager(manager) user.credentials.append(auth_models.Credentials( id='mock-id', auth_provider_type='insecure_example', auth_provider_id=None, data={'username': '******'}, is_new=False, )) step = await manager.login_flow.async_init(('insecure_example', None)) assert step['type'] == data_entry_flow.RESULT_TYPE_FORM step = await manager.login_flow.async_configure(step['flow_id'], { 'username': '******', 'password': '******', }) assert step['type'] == data_entry_flow.RESULT_TYPE_FORM assert step['step_id'] == 'mfa' with patch('homeassistant.util.dt.utcnow', return_value=dt_util.utcnow() + SESSION_EXPIRATION): step = await manager.login_flow.async_configure(step['flow_id'], { 'pin': 'test-pin', }) # login flow abort due session timeout assert step['type'] == data_entry_flow.RESULT_TYPE_ABORT assert step['reason'] == 'login_expired'
async def test_async_remove_user(hass): """Test removing a user.""" events = [] @callback def user_removed(event): events.append(event) hass.bus.async_listen("user_removed", user_removed) manager = await auth.auth_manager_from_config( hass, [ { "type": "insecure_example", "users": [ { "username": "******", "password": "******", "name": "Test Name", } ], } ], [], ) hass.auth = manager ensure_auth_manager_loaded(manager) # Add fake user with credentials for example auth provider. user = MockUser( id="mock-user", is_owner=False, is_active=False, name="Paulus" ).add_to_auth_manager(manager) user.credentials.append( auth_models.Credentials( id="mock-id", auth_provider_type="insecure_example", auth_provider_id=None, data={"username": "******"}, is_new=False, ) ) assert len(user.credentials) == 1 await hass.auth.async_remove_user(user) assert len(await manager.async_get_users()) == 0 assert len(user.credentials) == 0 await hass.async_block_till_done() assert len(events) == 1 assert events[0].data["user_id"] == user.id
async def async_setup_auth(hass, aiohttp_client, provider_configs=BASE_CONFIG, setup_api=False): """Helper to setup authentication and create a HTTP client.""" hass.auth = await auth.auth_manager_from_config(hass, provider_configs) ensure_auth_manager_loaded(hass.auth) await async_setup_component(hass, 'auth', { 'http': { 'api_password': '******' } }) if setup_api: await async_setup_component(hass, 'api', {}) return await aiohttp_client(hass.http.app)
async def async_setup_auth(hass, aiohttp_client, provider_configs=BASE_CONFIG, setup_api=False): """Helper to setup authentication and create a HTTP client.""" hass.auth = await auth.auth_manager_from_config(hass, provider_configs) ensure_auth_manager_loaded(hass.auth) await async_setup_component(hass, 'auth', {'http': { 'api_password': '******' }}) if setup_api: await async_setup_component(hass, 'api', {}) return await aiohttp_client(hass.http.app)
async def async_setup_auth( hass, aiohttp_client, provider_configs=BASE_CONFIG, module_configs=EMPTY_CONFIG, setup_api=False, ): """Set up authentication and create an HTTP client.""" hass.auth = await auth.auth_manager_from_config(hass, provider_configs, module_configs) ensure_auth_manager_loaded(hass.auth) await async_setup_component(hass, "auth", {}) if setup_api: await async_setup_component(hass, "api", {}) return await aiohttp_client(hass.http.app)
async def async_setup_auth(hass, aiohttp_client, provider_configs=BASE_CONFIG, setup_api=False): """Helper to setup authentication and create a HTTP client.""" hass.auth = await auth.auth_manager_from_config(hass, provider_configs) ensure_auth_manager_loaded(hass.auth) await async_setup_component(hass, 'auth', { 'http': { 'api_password': '******' } }) client = auth.Client('Test Client', CLIENT_ID, CLIENT_SECRET, redirect_uris=[CLIENT_REDIRECT_URI]) hass.auth._store._clients[client.id] = client if setup_api: await async_setup_component(hass, 'api', {}) return await aiohttp_client(hass.http.app)
async def test_async_remove_user(hass): """Test removing a user.""" events = [] @callback def user_removed(event): events.append(event) hass.bus.async_listen('user_removed', user_removed) manager = await auth.auth_manager_from_config(hass, [{ 'type': 'insecure_example', 'users': [{ 'username': '******', 'password': '******', 'name': 'Test Name' }] }], []) hass.auth = manager ensure_auth_manager_loaded(manager) # Add fake user with credentials for example auth provider. user = MockUser( id='mock-user', is_owner=False, is_active=False, name='Paulus', ).add_to_auth_manager(manager) user.credentials.append( auth_models.Credentials( id='mock-id', auth_provider_type='insecure_example', auth_provider_id=None, data={'username': '******'}, is_new=False, )) assert len(user.credentials) == 1 await hass.auth.async_remove_user(user) assert len(await manager.async_get_users()) == 0 assert len(user.credentials) == 0 await hass.async_block_till_done() assert len(events) == 1 assert events[0].data['user_id'] == user.id
async def test_async_remove_user(hass): """Test removing a user.""" events = [] @callback def user_removed(event): events.append(event) hass.bus.async_listen('user_removed', user_removed) manager = await auth.auth_manager_from_config(hass, [{ 'type': 'insecure_example', 'users': [{ 'username': '******', 'password': '******', 'name': 'Test Name' }] }], []) hass.auth = manager ensure_auth_manager_loaded(manager) # Add fake user with credentials for example auth provider. user = MockUser( id='mock-user', is_owner=False, is_active=False, name='Paulus', ).add_to_auth_manager(manager) user.credentials.append(auth_models.Credentials( id='mock-id', auth_provider_type='insecure_example', auth_provider_id=None, data={'username': '******'}, is_new=False, )) assert len(user.credentials) == 1 await hass.auth.async_remove_user(user) assert len(await manager.async_get_users()) == 0 assert len(user.credentials) == 0 await hass.async_block_till_done() assert len(events) == 1 assert events[0].data['user_id'] == user.id
async def async_setup_auth(hass, aiohttp_client, provider_configs=BASE_CONFIG, setup_api=False): """Helper to setup authentication and create a HTTP client.""" hass.auth = await auth.auth_manager_from_config(hass, provider_configs) ensure_auth_manager_loaded(hass.auth) await async_setup_component(hass, 'auth', {'http': { 'api_password': '******' }}) client = auth.Client('Test Client', CLIENT_ID, CLIENT_SECRET, redirect_uris=[CLIENT_REDIRECT_URI]) hass.auth._store._clients[client.id] = client if setup_api: await async_setup_component(hass, 'api', {}) return await aiohttp_client(hass.http.app)
async def async_setup_auth(hass, aiohttp_client, provider_configs=None, module_configs=None, setup_api=False): """Set up authentication and create an HTTP client.""" if provider_configs is None: provider_configs = BASE_CONFIG if module_configs is None: module_configs = EMPTY_CONFIG hass.auth = await auth.auth_manager_from_config(hass, provider_configs, module_configs) ensure_auth_manager_loaded(hass.auth) await async_setup_component(hass, 'auth', {'http': { 'api_password': '******' }}) if setup_api: await async_setup_component(hass, 'api', {}) return await aiohttp_client(hass.http.app)
async def test_new_users_admin(mock_hass): """Test newly created users are admin.""" manager = await auth.auth_manager_from_config(mock_hass, [{ 'type': 'insecure_example', 'users': [{ 'username': '******', 'password': '******', 'name': 'Test Name' }] }], []) ensure_auth_manager_loaded(manager) user = await manager.async_create_user('Hello') assert user.is_admin user_cred = await manager.async_get_or_create_user(auth_models.Credentials( id='mock-id', auth_provider_type='insecure_example', auth_provider_id=None, data={'username': '******'}, is_new=True, )) assert user_cred.is_admin
async def test_ws_setup_depose_mfa(hass, hass_ws_client): """Test set up mfa module for current user.""" hass.auth = await auth_manager_from_config( hass, provider_configs=[{ 'type': 'insecure_example', 'users': [{ 'username': '******', 'password': '******', 'name': 'Test Name', }] }], module_configs=[{ 'type': 'insecure_example', 'id': 'example_module', 'data': [{'user_id': 'mock-user', 'pin': '123456'}] }]) ensure_auth_manager_loaded(hass.auth) await async_setup_component(hass, 'auth', {'http': {}}) user = MockUser(id='mock-user').add_to_hass(hass) cred = await hass.auth.auth_providers[0].async_get_or_create_credentials( {'username': '******'}) await hass.auth.async_link_user(user, cred) refresh_token = await hass.auth.async_create_refresh_token(user, CLIENT_ID) access_token = hass.auth.async_create_access_token(refresh_token) client = await hass_ws_client(hass, access_token) await client.send_json({ 'id': 10, 'type': mfa_setup_flow.WS_TYPE_SETUP_MFA, }) result = await client.receive_json() assert result['id'] == 10 assert result['success'] is False assert result['error']['code'] == 'no_module' await client.send_json({ 'id': 11, 'type': mfa_setup_flow.WS_TYPE_SETUP_MFA, 'mfa_module_id': 'example_module', }) result = await client.receive_json() assert result['id'] == 11 assert result['success'] flow = result['result'] assert flow['type'] == data_entry_flow.RESULT_TYPE_FORM assert flow['handler'] == 'example_module' assert flow['step_id'] == 'init' assert flow['data_schema'][0] == {'type': 'string', 'name': 'pin'} await client.send_json({ 'id': 12, 'type': mfa_setup_flow.WS_TYPE_SETUP_MFA, 'flow_id': flow['flow_id'], 'user_input': {'pin': '654321'}, }) result = await client.receive_json() assert result['id'] == 12 assert result['success'] flow = result['result'] assert flow['type'] == data_entry_flow.RESULT_TYPE_CREATE_ENTRY assert flow['handler'] == 'example_module' assert flow['data']['result'] is None await client.send_json({ 'id': 13, 'type': mfa_setup_flow.WS_TYPE_DEPOSE_MFA, 'mfa_module_id': 'invalid_id', }) result = await client.receive_json() assert result['id'] == 13 assert result['success'] is False assert result['error']['code'] == 'disable_failed' await client.send_json({ 'id': 14, 'type': mfa_setup_flow.WS_TYPE_DEPOSE_MFA, 'mfa_module_id': 'example_module', }) result = await client.receive_json() assert result['id'] == 14 assert result['success'] assert result['result'] == 'done'
async def test_login_with_multi_auth_module(mock_hass): """Test login as existing user with multiple auth modules.""" manager = await auth.auth_manager_from_config( mock_hass, [{ "type": "insecure_example", "users": [{ "username": "******", "password": "******", "name": "Test Name", }], }], [ { "type": "insecure_example", "data": [{ "user_id": "mock-user", "pin": "test-pin" }], }, { "type": "insecure_example", "id": "module2", "data": [{ "user_id": "mock-user", "pin": "test-pin2" }], }, ], ) mock_hass.auth = manager ensure_auth_manager_loaded(manager) # Add fake user with credentials for example auth provider. user = MockUser(id="mock-user", is_owner=False, is_active=False, name="Paulus").add_to_auth_manager(manager) user.credentials.append( auth_models.Credentials( id="mock-id", auth_provider_type="insecure_example", auth_provider_id=None, data={"username": "******"}, is_new=False, )) step = await manager.login_flow.async_init(("insecure_example", None)) assert step["type"] == data_entry_flow.RESULT_TYPE_FORM step = await manager.login_flow.async_configure(step["flow_id"], { "username": "******", "password": "******" }) # After auth_provider validated, request select auth module assert step["type"] == data_entry_flow.RESULT_TYPE_FORM assert step["step_id"] == "select_mfa_module" step = await manager.login_flow.async_configure( step["flow_id"], {"multi_factor_auth_module": "module2"}) assert step["type"] == data_entry_flow.RESULT_TYPE_FORM assert step["step_id"] == "mfa" step = await manager.login_flow.async_configure(step["flow_id"], {"pin": "test-pin2"}) # Finally passed, get credential assert step["type"] == data_entry_flow.RESULT_TYPE_CREATE_ENTRY assert step["result"] assert step["result"].id == "mock-id"
async def test_login_as_existing_user(mock_hass): """Test login as existing user.""" manager = await auth.auth_manager_from_config( mock_hass, [{ "type": "insecure_example", "users": [{ "username": "******", "password": "******", "name": "Test Name", }], }], [], ) mock_hass.auth = manager ensure_auth_manager_loaded(manager) # Add a fake user that we're not going to log in with user = MockUser(id="mock-user2", is_owner=False, is_active=False, name="Not user").add_to_auth_manager(manager) user.credentials.append( auth_models.Credentials( id="mock-id2", auth_provider_type="insecure_example", auth_provider_id=None, data={"username": "******"}, is_new=False, )) # Add fake user with credentials for example auth provider. user = MockUser(id="mock-user", is_owner=False, is_active=False, name="Paulus").add_to_auth_manager(manager) user.credentials.append( auth_models.Credentials( id="mock-id", auth_provider_type="insecure_example", auth_provider_id=None, data={"username": "******"}, is_new=False, )) step = await manager.login_flow.async_init(("insecure_example", None)) assert step["type"] == data_entry_flow.RESULT_TYPE_FORM step = await manager.login_flow.async_configure(step["flow_id"], { "username": "******", "password": "******" }) assert step["type"] == data_entry_flow.RESULT_TYPE_CREATE_ENTRY credential = step["result"] user = await manager.async_get_user_by_credentials(credential) assert user is not None assert user.id == "mock-user" assert user.is_owner is False assert user.is_active is False assert user.name == "Paulus"
async def test_login_with_multi_auth_module(mock_hass): """Test login as existing user with multiple auth modules.""" manager = await auth.auth_manager_from_config(mock_hass, [{ 'type': 'insecure_example', 'users': [{ 'username': '******', 'password': '******', 'name': 'Test Name' }], }], [{ 'type': 'insecure_example', 'data': [{ 'user_id': 'mock-user', 'pin': 'test-pin' }] }, { 'type': 'insecure_example', 'id': 'module2', 'data': [{ 'user_id': 'mock-user', 'pin': 'test-pin2' }] }]) mock_hass.auth = manager ensure_auth_manager_loaded(manager) # Add fake user with credentials for example auth provider. user = MockUser( id='mock-user', is_owner=False, is_active=False, name='Paulus', ).add_to_auth_manager(manager) user.credentials.append(auth_models.Credentials( id='mock-id', auth_provider_type='insecure_example', auth_provider_id=None, data={'username': '******'}, is_new=False, )) step = await manager.login_flow.async_init(('insecure_example', None)) assert step['type'] == data_entry_flow.RESULT_TYPE_FORM step = await manager.login_flow.async_configure(step['flow_id'], { 'username': '******', 'password': '******', }) # After auth_provider validated, request select auth module assert step['type'] == data_entry_flow.RESULT_TYPE_FORM assert step['step_id'] == 'select_mfa_module' step = await manager.login_flow.async_configure(step['flow_id'], { 'multi_factor_auth_module': 'module2', }) assert step['type'] == data_entry_flow.RESULT_TYPE_FORM assert step['step_id'] == 'mfa' step = await manager.login_flow.async_configure(step['flow_id'], { 'pin': 'test-pin2', }) # Finally passed, get user assert step['type'] == data_entry_flow.RESULT_TYPE_CREATE_ENTRY user = step['result'] assert user is not None assert user.id == 'mock-user' assert user.is_owner is False assert user.is_active is False assert user.name == 'Paulus'
async def test_login_with_multi_auth_module(mock_hass): """Test login as existing user with multiple auth modules.""" manager = await auth.auth_manager_from_config(mock_hass, [{ 'type': 'insecure_example', 'users': [{ 'username': '******', 'password': '******', 'name': 'Test Name' }], }], [{ 'type': 'insecure_example', 'data': [{ 'user_id': 'mock-user', 'pin': 'test-pin' }] }, { 'type': 'insecure_example', 'id': 'module2', 'data': [{ 'user_id': 'mock-user', 'pin': 'test-pin2' }] }]) mock_hass.auth = manager ensure_auth_manager_loaded(manager) # Add fake user with credentials for example auth provider. user = MockUser( id='mock-user', is_owner=False, is_active=False, name='Paulus', ).add_to_auth_manager(manager) user.credentials.append( auth_models.Credentials( id='mock-id', auth_provider_type='insecure_example', auth_provider_id=None, data={'username': '******'}, is_new=False, )) step = await manager.login_flow.async_init(('insecure_example', None)) assert step['type'] == data_entry_flow.RESULT_TYPE_FORM step = await manager.login_flow.async_configure(step['flow_id'], { 'username': '******', 'password': '******', }) # After auth_provider validated, request select auth module assert step['type'] == data_entry_flow.RESULT_TYPE_FORM assert step['step_id'] == 'select_mfa_module' step = await manager.login_flow.async_configure( step['flow_id'], { 'multi_factor_auth_module': 'module2', }) assert step['type'] == data_entry_flow.RESULT_TYPE_FORM assert step['step_id'] == 'mfa' step = await manager.login_flow.async_configure(step['flow_id'], { 'pin': 'test-pin2', }) # Finally passed, get user assert step['type'] == data_entry_flow.RESULT_TYPE_CREATE_ENTRY user = step['result'] assert user is not None assert user.id == 'mock-user' assert user.is_owner is False assert user.is_active is False assert user.name == 'Paulus'
async def test_login_with_auth_module(mock_hass): """Test login as existing user with auth module.""" manager = await auth.auth_manager_from_config( mock_hass, [{ "type": "insecure_example", "users": [{ "username": "******", "password": "******", "name": "Test Name", }], }], [{ "type": "insecure_example", "data": [{ "user_id": "mock-user", "pin": "test-pin" }], }], ) mock_hass.auth = manager ensure_auth_manager_loaded(manager) # Add fake user with credentials for example auth provider. user = MockUser(id="mock-user", is_owner=False, is_active=False, name="Paulus").add_to_auth_manager(manager) user.credentials.append( auth_models.Credentials( id="mock-id", auth_provider_type="insecure_example", auth_provider_id=None, data={"username": "******"}, is_new=False, )) step = await manager.login_flow.async_init(("insecure_example", None)) assert step["type"] == data_entry_flow.RESULT_TYPE_FORM step = await manager.login_flow.async_configure(step["flow_id"], { "username": "******", "password": "******" }) # After auth_provider validated, request auth module input form assert step["type"] == data_entry_flow.RESULT_TYPE_FORM assert step["step_id"] == "mfa" step = await manager.login_flow.async_configure(step["flow_id"], {"pin": "invalid-pin"}) # Invalid code error assert step["type"] == data_entry_flow.RESULT_TYPE_FORM assert step["step_id"] == "mfa" assert step["errors"] == {"base": "invalid_code"} step = await manager.login_flow.async_configure(step["flow_id"], {"pin": "test-pin"}) # Finally passed, get user assert step["type"] == data_entry_flow.RESULT_TYPE_CREATE_ENTRY user = step["result"] assert user is not None assert user.id == "mock-user" assert user.is_owner is False assert user.is_active is False assert user.name == "Paulus"
async def test_ws_setup_depose_mfa(hass, hass_ws_client): """Test set up mfa module for current user.""" hass.auth = await auth_manager_from_config( hass, provider_configs=[{ "type": "insecure_example", "users": [{ "username": "******", "password": "******", "name": "Test Name", }], }], module_configs=[{ "type": "insecure_example", "id": "example_module", "data": [{ "user_id": "mock-user", "pin": "123456" }], }], ) ensure_auth_manager_loaded(hass.auth) await async_setup_component(hass, "auth", {"http": {}}) user = MockUser(id="mock-user").add_to_hass(hass) cred = await hass.auth.auth_providers[0].async_get_or_create_credentials( {"username": "******"}) await hass.auth.async_link_user(user, cred) refresh_token = await hass.auth.async_create_refresh_token(user, CLIENT_ID) access_token = hass.auth.async_create_access_token(refresh_token) client = await hass_ws_client(hass, access_token) await client.send_json({ "id": 10, "type": mfa_setup_flow.WS_TYPE_SETUP_MFA }) result = await client.receive_json() assert result["id"] == 10 assert result["success"] is False assert result["error"]["code"] == "no_module" await client.send_json({ "id": 11, "type": mfa_setup_flow.WS_TYPE_SETUP_MFA, "mfa_module_id": "example_module", }) result = await client.receive_json() assert result["id"] == 11 assert result["success"] flow = result["result"] assert flow["type"] == data_entry_flow.RESULT_TYPE_FORM assert flow["handler"] == "example_module" assert flow["step_id"] == "init" assert flow["data_schema"][0] == { "type": "string", "name": "pin", "required": True } await client.send_json({ "id": 12, "type": mfa_setup_flow.WS_TYPE_SETUP_MFA, "flow_id": flow["flow_id"], "user_input": { "pin": "654321" }, }) result = await client.receive_json() assert result["id"] == 12 assert result["success"] flow = result["result"] assert flow["type"] == data_entry_flow.RESULT_TYPE_CREATE_ENTRY assert flow["handler"] == "example_module" assert flow["data"]["result"] is None await client.send_json({ "id": 13, "type": mfa_setup_flow.WS_TYPE_DEPOSE_MFA, "mfa_module_id": "invalid_id", }) result = await client.receive_json() assert result["id"] == 13 assert result["success"] is False assert result["error"]["code"] == "disable_failed" await client.send_json({ "id": 14, "type": mfa_setup_flow.WS_TYPE_DEPOSE_MFA, "mfa_module_id": "example_module", }) result = await client.receive_json() assert result["id"] == 14 assert result["success"] assert result["result"] == "done"
async def test_ws_setup_depose_mfa(hass, hass_ws_client): """Test set up mfa module for current user.""" hass.auth = await auth_manager_from_config(hass, provider_configs=[{ 'type': 'insecure_example', 'users': [{ 'username': '******', 'password': '******', 'name': 'Test Name', }] }], module_configs=[{ 'type': 'insecure_example', 'id': 'example_module', 'data': [{ 'user_id': 'mock-user', 'pin': '123456' }] }]) ensure_auth_manager_loaded(hass.auth) await async_setup_component(hass, 'auth', {'http': {}}) user = MockUser(id='mock-user').add_to_hass(hass) cred = await hass.auth.auth_providers[0].async_get_or_create_credentials( {'username': '******'}) await hass.auth.async_link_user(user, cred) refresh_token = await hass.auth.async_create_refresh_token(user, CLIENT_ID) access_token = hass.auth.async_create_access_token(refresh_token) client = await hass_ws_client(hass, access_token) await client.send_json({ 'id': 10, 'type': mfa_setup_flow.WS_TYPE_SETUP_MFA, }) result = await client.receive_json() assert result['id'] == 10 assert result['success'] is False assert result['error']['code'] == 'no_module' await client.send_json({ 'id': 11, 'type': mfa_setup_flow.WS_TYPE_SETUP_MFA, 'mfa_module_id': 'example_module', }) result = await client.receive_json() assert result['id'] == 11 assert result['success'] flow = result['result'] assert flow['type'] == data_entry_flow.RESULT_TYPE_FORM assert flow['handler'] == 'example_module' assert flow['step_id'] == 'init' assert flow['data_schema'][0] == {'type': 'string', 'name': 'pin'} await client.send_json({ 'id': 12, 'type': mfa_setup_flow.WS_TYPE_SETUP_MFA, 'flow_id': flow['flow_id'], 'user_input': { 'pin': '654321' }, }) result = await client.receive_json() assert result['id'] == 12 assert result['success'] flow = result['result'] assert flow['type'] == data_entry_flow.RESULT_TYPE_CREATE_ENTRY assert flow['handler'] == 'example_module' assert flow['data']['result'] is None await client.send_json({ 'id': 13, 'type': mfa_setup_flow.WS_TYPE_DEPOSE_MFA, 'mfa_module_id': 'invalid_id', }) result = await client.receive_json() assert result['id'] == 13 assert result['success'] is False assert result['error']['code'] == 'disable_failed' await client.send_json({ 'id': 14, 'type': mfa_setup_flow.WS_TYPE_DEPOSE_MFA, 'mfa_module_id': 'example_module', }) result = await client.receive_json() assert result['id'] == 14 assert result['success'] assert result['result'] == 'done'