jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

passkey: fix tests

Browse Source
This commit is contained in:
Girish Ramakrishnan
2026-03-18 14:52:57 +05:30
parent 6085a8231f
commit fbe13b75df
1 changed files with 24 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/test/passkeys-test.js
+24 -13
View File
@@ -176,7 +176,7 @@ describe('Passkeys', function () {
assert.notEqual(error, null);
});
it('rejects registration when TOTP is enabled', async function () {
it('allows registration options when TOTP is enabled', async function () {
const adminUser = await users.get(admin.id);
// enable TOTP first
@@ -186,9 +186,10 @@ describe('Passkeys', function () {
await users.enableTotp(adminUser, totpToken, auditSource);
adminUser.totpEnabled = true;
const [error] = await safe(passkeys.getRegistrationOptions(adminUser));
assert.notEqual(error, null);
assert.equal(error.reason, BoxError.ALREADY_EXISTS);
const [error, options] = await safe(passkeys.getRegistrationOptions(adminUser));
assert.equal(error, null);
assert.ok((options) && typeof (options) === 'object' && !Array.isArray(options));
assert.equal(typeof options.challenge, 'string');
// disable TOTP for further tests
await users.disableTotp(adminUser, auditSource);
@@ -281,10 +282,10 @@ describe('Passkeys', function () {
});
});
describe('TOTP mutual exclusion', function () {
describe('TOTP and passkey coexistence', function () {
before(createOwner);
it('cannot enable TOTP when passkey exists', async function () {
it('can enable TOTP when passkey exists', async function () {
// register a passkey
const authenticator = webauthnHelper.createVirtualAuthenticator();
const adminUser = await users.get(admin.id);
@@ -292,19 +293,21 @@ describe('Passkeys', function () {
const response = await webauthnHelper.createRegistrationResponse(authenticator, options, origin);
await passkeys.verifyRegistration(adminUser, response, 'Exclusion Test');
// try to enable TOTP
// enable TOTP while passkey exists
const twofa = await users.setTotpSecret(adminUser, auditSource);
adminUser.totpSecret = twofa.secret;
const totpToken = speakeasy.totp({ secret: twofa.secret, encoding: 'base32' });
const [error] = await safe(users.enableTotp(adminUser, totpToken, auditSource));
assert.notEqual(error, null);
assert.equal(error.reason, BoxError.ALREADY_EXISTS);
assert.equal(error, null);
adminUser.totpEnabled = true;
await users.disableTotp(adminUser, auditSource);
adminUser.totpEnabled = false;
await passkeys.delAll();
});
it('cannot register passkey when TOTP is enabled', async function () {
it('can register passkey when TOTP is enabled', async function () {
const adminUser = await users.get(admin.id);
// enable TOTP
@@ -314,11 +317,19 @@ describe('Passkeys', function () {
await users.enableTotp(adminUser, totpToken, auditSource);
adminUser.totpEnabled = true;
const [error] = await safe(passkeys.getRegistrationOptions(adminUser));
assert.notEqual(error, null);
assert.equal(error.reason, BoxError.ALREADY_EXISTS);
const [error, options] = await safe(passkeys.getRegistrationOptions(adminUser));
assert.equal(error, null);
assert.ok((options) && typeof (options) === 'object' && !Array.isArray(options));
assert.equal(typeof options.challenge, 'string');
const authenticator = webauthnHelper.createVirtualAuthenticator();
const response = await webauthnHelper.createRegistrationResponse(authenticator, options, origin);
const [registrationError, result] = await safe(passkeys.verifyRegistration(adminUser, response, 'Coexistence Test'));
assert.equal(registrationError, null);
assert.equal(typeof result.id, 'string');
// cleanup
await passkeys.delAll();
await users.disableTotp(adminUser, auditSource);
adminUser.totpEnabled = false;
});