Fix failing tests related to these changes

2022-02-13 18:32:02 -05:00 · 2022-02-13 18:32:02 -05:00 · e683c0a518
commit e683c0a518
parent 341ff6e178
5 changed files with 90 additions and 4 deletions
--- a/app/Http/Controllers/Auth/LoginController.php
+++ b/app/Http/Controllers/Auth/LoginController.php
@ -74,7 +74,7 @@ class LoginController extends AbstractLoginController
            return;
        }

-        if (!$user->use_totp && empty($user->securityKeys)) {
+        if (!$user->use_totp && $user->securityKeys->isEmpty()) {
            return $this->sendLoginResponse($user, $request);
        }

@ -89,12 +89,12 @@ class LoginController extends AbstractLoginController
            'complete' => false,
            'methods' => array_values(array_filter([
                $user->use_totp ? self::METHOD_TOTP : null,
-                !empty($user->securityKeys) ? self::METHOD_WEBAUTHN : null,
+                $user->securityKeys->isNotEmpty() ? self::METHOD_WEBAUTHN : null,
            ])),
            'confirmation_token' => $token,
        ];

-        if (!empty($user->securityKeys)) {
+        if ($user->securityKeys->isNotEmpty()) {
            $key = $this->service->handle($user);

            $request->session()->put(SecurityKey::PK_SESSION_NAME, $key);
--- a/app/Http/Middleware/RequireTwoFactorAuthentication.php
+++ b/app/Http/Middleware/RequireTwoFactorAuthentication.php
@ -55,7 +55,7 @@ class RequireTwoFactorAuthentication
        // send them right through, nothing else needs to be checked.
        //
        // If the level is set as admin and the user is not an admin, pass them through as well.
-        if ($level === self::LEVEL_NONE || ($user->use_totp || !empty($user->securityKeys))) {
+        if ($level === self::LEVEL_NONE || ($user->use_totp || $user->securityKeys->isNotEmpty())) {
            return $next($request);
        } elseif ($level === self::LEVEL_ADMIN && !$user->root_admin) {
            return $next($request);
--- a/database/Factories/SecurityKeyFactory.php
+++ b/database/Factories/SecurityKeyFactory.php
@ -0,0 +1,39 @@
+<?php
+
+namespace Database\Factories;
+
+use Ramsey\Uuid\Uuid;
+use Pterodactyl\Models\User;
+use Webauthn\TrustPath\EmptyTrustPath;
+use Illuminate\Database\Eloquent\Factories\Factory;
+
+class SecurityKeyFactory extends Factory
+{
+    /**
+     * Define the model's default state.
+     */
+    public function definition(): array
+    {
+        return [
+            'uuid' => Uuid::uuid4()->toString(),
+            'name' => $this->faker->word,
+            'type' => 'public-key',
+            'transports' => [],
+            'attestation_type' => 'none',
+            'trust_path' => new EmptyTrustPath(),
+            'counter' => 0,
+        ];
+    }
+
+    /**
+     * @param \Pterodactyl\Models\User $user
+     * @return $this
+     */
+    public function withUser(User $user): self
+    {
+        return $this->state([
+            'user_id' => $user->id,
+            'user_handle' => $user->uuid,
+        ]);
+    }
+}
--- a/database/migrations/2022_02_13_181550_drop_webauthn_keys_table.php
+++ b/database/migrations/2022_02_13_181550_drop_webauthn_keys_table.php
@ -0,0 +1,46 @@
+<?php
+
+use Illuminate\Database\Migrations\Migration;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Support\Facades\Schema;
+
+class DropWebauthnKeysTable extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::dropIfExists('webauthn_keys');
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        // Copied from 2019_03_29_163611_add_webauthn
+        Schema::create('webauthn_keys', function (Blueprint $table) {
+            $table->increments('id');
+            $table->unsignedInteger('user_id');
+
+            $table->string('name')->default('key');
+            $table->string('credentialId', 255);
+            $table->string('type', 255);
+            $table->text('transports');
+            $table->string('attestationType', 255);
+            $table->text('trustPath');
+            $table->text('aaguid');
+            $table->text('credentialPublicKey');
+            $table->integer('counter');
+            $table->timestamps();
+
+            $table->foreign('user_id')->references('id')->on('users')->onDelete('cascade');
+            $table->index('credentialId');
+        });
+    }
+}
--- a/tests/Unit/Http/Middleware/RequireTwoFactorAuthenticationTest.php
+++ b/tests/Unit/Http/Middleware/RequireTwoFactorAuthenticationTest.php
@ -108,6 +108,7 @@ class RequireTwoFactorAuthenticationTest extends MiddlewareTestCase
        $this->assertFalse($user->use_totp);
        $this->assertEmpty($user->totp_secret);
        $this->assertEmpty($user->totp_authenticated_at);
+        $this->assertEmpty($user->securityKeys);

        $this->request->shouldReceive('getRequestUri')->withNoArgs()->andReturn('/');
        $this->request->shouldReceive('route->getName')->withNoArgs()->andReturn(null);