Fix failing tests related to these changes

This commit is contained in:
Dane Everitt 2022-02-13 18:32:02 -05:00
parent 341ff6e178
commit e683c0a518
No known key found for this signature in database
GPG key ID: EEA66103B3D71F53
5 changed files with 90 additions and 4 deletions

View file

@ -74,7 +74,7 @@ class LoginController extends AbstractLoginController
return; return;
} }
if (!$user->use_totp && empty($user->securityKeys)) { if (!$user->use_totp && $user->securityKeys->isEmpty()) {
return $this->sendLoginResponse($user, $request); return $this->sendLoginResponse($user, $request);
} }
@ -89,12 +89,12 @@ class LoginController extends AbstractLoginController
'complete' => false, 'complete' => false,
'methods' => array_values(array_filter([ 'methods' => array_values(array_filter([
$user->use_totp ? self::METHOD_TOTP : null, $user->use_totp ? self::METHOD_TOTP : null,
!empty($user->securityKeys) ? self::METHOD_WEBAUTHN : null, $user->securityKeys->isNotEmpty() ? self::METHOD_WEBAUTHN : null,
])), ])),
'confirmation_token' => $token, 'confirmation_token' => $token,
]; ];
if (!empty($user->securityKeys)) { if ($user->securityKeys->isNotEmpty()) {
$key = $this->service->handle($user); $key = $this->service->handle($user);
$request->session()->put(SecurityKey::PK_SESSION_NAME, $key); $request->session()->put(SecurityKey::PK_SESSION_NAME, $key);

View file

@ -55,7 +55,7 @@ class RequireTwoFactorAuthentication
// send them right through, nothing else needs to be checked. // send them right through, nothing else needs to be checked.
// //
// If the level is set as admin and the user is not an admin, pass them through as well. // If the level is set as admin and the user is not an admin, pass them through as well.
if ($level === self::LEVEL_NONE || ($user->use_totp || !empty($user->securityKeys))) { if ($level === self::LEVEL_NONE || ($user->use_totp || $user->securityKeys->isNotEmpty())) {
return $next($request); return $next($request);
} elseif ($level === self::LEVEL_ADMIN && !$user->root_admin) { } elseif ($level === self::LEVEL_ADMIN && !$user->root_admin) {
return $next($request); return $next($request);

View file

@ -0,0 +1,39 @@
<?php
namespace Database\Factories;
use Ramsey\Uuid\Uuid;
use Pterodactyl\Models\User;
use Webauthn\TrustPath\EmptyTrustPath;
use Illuminate\Database\Eloquent\Factories\Factory;
class SecurityKeyFactory extends Factory
{
/**
* Define the model's default state.
*/
public function definition(): array
{
return [
'uuid' => Uuid::uuid4()->toString(),
'name' => $this->faker->word,
'type' => 'public-key',
'transports' => [],
'attestation_type' => 'none',
'trust_path' => new EmptyTrustPath(),
'counter' => 0,
];
}
/**
* @param \Pterodactyl\Models\User $user
* @return $this
*/
public function withUser(User $user): self
{
return $this->state([
'user_id' => $user->id,
'user_handle' => $user->uuid,
]);
}
}

View file

@ -0,0 +1,46 @@
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
class DropWebauthnKeysTable extends Migration
{
/**
* Run the migrations.
*
* @return void
*/
public function up()
{
Schema::dropIfExists('webauthn_keys');
}
/**
* Reverse the migrations.
*
* @return void
*/
public function down()
{
// Copied from 2019_03_29_163611_add_webauthn
Schema::create('webauthn_keys', function (Blueprint $table) {
$table->increments('id');
$table->unsignedInteger('user_id');
$table->string('name')->default('key');
$table->string('credentialId', 255);
$table->string('type', 255);
$table->text('transports');
$table->string('attestationType', 255);
$table->text('trustPath');
$table->text('aaguid');
$table->text('credentialPublicKey');
$table->integer('counter');
$table->timestamps();
$table->foreign('user_id')->references('id')->on('users')->onDelete('cascade');
$table->index('credentialId');
});
}
}

View file

@ -108,6 +108,7 @@ class RequireTwoFactorAuthenticationTest extends MiddlewareTestCase
$this->assertFalse($user->use_totp); $this->assertFalse($user->use_totp);
$this->assertEmpty($user->totp_secret); $this->assertEmpty($user->totp_secret);
$this->assertEmpty($user->totp_authenticated_at); $this->assertEmpty($user->totp_authenticated_at);
$this->assertEmpty($user->securityKeys);
$this->request->shouldReceive('getRequestUri')->withNoArgs()->andReturn('/'); $this->request->shouldReceive('getRequestUri')->withNoArgs()->andReturn('/');
$this->request->shouldReceive('route->getName')->withNoArgs()->andReturn(null); $this->request->shouldReceive('route->getName')->withNoArgs()->andReturn(null);