2022-07-23 13:02:31 +00:00
|
|
|
package test
|
|
|
|
|
|
|
|
|
|
import (
|
2022-07-29 19:42:20 +00:00
|
|
|
"context"
|
2022-07-23 13:02:31 +00:00
|
|
|
"testing"
|
|
|
|
|
|
2022-07-29 19:42:20 +00:00
|
|
|
"github.com/authorizerdev/authorizer/server/constants"
|
2022-07-23 13:02:31 +00:00
|
|
|
"github.com/authorizerdev/authorizer/server/db"
|
|
|
|
|
"github.com/authorizerdev/authorizer/server/graph/model"
|
2022-07-29 19:42:20 +00:00
|
|
|
"github.com/authorizerdev/authorizer/server/refs"
|
2022-07-23 13:02:31 +00:00
|
|
|
"github.com/authorizerdev/authorizer/server/resolvers"
|
|
|
|
|
"github.com/stretchr/testify/assert"
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
func verifyOTPTest(t *testing.T, s TestSetup) {
|
|
|
|
|
t.Helper()
|
|
|
|
|
t.Run(`should verify otp`, func(t *testing.T) {
|
2022-07-29 19:42:20 +00:00
|
|
|
req, ctx := createContext(s)
|
2022-07-23 13:02:31 +00:00
|
|
|
email := "verify_otp." + s.TestInfo.Email
|
|
|
|
|
res, err := resolvers.SignupResolver(ctx, model.SignUpInput{
|
|
|
|
|
Email: email,
|
|
|
|
|
Password: s.TestInfo.Password,
|
|
|
|
|
ConfirmPassword: s.TestInfo.Password,
|
|
|
|
|
})
|
|
|
|
|
assert.NoError(t, err)
|
|
|
|
|
assert.NotNil(t, res)
|
2022-07-29 19:42:20 +00:00
|
|
|
|
|
|
|
|
// Login should fail as email is not verified
|
|
|
|
|
loginRes, err := resolvers.LoginResolver(ctx, model.LoginInput{
|
|
|
|
|
Email: email,
|
|
|
|
|
Password: s.TestInfo.Password,
|
|
|
|
|
})
|
|
|
|
|
assert.Error(t, err)
|
|
|
|
|
assert.Nil(t, loginRes)
|
|
|
|
|
verificationRequest, err := db.Provider.GetVerificationRequestByEmail(ctx, email, constants.VerificationTypeBasicAuthSignup)
|
|
|
|
|
assert.Nil(t, err)
|
|
|
|
|
assert.Equal(t, email, verificationRequest.Email)
|
|
|
|
|
verifyRes, err := resolvers.VerifyEmailResolver(ctx, model.VerifyEmailInput{
|
|
|
|
|
Token: verificationRequest.Token,
|
|
|
|
|
})
|
|
|
|
|
assert.Nil(t, err)
|
|
|
|
|
assert.NotEqual(t, verifyRes.AccessToken, "", "access token should not be empty")
|
|
|
|
|
|
|
|
|
|
// Using access token update profile
|
|
|
|
|
s.GinContext.Request.Header.Set("Authorization", "Bearer "+refs.StringValue(verifyRes.AccessToken))
|
|
|
|
|
ctx = context.WithValue(req.Context(), "GinContextKey", s.GinContext)
|
2022-08-02 08:42:36 +00:00
|
|
|
updateProfileRes, err := resolvers.UpdateProfileResolver(ctx, model.UpdateProfileInput{
|
2022-07-29 19:42:20 +00:00
|
|
|
IsMultiFactorAuthEnabled: refs.NewBoolRef(true),
|
2022-07-23 13:02:31 +00:00
|
|
|
})
|
2022-08-02 08:42:36 +00:00
|
|
|
assert.NoError(t, err)
|
|
|
|
|
assert.NotEmpty(t, updateProfileRes.Message)
|
2022-07-23 13:02:31 +00:00
|
|
|
|
2022-07-29 19:42:20 +00:00
|
|
|
// Login should not return error but access token should be empty as otp should have been sent
|
|
|
|
|
loginRes, err = resolvers.LoginResolver(ctx, model.LoginInput{
|
|
|
|
|
Email: email,
|
|
|
|
|
Password: s.TestInfo.Password,
|
|
|
|
|
})
|
|
|
|
|
assert.NoError(t, err)
|
|
|
|
|
assert.NotNil(t, loginRes)
|
|
|
|
|
assert.Nil(t, loginRes.AccessToken)
|
|
|
|
|
|
|
|
|
|
// Get otp from db
|
|
|
|
|
otp, err := db.Provider.GetOTPByEmail(ctx, email)
|
|
|
|
|
assert.NoError(t, err)
|
|
|
|
|
assert.NotEmpty(t, otp.Otp)
|
|
|
|
|
|
|
|
|
|
verifyOtpRes, err := resolvers.VerifyOtpResolver(ctx, model.VerifyOTPRequest{
|
2022-07-23 13:02:31 +00:00
|
|
|
Email: email,
|
2022-07-29 19:42:20 +00:00
|
|
|
Otp: otp.Otp,
|
2022-07-23 13:02:31 +00:00
|
|
|
})
|
|
|
|
|
assert.Nil(t, err)
|
2022-07-29 19:42:20 +00:00
|
|
|
assert.NotEqual(t, verifyOtpRes.AccessToken, "", "access token should not be empty")
|
2022-07-23 13:02:31 +00:00
|
|
|
cleanData(email)
|
|
|
|
|
})
|
|
|
|
|
}
|
