Totp integration test fix (#6814)

bhparijat · bhparijat · commit 9ad8b23dce9d · 2022-12-02T21:32:29.000-08:00
* removed delay function and used timestamp for totp generator

* updated yarn.lock to show totp-generator

* added check for signin after unenroll

* adding skippig of totp tests if emulator is being used

* using this.skip to skip tests
diff --git a/packages/auth/test/helpers/integration/helpers.ts b/packages/auth/test/helpers/integration/helpers.ts
@@ -99,21 +99,18 @@ function stubConsoleToSilenceEmulatorWarnings(): sinon.SinonStub {
 export function getTotpCode(
   sharedSecretKey: string,
   periodSec: number,
-  verificationCodeLength: number
+  verificationCodeLength: number,
+  timestamp: Date
 ): string {
   const token = totp(sharedSecretKey, {
     period: periodSec,
     digits: verificationCodeLength,
-    algorithm: 'SHA-1'
+    algorithm: 'SHA-1',
+    timestamp
   });
 
   return token;
 }
-
-export function delay(dt: number): Promise<void> {
-  return new Promise(resolve => setTimeout(resolve, dt));
-}
-
 export const email = 'totpuser-donotdelete@test.com';
 //1000000 is always incorrect since it has 7 digits and we expect 6.
 export const incorrectTotpCode = '1000000';
diff --git a/packages/auth/test/integration/flows/totp.test.ts b/packages/auth/test/integration/flows/totp.test.ts
@@ -29,7 +29,6 @@ import {
   cleanUpTestInstance,
   getTestInstance,
   getTotpCode,
-  delay,
   email,
   incorrectTotpCode
 } from '../../helpers/integration/helpers';
@@ -38,6 +37,7 @@ import {
   TotpMultiFactorGenerator,
   TotpSecret
 } from '../../../src/mfa/assertions/totp';
+import { getEmulatorUrl } from '../../helpers/integration/settings';
 
 use(chaiAsPromised);
 use(sinonChai);
@@ -46,16 +46,26 @@ describe(' Integration tests: Mfa TOTP', () => {
   let auth: Auth;
   let totpSecret: TotpSecret;
   let displayName: string;
+  let totpTimestamp: Date;
+  let emulatorUrl: string | null;
   beforeEach(async () => {
-    auth = getTestInstance();
-    displayName = 'totp-integration-test';
+    emulatorUrl = getEmulatorUrl();
+    if (!emulatorUrl) {
+      auth = getTestInstance();
+      displayName = 'totp-integration-test';
+    }
   });
 
   afterEach(async () => {
-    await cleanUpTestInstance(auth);
+    if (!emulatorUrl) {
+      await cleanUpTestInstance(auth);
+    }
   });
 
-  it('should not enroll if incorrect totp supplied', async () => {
+  it('should not enroll if incorrect totp supplied', async function () {
+    if (emulatorUrl) {
+      this.skip();
+    }
     const cr = await signInWithEmailAndPassword(auth, email, 'password');
     const mfaUser = multiFactor(cr.user);
     const session = await mfaUser.getSession();
@@ -71,7 +81,10 @@ describe(' Integration tests: Mfa TOTP', () => {
     ).to.be.rejectedWith('auth/invalid-verification-code');
   });
 
-  it('should enroll using correct otp', async () => {
+  it('should enroll using correct otp', async function () {
+    if (emulatorUrl) {
+      this.skip();
+    }
     const cr = await signInWithEmailAndPassword(auth, email, 'password');
 
     const mfaUser = multiFactor(cr.user);
@@ -80,10 +93,13 @@ describe(' Integration tests: Mfa TOTP', () => {
 
     totpSecret = await TotpMultiFactorGenerator.generateSecret(session);
 
+    totpTimestamp = new Date();
+
     const totpVerificationCode = getTotpCode(
       totpSecret.secretKey,
       totpSecret.codeIntervalSeconds,
-      totpSecret.codeLength
+      totpSecret.codeLength,
+      totpTimestamp
     );
 
     const multiFactorAssertion =
@@ -95,9 +111,12 @@ describe(' Integration tests: Mfa TOTP', () => {
       .fulfilled;
   });
 
-  it('should not allow sign-in with incorrect totp', async () => {
-    let resolver;
+  it('should not allow sign-in with incorrect totp', async function () {
+    let resolver: any;
 
+    if (emulatorUrl) {
+      this.skip();
+    }
     try {
       await signInWithEmailAndPassword(auth, email, 'password');
 
@@ -120,13 +139,11 @@ describe(' Integration tests: Mfa TOTP', () => {
     }
   });
 
-  it('should allow sign-in with for correct totp and unenroll successfully', async () => {
-    let resolver;
-
-    await delay(30 * 1000);
-    //TODO(bhparijat) generate the otp code for the next time window by passing the appropriate
-    //timestamp to avoid the 30s delay. The delay is needed because the otp code used for enrollment
-    //cannot be reused for signing in.
+  it('should allow sign-in with for correct totp and unenroll successfully', async function () {
+    let resolver: any;
+    if (emulatorUrl) {
+      this.skip();
+    }
     try {
       await signInWithEmailAndPassword(auth, email, 'password');
 
@@ -138,11 +155,15 @@ describe(' Integration tests: Mfa TOTP', () => {
       resolver = getMultiFactorResolver(auth, error as any);
       expect(resolver.hints).to.have.length(1);
 
+      totpTimestamp.setSeconds(totpTimestamp.getSeconds() + 30);
+
       const totpVerificationCode = getTotpCode(
         totpSecret.secretKey,
         totpSecret.codeIntervalSeconds,
-        totpSecret.codeLength
+        totpSecret.codeLength,
+        totpTimestamp
       );
+
       const assertion = TotpMultiFactorGenerator.assertionForSignIn(
         resolver.hints[0].uid,
         totpVerificationCode
@@ -152,6 +173,8 @@ describe(' Integration tests: Mfa TOTP', () => {
       const mfaUser = multiFactor(userCredential.user);
 
       await expect(mfaUser.unenroll(resolver.hints[0].uid)).to.be.fulfilled;
+      await expect(signInWithEmailAndPassword(auth, email, 'password')).to.be
+        .fulfilled;
     }
-  }).timeout(32000);
+  });
 });
diff --git a/yarn.lock b/yarn.lock
@@ -11105,6 +11105,11 @@ jsprim@^1.2.2:
     json-schema "0.2.3"
     verror "1.10.0"
 
+jssha@^3.1.2:
+  version "3.3.0"
+  resolved "https://registry.npmjs.org/jssha/-/jssha-3.3.0.tgz#44b5531bcf55a12f4a388476c647a9a1cca92839"
+  integrity sha512-w9OtT4ALL+fbbwG3gw7erAO0jvS5nfvrukGPMWIAoea359B26ALXGpzy4YJSp9yGnpUvuvOw1nSjSoHDfWSr1w==
+
 jszip@^3.1.3, jszip@^3.6.0:
   version "3.7.1"
   resolved "https://registry.npmjs.org/jszip/-/jszip-3.7.1.tgz#bd63401221c15625a1228c556ca8a68da6fda3d9"
@@ -16773,6 +16778,13 @@ toidentifier@1.0.1:
   resolved "https://registry.npmjs.org/toidentifier/-/toidentifier-1.0.1.tgz#3be34321a88a820ed1bd80dfaa33e479fbb8dd35"
   integrity sha512-o5sSPKEkg/DIQNmH43V0/uerLrpzVedkUh8tGNvaeXpfpuwjKenlSox/2O/BTlZUtEe+JG7s5YhEz608PlAHRA==
 
+totp-generator@0.0.14:
+  version "0.0.14"
+  resolved "https://registry.npmjs.org/totp-generator/-/totp-generator-0.0.14.tgz#c136bcb4030f9cab5b10ecd82d15cd2d5518234a"
+  integrity sha512-vFZ8N2TdF4mCj8bUW460jI73LqS+JKccsZ8cttQSuXa3dkTmZo8q81Pq2yAuiPxCI5fPfUrfaKuU+7adjx5s4w==
+  dependencies:
+    jssha "^3.1.2"
+
 tough-cookie@~2.5.0:
   version "2.5.0"
   resolved "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.5.0.tgz#cd9fb2a0aa1d5a12b473bd9fb96fa3dcff65ade2"
