OCA
/
server-tools
5
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1683 Commits
13 Branches
0 Tags
45 MiB
Tree: 4fe70ddc27
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '4fe70ddc27'
${ noResults }
server-tools/auth_totp/tests/test_res_users_authenticato...

80 lines
2.9 KiB
Raw Normal View History

[9.0][ADD] auth_totp: MFA Support (#687) * [ADD] auth_totp: MFA Support * Add relevant fields and methods to the res.users model * Overload check_credentials in res.users to allow for logins using an MFA login token rather than a password * Add the res.users.authenticator and res.users.device models, along with appropriate ACLs and record rules * Add the res.users.authenticator.create wizard model and an associated view to facilitate creation of res.users.authenticator records * Extend base.view_users_form_simple_modif with fields needed to manage the new functionality * Add an AuthTotp controller that inherits from Home in the web module and an associated view to introduce MFA logic to the login process * Add several new exception classes that inherit from AccessDenied * PR commit * PR commit
8 years ago
  1. # -*- coding: utf-8 -*-
  2. # Copyright 2016-2017 LasLabs Inc.
  3. # License LGPL-3.0 or later (http://www.gnu.org/licenses/lgpl.html).
  5. import mock
  6. from openerp.tests.common import TransactionCase
  8. MOCK_PATH = 'openerp.addons.auth_totp.models.res_users_authenticator.pyotp'
  11. class TestResUsersAuthenticator(TransactionCase):
  13. def _new_authenticator(self, extra_values=None):
  14. base_values = {
  15. 'name': 'Test Name',
  16. 'secret_key': 'Test Key',
  17. 'user_id': self.env.ref('base.user_root').id,
  18. }
  19. if extra_values is not None:
  20. base_values.update(extra_values)
  22. return self.env['res.users.authenticator'].create(base_values)
  24. def test_check_has_user(self):
  25. '''Should delete record when it no longer has a user_id'''
  26. test_auth = self._new_authenticator()
  27. test_auth.user_id = False
  29. self.assertFalse(test_auth.exists())
  31. def test_validate_conf_code_empty_recordset(self):
  32. '''Should return False if recordset is empty'''
  33. test_auth = self.env['res.users.authenticator']
  35. self.assertFalse(test_auth.validate_conf_code('Test Code'))
  37. @mock.patch(MOCK_PATH)
  38. def test_validate_conf_code_match(self, pyotp_mock):
  39. '''Should return True if code matches at least one record in set'''
  40. test_auth = self._new_authenticator()
  41. test_auth_2 = self._new_authenticator({'name': 'Test Name 2'})
  42. test_set = test_auth + test_auth_2
  44. pyotp_mock.TOTP().verify.side_effect = (True, False)
  45. self.assertTrue(test_set.validate_conf_code('Test Code'))
  46. pyotp_mock.TOTP().verify.side_effect = (True, True)
  47. self.assertTrue(test_set.validate_conf_code('Test Code'))
  49. @mock.patch(MOCK_PATH)
  50. def test_validate_conf_code_no_match(self, pyotp_mock):
  51. '''Should return False if code does not match any records in set'''
  52. test_auth = self._new_authenticator()
  53. pyotp_mock.TOTP().verify.return_value = False
  55. self.assertFalse(test_auth.validate_conf_code('Test Code'))
  57. @mock.patch(MOCK_PATH)
  58. def test_validate_conf_code_pyotp_use(self, pyotp_mock):
  59. '''Should call PyOTP 2x/record with correct arguments until match'''
  60. test_auth = self._new_authenticator()
  61. test_auth_2 = self._new_authenticator({
  62. 'name': 'Test Name 2',
  63. 'secret_key': 'Test Key 2',
  64. })
  65. test_auth_3 = self._new_authenticator({
  66. 'name': 'Test Name 3',
  67. 'secret_key': 'Test Key 3',
  68. })
  69. test_set = test_auth + test_auth_2 + test_auth_3
  70. pyotp_mock.TOTP().verify.side_effect = (False, True, True)
  71. pyotp_mock.reset_mock()
  72. test_set.validate_conf_code('Test Code')
  74. pyotp_calls = [
  75. mock.call('Test Key'),
  76. mock.call().verify('Test Code'),
  77. mock.call('Test Key 2'),
  78. mock.call().verify('Test Code'),
  79. ]
  80. self.assertEqual(pyotp_mock.TOTP.mock_calls, pyotp_calls)