mirror of
https://github.com/formbricks/formbricks.git
synced 2025-12-30 10:19:51 -06:00
89 lines
2.7 KiB
TypeScript
89 lines
2.7 KiB
TypeScript
import { Authenticator } from "@otplib/core";
|
|
import type { AuthenticatorOptions } from "@otplib/core/authenticator";
|
|
import { createDigest, createRandomBytes } from "@otplib/plugin-crypto";
|
|
import { keyDecoder, keyEncoder } from "@otplib/plugin-thirty-two";
|
|
import { describe, expect, test, vi } from "vitest";
|
|
import { totpAuthenticatorCheck } from "./totp";
|
|
|
|
vi.mock("@otplib/core");
|
|
vi.mock("@otplib/plugin-crypto");
|
|
vi.mock("@otplib/plugin-thirty-two");
|
|
|
|
describe("totpAuthenticatorCheck", () => {
|
|
const token = "123456";
|
|
const secret = "JBSWY3DPEHPK3PXP";
|
|
const opts: Partial<AuthenticatorOptions> = { window: [1, 0] };
|
|
|
|
test("should check a TOTP token with a base32-encoded secret", () => {
|
|
const checkMock = vi.fn().mockReturnValue(true);
|
|
(Authenticator as unknown as vi.Mock).mockImplementation(() => ({
|
|
check: checkMock,
|
|
}));
|
|
|
|
const result = totpAuthenticatorCheck(token, secret, opts);
|
|
|
|
expect(Authenticator).toHaveBeenCalledWith({
|
|
createDigest,
|
|
createRandomBytes,
|
|
keyDecoder,
|
|
keyEncoder,
|
|
window: [1, 0],
|
|
});
|
|
expect(checkMock).toHaveBeenCalledWith(token, secret);
|
|
expect(result).toBe(true);
|
|
});
|
|
|
|
test("should use default window if none is provided", () => {
|
|
const checkMock = vi.fn().mockReturnValue(true);
|
|
(Authenticator as unknown as vi.Mock).mockImplementation(() => ({
|
|
check: checkMock,
|
|
}));
|
|
|
|
const result = totpAuthenticatorCheck(token, secret);
|
|
|
|
expect(Authenticator).toHaveBeenCalledWith({
|
|
createDigest,
|
|
createRandomBytes,
|
|
keyDecoder,
|
|
keyEncoder,
|
|
window: [1, 0],
|
|
});
|
|
expect(checkMock).toHaveBeenCalledWith(token, secret);
|
|
expect(result).toBe(true);
|
|
});
|
|
|
|
test("should throw an error for invalid token format", () => {
|
|
(Authenticator as unknown as vi.Mock).mockImplementation(() => ({
|
|
check: () => {
|
|
throw new Error("Invalid token format");
|
|
},
|
|
}));
|
|
|
|
expect(() => {
|
|
totpAuthenticatorCheck("invalidToken", secret);
|
|
}).toThrow("Invalid token format");
|
|
});
|
|
|
|
test("should throw an error for invalid secret format", () => {
|
|
(Authenticator as unknown as vi.Mock).mockImplementation(() => ({
|
|
check: () => {
|
|
throw new Error("Invalid secret format");
|
|
},
|
|
}));
|
|
|
|
expect(() => {
|
|
totpAuthenticatorCheck(token, "invalidSecret");
|
|
}).toThrow("Invalid secret format");
|
|
});
|
|
|
|
test("should return false if token verification fails", () => {
|
|
const checkMock = vi.fn().mockReturnValue(false);
|
|
(Authenticator as unknown as vi.Mock).mockImplementation(() => ({
|
|
check: checkMock,
|
|
}));
|
|
|
|
const result = totpAuthenticatorCheck(token, secret);
|
|
expect(result).toBe(false);
|
|
});
|
|
});
|