[PM-6664] base request validator - Two Factor flows integration tests (#4643)

* initial commit added two factor tests * initial commit * updated two factor tests * fixed formatting
2025-06-30 07:36:14 -05:00 · 2024-09-06 08:05:25 -07:00
parent c0a4ba8de1
commit fc587847c3
3 changed files with 500 additions and 92 deletions
--- a/test/IntegrationTestCommon/Factories/IdentityApplicationFactory.cs
+++ b/test/IntegrationTestCommon/Factories/IdentityApplicationFactory.cs
@ -6,6 +6,7 @@ using Bit.Core.Utilities;
 using Bit.Identity;
 using Bit.Identity.Models.Request.Accounts;
 using Bit.Test.Common.Helpers;
+using HandlebarsDotNet;
 using Microsoft.AspNetCore.Http;

 namespace Bit.IntegrationTestCommon.Factories;
@ -34,7 +35,25 @@ public class IdentityApplicationFactory : WebApplicationFactoryBase<Startup>
        return await Server.PostAsync("/accounts/register/verification-email-clicked", JsonContent.Create(model));
    }

-    public async Task<(string Token, string RefreshToken)> TokenFromPasswordAsync(string username,
+    public async Task<(string Token, string RefreshToken)> TokenFromPasswordAsync(
+        string username,
+        string password,
+        string deviceIdentifier = DefaultDeviceIdentifier,
+        string clientId = "web",
+        DeviceType deviceType = DeviceType.FirefoxBrowser,
+        string deviceName = "firefox")
+    {
+        var context = await ContextFromPasswordAsync(
+            username, password, deviceIdentifier, clientId, deviceType, deviceName);
+
+        using var body = await AssertHelper.AssertResponseTypeIs<JsonDocument>(context);
+        var root = body.RootElement;
+
+        return (root.GetProperty("access_token").GetString(), root.GetProperty("refresh_token").GetString());
+    }
+
+    public async Task<HttpContext> ContextFromPasswordAsync(
+        string username,
        string password,
        string deviceIdentifier = DefaultDeviceIdentifier,
        string clientId = "web",
@ -53,14 +72,50 @@ public class IdentityApplicationFactory : WebApplicationFactoryBase<Startup>
            { "password", password },
        }), context => context.Request.Headers.Append("Auth-Email", CoreHelpers.Base64UrlEncodeString(username)));

-        using var body = await AssertHelper.AssertResponseTypeIs<JsonDocument>(context);
-        var root = body.RootElement;
+        return context;
+    }

-        return (root.GetProperty("access_token").GetString(), root.GetProperty("refresh_token").GetString());
+    public async Task<HttpContext> ContextFromPasswordWithTwoFactorAsync(
+        string username,
+        string password,
+        string deviceIdentifier = DefaultDeviceIdentifier,
+        string clientId = "web",
+        DeviceType deviceType = DeviceType.FirefoxBrowser,
+        string deviceName = "firefox",
+        string twoFactorProviderType = "Email",
+        string twoFactorToken = "two-factor-token")
+    {
+        var context = await Server.PostAsync("/connect/token", new FormUrlEncodedContent(new Dictionary<string, string>
+        {
+            { "scope", "api offline_access" },
+            { "client_id", clientId },
+            { "deviceType", ((int)deviceType).ToString() },
+            { "deviceIdentifier", deviceIdentifier },
+            { "deviceName", deviceName },
+            { "grant_type", "password" },
+            { "username", username },
+            { "password", password },
+            { "TwoFactorToken", twoFactorToken },
+            { "TwoFactorProvider", twoFactorProviderType },
+            { "TwoFactorRemember", "1" },
+        }), context => context.Request.Headers.Append("Auth-Email", CoreHelpers.Base64UrlEncodeString(username)));
+
+        return context;
    }

    public async Task<string> TokenFromAccessTokenAsync(Guid clientId, string clientSecret,
        DeviceType deviceType = DeviceType.SDK)
+    {
+        var context = await ContextFromAccessTokenAsync(clientId, clientSecret, deviceType);
+
+        using var body = await AssertHelper.AssertResponseTypeIs<JsonDocument>(context);
+        var root = body.RootElement;
+
+        return root.GetProperty("access_token").GetString();
+    }
+
+    public async Task<HttpContext> ContextFromAccessTokenAsync(Guid clientId, string clientSecret,
+        DeviceType deviceType = DeviceType.SDK)
    {
        var context = await Server.PostAsync("/connect/token",
            new FormUrlEncodedContent(new Dictionary<string, string>
@ -72,13 +127,21 @@ public class IdentityApplicationFactory : WebApplicationFactoryBase<Startup>
                { "deviceType", ((int)deviceType).ToString() }
            }));

+        return context;
+    }
+
+    public async Task<string> TokenFromOrganizationApiKeyAsync(string clientId, string clientSecret,
+        DeviceType deviceType = DeviceType.FirefoxBrowser)
+    {
+        var context = await ContextFromOrganizationApiKeyAsync(clientId, clientSecret, deviceType);
+
        using var body = await AssertHelper.AssertResponseTypeIs<JsonDocument>(context);
        var root = body.RootElement;

        return root.GetProperty("access_token").GetString();
    }

-    public async Task<string> TokenFromOrganizationApiKeyAsync(string clientId, string clientSecret,
+    public async Task<HttpContext> ContextFromOrganizationApiKeyAsync(string clientId, string clientSecret,
        DeviceType deviceType = DeviceType.FirefoxBrowser)
    {
        var context = await Server.PostAsync("/connect/token",
@ -90,10 +153,6 @@ public class IdentityApplicationFactory : WebApplicationFactoryBase<Startup>
                { "grant_type", "client_credentials" },
                { "deviceType", ((int)deviceType).ToString() }
            }));
-
-        using var body = await AssertHelper.AssertResponseTypeIs<JsonDocument>(context);
-        var root = body.RootElement;
-
-        return root.GetProperty("access_token").GetString();
+        return context;
    }
 }