Bug 28787: Fix misleading tests in two_factor_auth.t
We were having a "Patron is not authenticated yet" comment, but it was not correct, we set 'number' and 'id' in session, and waiting-for-2FA was not set => the patron is fully authenticated. The test returned 401 because we fully authenticated user cannot request an otp token when not waiting for the second auth step. This situation is already covered (last test of the subtest). Test plan: prove t/db_dependent/api/v1/two_factor_auth.t must return green Sponsored-by: Rijksmuseum, Netherlands Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This commit is contained in:
parent
12305c89d7
commit
2f71ac6f77
1 changed files with 4 additions and 2 deletions
|
@ -57,8 +57,6 @@ subtest 'send_otp_token' => sub {
|
|||
);
|
||||
|
||||
my $session = C4::Auth::get_session('');
|
||||
$session->param( 'number', $patron->borrowernumber );
|
||||
$session->param( 'id', $patron->userid );
|
||||
$session->param( 'ip', '127.0.0.1' );
|
||||
$session->param( 'lasttime', time() );
|
||||
$session->flush;
|
||||
|
@ -70,6 +68,9 @@ subtest 'send_otp_token' => sub {
|
|||
# Patron is not authenticated yet
|
||||
$t->request_ok($tx)->status_is(401);
|
||||
|
||||
# Patron is partially authenticated (credentials correct)
|
||||
$session->param( 'number', $patron->borrowernumber );
|
||||
$session->param( 'id', $patron->userid );
|
||||
$session->param('waiting-for-2FA', 1);
|
||||
$session->flush;
|
||||
|
||||
|
@ -108,6 +109,7 @@ subtest 'send_otp_token' => sub {
|
|||
$t->request_ok($tx)->status_is(403);
|
||||
$patron->flags(20)->store;
|
||||
|
||||
# Patron is fully authenticated, cannot request a token again
|
||||
$session->param('waiting-for-2FA', 0);
|
||||
$session->flush;
|
||||
$tx = $t->ua->build_tx( POST => "/api/v1/auth/otp/token_delivery" );
|
||||
|
|
Loading…
Reference in a new issue