Google2FATest.php 8.4 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224
  1. <?php
  2. namespace PragmaRX\Google2FA\Tests;
  3. use PHPUnit\Framework\TestCase;
  4. use PragmaRX\Google2FA\Google2FA;
  5. use PragmaRX\Google2FA\Support\Constants as Google2FAConstants;
  6. class Google2FATest extends TestCase
  7. {
  8. public function setUp()
  9. {
  10. $this->google2fa = new Google2FA();
  11. }
  12. public function testIsInitializable()
  13. {
  14. $this->assertInstanceOf('PragmaRX\Google2FA\Google2FA', $this->google2fa);
  15. }
  16. public function testGeneratesAValidSecretKey()
  17. {
  18. $this->assertEquals(16, strlen($this->google2fa->generateSecretKey()));
  19. $this->assertEquals(32, strlen($this->google2fa->generateSecretKey(32)));
  20. $this->assertStringStartsWith('MFXHI', $this->google2fa->generateSecretKey(59, 'ant'));
  21. $this->assertStringStartsWith('MFXHI', $this->google2fa->generateSecretKey(59, 'ant'));
  22. $this->assertEquals($key = $this->google2fa->generateSecretKey(), preg_replace('/[^'.Google2FAConstants::VALID_FOR_B32.']/', '', $key));
  23. }
  24. /**
  25. * @expectedException \PragmaRX\Google2FA\Exceptions\IncompatibleWithGoogleAuthenticatorException
  26. */
  27. public function testGeneratesASecretKeysCompatibleWithGoogleAuthenticatorOrNot()
  28. {
  29. $this->google2fa->setEnforceGoogleAuthenticatorCompatibility(true)->generateSecretKey(17);
  30. $this->assertEquals(17, strlen($this->google2fa->setEnforceGoogleAuthenticatorCompatibility(false)->generateSecretKey(17)));
  31. }
  32. public function testConvertsInvalidCharsToBase32()
  33. {
  34. $converted = $this->google2fa->generateBase32RandomKey(16, '1234'.chr(250).chr(251).chr(252).chr(253).chr(254).chr(255));
  35. $valid = preg_replace('/[^'.Google2FAConstants::VALID_FOR_B32.']/', '', $converted);
  36. $this->assertEquals($converted, $valid);
  37. }
  38. public function testGetsValidTimestamps()
  39. {
  40. $ts = $this->google2fa->getTimestamp();
  41. $this->assertLessThanOrEqual(PHP_INT_MAX, $ts);
  42. $this->assertGreaterThanOrEqual(~PHP_INT_MAX, $ts);
  43. }
  44. public function testDecodesBase32Strings()
  45. {
  46. $result = chr(0)
  47. .chr(232)
  48. .chr(196)
  49. .chr(187)
  50. .chr(190)
  51. .chr(223)
  52. .chr(26)
  53. .chr(241)
  54. .chr(145)
  55. .chr(86);
  56. $this->assertEquals($result, $this->google2fa->base32Decode(Constants::SECRET));
  57. }
  58. public function testCreatesAOneTimePassword()
  59. {
  60. $this->assertEquals(6, strlen($this->google2fa->getCurrentOtp(Constants::SECRET)));
  61. }
  62. public function testVerifiesKeys()
  63. {
  64. // $ts 26213400 with KEY_REGENERATION 30 seconds is
  65. // timestamp 786402000, which is 1994-12-02 21:00:00 UTC
  66. $this->assertTrue($this->google2fa->verifyKey(Constants::SECRET, '558854', 2, 26213400)); // 26213398
  67. $this->assertTrue($this->google2fa->verifyKey(Constants::SECRET, '981084', 2, 26213400)); // 26213399
  68. $this->assertTrue($this->google2fa->verifyKey(Constants::SECRET, '512396', 2, 26213400)); // 26213400
  69. $this->assertTrue($this->google2fa->verifyKey(Constants::SECRET, '410272', 2, 26213400)); // 26213401
  70. $this->assertTrue($this->google2fa->verifyKey(Constants::SECRET, '239815', 2, 26213400)); // 26213402
  71. $this->assertFalse($this->google2fa->verifyKey(Constants::SECRET, '313366', 2, 26213400)); // 26213403
  72. $this->assertFalse($this->google2fa->verifyKey(Constants::SECRET, '093183', 2, 26213400)); // 26213397
  73. }
  74. public function testVerifiesKeysNewer()
  75. {
  76. $this->assertFalse($this->google2fa->verifyKeyNewer(Constants::SECRET, '512396', 26213401, 2, 26213400));
  77. $this->assertFalse($this->google2fa->verifyKeyNewer(Constants::SECRET, '410272', 26213401, 2, 26213400));
  78. $this->assertEquals(26213402, $this->google2fa->verifyKeyNewer(Constants::SECRET, '239815', 26213401, 2, 26213400));
  79. $this->assertFalse($this->google2fa->verifyKeyNewer(Constants::SECRET, '313366', 26213401, 2, 26213400));
  80. $this->assertEquals(26213400, $this->google2fa->verifyKeyNewer(Constants::SECRET, '512396', null, 2, 26213400));
  81. $this->assertEquals(26213401, $this->google2fa->verifyKeyNewer(Constants::SECRET, '410272', null, 2, 26213400));
  82. $this->assertEquals(26213402, $this->google2fa->verifyKeyNewer(Constants::SECRET, '239815', null, 2, 26213400));
  83. $this->assertFalse($this->google2fa->verifyKeyNewer(Constants::SECRET, '313366', null, 2, 26213400));
  84. }
  85. public function testRemovesInvalidCharsFromSecret()
  86. {
  87. $this->assertEquals(Constants::SECRET, $this->google2fa->removeInvalidChars(Constants::SECRET.'!1-@@@'));
  88. }
  89. public function testCreatesAQrCode()
  90. {
  91. $this->assertEquals(Constants::URL, $this->google2fa->setAllowInsecureCallToGoogleApis(true)->getQRCodeGoogleUrl('PragmaRX', 'acr+pragmarx@antoniocarlosribeiro.com', Constants::SECRET));
  92. }
  93. /**
  94. * @expectedException \PragmaRX\Google2FA\Exceptions\InsecureCallException
  95. */
  96. public function testGetExceptionWhenUsingGoogleApis()
  97. {
  98. $this->assertEquals(Constants::URL, $this->google2fa->getQRCodeGoogleUrl('PragmaRX', 'acr+pragmarx@antoniocarlosribeiro.com', Constants::SECRET));
  99. }
  100. public function testConvertsToBase32()
  101. {
  102. $this->assertEquals('KBZGCZ3NMFJFQ', $this->google2fa->toBase32('PragmaRX'));
  103. }
  104. public function testSetsTheWindow()
  105. {
  106. $this->google2fa->setWindow(6);
  107. $this->assertEquals(6, $this->google2fa->getWindow());
  108. $this->assertEquals(1, $this->google2fa->getWindow(1));
  109. $this->google2fa->setWindow(0);
  110. $this->assertFalse($this->google2fa->verifyKey(Constants::SECRET, '558854', null, 26213400));
  111. $this->google2fa->setWindow(2);
  112. $this->assertTrue($this->google2fa->verifyKey(Constants::SECRET, '558854', null, 26213400));
  113. $this->assertTrue($this->google2fa->verifyKey(Constants::SECRET, '558854', null, 26213399));
  114. $this->assertTrue($this->google2fa->verifyKey(Constants::SECRET, '558854', null, 26213398));
  115. $this->assertTrue($this->google2fa->verifyKey(Constants::SECRET, '558854', null, 26213396));
  116. $this->assertFalse($this->google2fa->verifyKey(Constants::SECRET, '558854', null, 26213395));
  117. }
  118. public function testSetsTheSecret()
  119. {
  120. $this->assertFalse($this->google2fa->verify('558854', Constants::WRONG_SECRET));
  121. $this->google2fa->setWindow(2);
  122. $this->assertTrue($this->google2fa->verify('558854', Constants::SECRET, null, 26213400));
  123. $this->google2fa->setSecret(Constants::SECRET);
  124. $this->assertTrue($this->google2fa->verify('558854', null, null, 26213400));
  125. }
  126. public function testGetsKeyRegeneration()
  127. {
  128. $this->google2fa->setKeyRegeneration(11);
  129. $this->assertEquals(11, $this->google2fa->getKeyRegeneration());
  130. }
  131. public function testGetsOtpLength()
  132. {
  133. $this->google2fa->setOneTimePasswordLength(7);
  134. $this->assertEquals(7, $this->google2fa->getOneTimePasswordLength());
  135. }
  136. public function testGeneratesPasswordsInManyDifferentSizes()
  137. {
  138. $this->google2fa->setWindow(2);
  139. $this->google2fa->setOneTimePasswordLength(6);
  140. $this->assertTrue($this->google2fa->verifyKey(Constants::SECRET, '558854', null, 26213400));
  141. $this->google2fa->setOneTimePasswordLength(7);
  142. $this->assertTrue($this->google2fa->verifyKey(Constants::SECRET, '8981084', null, 26213400));
  143. }
  144. /**
  145. * @expectedException \PragmaRX\Google2FA\Exceptions\SecretKeyTooShortException
  146. */
  147. public function testShortSecretKey()
  148. {
  149. $this->google2fa->setEnforceGoogleAuthenticatorCompatibility(false);
  150. $this->google2fa->verifyKey(Constants::SHORT_SECRET, '558854', null, 26213400);
  151. }
  152. /**
  153. * @expectedException \PragmaRX\Google2FA\Exceptions\InvalidCharactersException
  154. */
  155. public function testValidateKey()
  156. {
  157. $this->assertTrue(is_numeric($this->google2fa->getCurrentOtp(Constants::SECRET)));
  158. $this->google2fa->setEnforceGoogleAuthenticatorCompatibility(false);
  159. $this->google2fa->getCurrentOtp(Constants::INVALID_SECRET);
  160. }
  161. public function testQrcodeInline()
  162. {
  163. $this->assertEquals(
  164. phpversion() >= '7.2' ? Constants::QRCODEPHPABOVE72 : Constants::QRCODEPHPBELOW72,
  165. $this->google2fa->getQRCodeInline('PragmaRX', 'acr+pragmarx@antoniocarlosribeiro.com', Constants::SECRET)
  166. );
  167. }
  168. }