mirror of
https://github.com/HolgerHatGarKeineNode/einundzwanzig-app.git
synced 2026-01-24 12:03:17 +00:00
140 lines
3.7 KiB
PHP
140 lines
3.7 KiB
PHP
<?php
|
|
|
|
use App\Models\LoginKey;
|
|
use App\Models\User;
|
|
|
|
beforeEach(function () {
|
|
LoginKey::query()->delete();
|
|
User::query()->delete();
|
|
});
|
|
|
|
test('lnurl auth callback validates required parameters', function () {
|
|
$response = $this->get(route('auth.ln.callback'));
|
|
|
|
$response->assertStatus(400)
|
|
->assertJson([
|
|
'status' => 'ERROR',
|
|
'reason' => 'Invalid request parameters',
|
|
]);
|
|
});
|
|
|
|
test('lnurl auth callback validates hex format for k1 and key', function () {
|
|
// Invalid k1 (not hex)
|
|
$response = $this->get(route('auth.ln.callback').'?k1=ZZZZ'.str()->random(60).'&sig='.str()->random(128).'&key='.bin2hex(random_bytes(33)));
|
|
|
|
$response->assertStatus(400)
|
|
->assertJson([
|
|
'status' => 'ERROR',
|
|
'reason' => 'Invalid request parameters',
|
|
]);
|
|
|
|
// Invalid key (not hex)
|
|
$response = $this->get(route('auth.ln.callback').'?k1='.bin2hex(random_bytes(32)).'&sig='.str()->random(128).'&key=ZZZZ'.str()->random(60));
|
|
|
|
$response->assertStatus(400)
|
|
->assertJson([
|
|
'status' => 'ERROR',
|
|
'reason' => 'Invalid request parameters',
|
|
]);
|
|
});
|
|
|
|
test('lnurl auth callback handles signature verification failures', function () {
|
|
$k1 = bin2hex(random_bytes(32));
|
|
$sig = bin2hex(random_bytes(64));
|
|
$key = bin2hex(random_bytes(33));
|
|
|
|
$response = $this->get(route('auth.ln.callback').'?k1='.$k1.'&sig='.$sig.'&key='.$key);
|
|
|
|
$response->assertStatus(400)
|
|
->assertJson([
|
|
'status' => 'ERROR',
|
|
'reason' => 'Authentication failed. Please try again.',
|
|
]);
|
|
});
|
|
|
|
test('check error returns null when login key exists', function () {
|
|
$k1 = str()->random(64);
|
|
|
|
LoginKey::factory()->create([
|
|
'k1' => $k1,
|
|
'created_at' => now(),
|
|
]);
|
|
|
|
$response = $this->postJson(route('auth.check-error'), [
|
|
'k1' => $k1,
|
|
'elapsed_seconds' => 120,
|
|
]);
|
|
|
|
$response->assertStatus(200)
|
|
->assertJson(['error' => null]);
|
|
});
|
|
|
|
test('check error returns null when k1 not expired', function () {
|
|
$k1 = str()->random(64);
|
|
|
|
$response = $this->postJson(route('auth.check-error'), [
|
|
'k1' => $k1,
|
|
'elapsed_seconds' => 120,
|
|
]);
|
|
|
|
$response->assertStatus(200)
|
|
->assertJson(['error' => null]);
|
|
});
|
|
|
|
test('check error returns expired message when k1 is expired', function () {
|
|
$k1 = str()->random(64);
|
|
|
|
$response = $this->postJson(route('auth.check-error'), [
|
|
'k1' => $k1,
|
|
'elapsed_seconds' => 300,
|
|
]);
|
|
|
|
$response->assertStatus(200)
|
|
->assertJson([
|
|
'error' => 'Session expired. Please try again.',
|
|
]);
|
|
});
|
|
|
|
test('check error returns null when no k1 provided', function () {
|
|
$response = $this->postJson(route('auth.check-error'));
|
|
|
|
$response->assertStatus(200)
|
|
->assertJson(['error' => null]);
|
|
});
|
|
|
|
test('check error returns null when login key is too old', function () {
|
|
$k1 = str()->random(64);
|
|
|
|
LoginKey::factory()->create([
|
|
'k1' => $k1,
|
|
'created_at' => now()->subMinutes(10),
|
|
]);
|
|
|
|
$response = $this->postJson(route('auth.check-error'), [
|
|
'k1' => $k1,
|
|
'elapsed_seconds' => 600,
|
|
]);
|
|
|
|
$response->assertStatus(200)
|
|
->assertJson([
|
|
'error' => 'Session expired. Please try again.',
|
|
]);
|
|
});
|
|
|
|
test('check error finds valid login key within 5 minutes', function () {
|
|
$k1 = str()->random(64);
|
|
|
|
LoginKey::factory()->create([
|
|
'k1' => $k1,
|
|
'created_at' => now()->subMinutes(3),
|
|
]);
|
|
|
|
$response = $this->postJson(route('auth.check-error'), [
|
|
'k1' => $k1,
|
|
'elapsed_seconds' => 180,
|
|
]);
|
|
|
|
$response->assertStatus(200)
|
|
->assertJson(['error' => null]);
|
|
});
|