017bcc9ce1
- Fix indentation - Split awkward initializer into separate methods - Rename credentials to passkeys - Simplify authenticator registry loading - Flatten nested errors under ActionPack::WebAuthn - Set passkey current params only requests that use it - Inline anemic methods - Replace custom validation with ActiveModel::Validation - Rename identity to holder in Passkey - Rename credentials to passkeys in JS - Extract framework library out of controllers - Pass params hashes down to ActionPack - Attempt to simplify public interface - Push data decoding down to the classes representing the data - Introduce has_passkeys - Add CBOR bigint support - Rename ActionPack::WebAuthn::Passkey to ActionPack::Passkey - Add create_passkey_button helper - Rename public-key to creation-options - Add sign_in_with_passkey_button helper - Dispatch events for the whole Passkey lifecycle - Add ED25519 support - Prevent crash on missing meta tag - Validate resident key options - Don't clobber existing ActionPack config options - Validate cryptographic params - Move CurrentWebAuthnRequest into ActionPack::Passkey - Use ActiveModel::Attributes for Options objects - Implement expiring challanges - Add lifecycle events - Extract param helpers into Request - Add passkey_creation_options and passkey_request_options helpers - Add create_passkey_challenge to make it easier to override the create method if needed - Prefix all view helpers with passkey_ - Auto-include ActionPack::Passkey::Holder - Make the passkey challange url configurable - Add a reminder about Passkeys to the magic link email
34 lines
941 B
Ruby
34 lines
941 B
Ruby
require "test_helper"
|
|
|
|
class My::PasskeyChallengesControllerTest < ActionDispatch::IntegrationTest
|
|
test "returns a fresh challenge" do
|
|
untenanted do
|
|
post my_passkey_challenge_url
|
|
|
|
assert_response :success
|
|
assert_not_nil response.parsed_body["challenge"]
|
|
end
|
|
end
|
|
|
|
test "stores challenge in cookie" do
|
|
untenanted do
|
|
post my_passkey_challenge_url
|
|
|
|
jar = ActionDispatch::Cookies::CookieJar.build(request, cookies.to_hash)
|
|
assert_equal response.parsed_body["challenge"], jar.encrypted[ActionPack::Passkey::ChallengesController::COOKIE_NAME]
|
|
end
|
|
end
|
|
|
|
test "returns a different challenge each time" do
|
|
untenanted do
|
|
post my_passkey_challenge_url
|
|
first_challenge = response.parsed_body["challenge"]
|
|
|
|
post my_passkey_challenge_url
|
|
second_challenge = response.parsed_body["challenge"]
|
|
|
|
assert_not_equal first_challenge, second_challenge
|
|
end
|
|
end
|
|
end
|