Add tests for Google Auth import feature

tests/Api/v1/Controllers/TwoFAccountControllerTest.php

@@ -8,6 +8,7 @@ use Tests\FeatureTestCase;
 use App\Models\TwoFAccount;
 use Illuminate\Support\Facades\DB;
 use Illuminate\Support\Facades\Storage;
+use Illuminate\Http\UploadedFile;
 
 
 /**
@@ -159,6 +160,10 @@ class TwoFAccountControllerTest extends FeatureTestCase
         'otp_type'  => 'totp',
         'secret'    => self::SECRET,
     ];
+    private const GOOGLE_AUTH_MIGRATION_URI = 'otpauth-migration://offline?data=CiQKCgcNEp61iE2P0RYSB2FjY291bnQaB3NlcnZpY2UgASgBMAIKLAoKBw0SnrWITY/RFhILYWNjb3VudF9iaXMaC3NlcnZpY2VfYmlzIAEoATACEAEYASAA';
+    private const INVALID_GOOGLE_AUTH_MIGRATION_URI = 'otpauthmigration://offline?data=CiQKCgcNEp61iE2P0RYSB2FjY291bnQaB3NlcnZpY2UgASgBMAIKLAoKBw0SnrWITY/RFhILYWNjb3VudF9iaXMaC3NlcnZpY2VfYmlzIAEoATACEAEYASAA';
+    private const GOOGLE_AUTH_MIGRATION_URI_WITH_INVALID_DATA = 'otpauth-migration://offline?data=CiQKCgcNEp61iE2P0RYSB2FjY291bnQaB3NlcnZpY';
+
 
     /**
      * @test
@@ -565,6 +570,101 @@ class TwoFAccountControllerTest extends FeatureTestCase
     }
 
 
+    /**
+     * @test
+     */
+    public function test_import_valid_gauth_data_returns_success_with_consistent_resources()
+    {
+        $response = $this->actingAs($this->user, 'api-guard')
+            ->json('POST', '/api/v1/twofaccounts/import', [
+                'uri' => self::GOOGLE_AUTH_MIGRATION_URI,
+            ])
+            ->assertOk()
+            ->assertJsonCount(2, $key = null)
+            ->assertJsonFragment([
+                'id'        => 0,
+                'service'   => self::SERVICE,
+                'account'   => self::ACCOUNT,
+                'otp_type'  => 'totp',
+                'secret'    => self::SECRET,
+                'digits'    => self::DIGITS_DEFAULT,
+                'algorithm' => self::ALGORITHM_DEFAULT,
+                'period'    => self::PERIOD_DEFAULT,
+                'counter'   => null
+            ])
+            ->assertJsonFragment([
+                'id'        => 0,
+                'service'   => self::SERVICE . '_bis',
+                'account'   => self::ACCOUNT . '_bis',
+                'otp_type'  => 'totp',
+                'secret'    => self::SECRET,
+                'digits'    => self::DIGITS_DEFAULT,
+                'algorithm' => self::ALGORITHM_DEFAULT,
+                'period'    => self::PERIOD_DEFAULT,
+                'counter'   => null
+            ]);
+    }
+
+
+    /**
+     * @test
+     */
+    public function test_import_with_invalid_uri_returns_validation_error()
+    {
+        $response = $this->actingAs($this->user, 'api-guard')
+            ->json('POST', '/api/v1/twofaccounts', [
+                'uri' => self::INVALID_GOOGLE_AUTH_MIGRATION_URI,
+            ])
+            ->assertStatus(422);
+    }
+
+
+    /**
+     * @test
+     */
+    public function test_import_gauth_data_with_duplicates_returns_negative_ids()
+    {
+        $twofaccount = TwoFAccount::factory()->create([
+            'otp_type' => 'totp',
+            'account' => self::ACCOUNT,
+            'service' => self::SERVICE,
+            'secret' => self::SECRET,
+            'algorithm' => self::ALGORITHM_DEFAULT,
+            'digits' => self::DIGITS_DEFAULT,
+            'period' => self::PERIOD_DEFAULT,
+            'legacy_uri' => self::TOTP_SHORT_URI,
+            'icon' => '',
+        ]);
+
+        $response = $this->actingAs($this->user, 'api-guard')
+            ->json('POST', '/api/v1/twofaccounts/import', [
+                'uri' => self::GOOGLE_AUTH_MIGRATION_URI,
+            ])
+            ->assertOk()
+            ->assertJsonFragment([
+                'id'        => -1,
+                'service'   => self::SERVICE,
+                'account'   => self::ACCOUNT,
+            ]);
+    }
+
+
+    /**
+     * @test
+     */
+    public function test_import_invalid_gauth_data_returns_bad_request()
+    {
+        $response = $this->actingAs($this->user, 'api-guard')
+            ->json('POST', '/api/v1/twofaccounts/import', [
+                'uri' => self::GOOGLE_AUTH_MIGRATION_URI_WITH_INVALID_DATA,
+            ])
+            ->assertStatus(400)
+            ->assertJsonStructure([
+                'message'
+            ]);
+    }
+
+
     /**
      * @test
      */

tests/Api/v1/Requests/TwoFAccountImportRequestTest.php

@@ -0,0 +1,97 @@
+<?php
+
+namespace Tests\Api\v1\Requests;
+
+use App\Api\v1\Requests\TwoFAccountImportRequest;
+use Illuminate\Foundation\Testing\WithoutMiddleware;
+use Illuminate\Support\Facades\Validator;
+use Illuminate\Support\Facades\Auth;
+use Tests\TestCase;
+
+class TwoFAccountImportRequestTest extends TestCase
+{
+
+    use WithoutMiddleware;
+
+    /**
+     * @test
+     */
+    public function test_user_is_authorized()
+    {   
+        Auth::shouldReceive('check')
+        ->once()
+        ->andReturn(true);
+
+        $request = new TwoFAccountImportRequest();
+    
+        $this->assertTrue($request->authorize());
+    }
+
+    /**
+     * @dataProvider provideValidData
+     */
+    public function test_valid_data(array $data) : void
+    {
+        $request = new TwoFAccountImportRequest();
+        $validator = Validator::make($data, $request->rules());
+
+        $this->assertFalse($validator->fails());
+    }
+
+    /**
+     * Provide Valid data for validation test
+     */
+    public function provideValidData() : array
+    {
+        return [
+            [[
+                'uri' => 'otpauth-migration://offline?data=AEoATACEAEYASAA'
+            ]],
+        ];
+    }
+
+    /**
+     * @dataProvider provideInvalidData
+     */
+    public function test_invalid_data(array $data) : void
+    {
+        $request = new TwoFAccountImportRequest();
+        $validator = Validator::make($data, $request->rules());
+
+        $this->assertTrue($validator->fails());
+    }
+
+    /**
+     * Provide invalid data for validation test
+     */
+    public function provideInvalidData() : array
+    {
+        return [
+            [[
+                'uri' => null // required
+            ]],
+            [[
+                'uri' => '' // required
+            ]],
+            [[
+                'uri' => true // string
+            ]],
+            [[
+                'uri' => 8 // string
+            ]],
+            [[
+                'uri' => 'otpXauth-migration://offline?data=fYmlzIAEoATACEAEYASAA' // regex
+            ]],
+            [[
+                'uri' => 'otpauth-migration:/offline?data=fYmlzIAEoATACEAEYASAA' // regex
+            ]],
+            [[
+                'uri' => 'otpauth-migration://offlinedata=fYmlzIAEoATACEAEYASAA' // regex
+            ]],
+            [[
+                'uri' => 'otpauth-migration://offline?dat=fYmlzIAEoATACEAEYASAA' // regex
+            ]],
+        ];
+    }
+
+}

tests/Feature/Services/TwoFAccountServiceTest.php

@@ -97,6 +97,8 @@ class TwoFAccountServiceTest extends FeatureTestCase
         'otp_type'  => 'hotp',
         'secret'    => self::SECRET,
     ];
+    private const GOOGLE_AUTH_MIGRATION_URI = 'otpauth-migration://offline?data=CiQKCgcNEp61iE2P0RYSB2FjY291bnQaB3NlcnZpY2UgASgBMAIKLAoKBw0SnrWITY/RFhILYWNjb3VudF9iaXMaC3NlcnZpY2VfYmlzIAEoATACEAEYASAA';
+    private const GOOGLE_AUTH_MIGRATION_URI_WITH_INVALID_DATA = 'otpauth-migration://offline?data=CiQKCgcNEp61iE2P0RYSB2FjY291bnQaB3NlcnZpY';
 
 
     /**
@@ -759,4 +761,71 @@ class TwoFAccountServiceTest extends FeatureTestCase
         ]);
     }
 
+
+    /**
+     * @test
+     */
+    public function test_convert_migration_from_gauth_returns_correct_accounts()
+    {        
+        $twofaccounts = $this->twofaccountService->convertMigrationFromGA(self::GOOGLE_AUTH_MIGRATION_URI);
+
+        $this->assertCount(2, $twofaccounts);
+
+        $this->assertEquals('totp', $twofaccounts->first()->otp_type);
+        $this->assertEquals(self::SERVICE, $twofaccounts->first()->service);
+        $this->assertEquals(self::ACCOUNT, $twofaccounts->first()->account);
+        $this->assertEquals(self::SECRET, $twofaccounts->first()->secret);
+        $this->assertEquals(self::DIGITS_DEFAULT, $twofaccounts->first()->digits);
+        $this->assertEquals(self::PERIOD_DEFAULT, $twofaccounts->first()->period);
+        $this->assertEquals(null, $twofaccounts->first()->counter);
+        $this->assertEquals(self::ALGORITHM_DEFAULT, $twofaccounts->first()->algorithm);
+
+        $this->assertEquals('totp', $twofaccounts->last()->otp_type);
+        $this->assertEquals(self::SERVICE.'_bis', $twofaccounts->last()->service);
+        $this->assertEquals(self::ACCOUNT.'_bis', $twofaccounts->last()->account);
+        $this->assertEquals(self::SECRET, $twofaccounts->last()->secret);
+        $this->assertEquals(self::DIGITS_DEFAULT, $twofaccounts->last()->digits);
+        $this->assertEquals(self::PERIOD_DEFAULT, $twofaccounts->last()->period);
+        $this->assertEquals(null, $twofaccounts->last()->counter);
+        $this->assertEquals(self::ALGORITHM_DEFAULT, $twofaccounts->last()->algorithm);
+    }
+
+
+    /**
+     * @test
+     */
+    public function test_convert_migration_from_gauth_returns_flagged_duplicates()
+    {
+        $parameters = [
+            'service'   => self::SERVICE,
+            'account'   => self::ACCOUNT,
+            'icon'      => self::ICON,
+            'otp_type'  => 'totp',
+            'secret'    => self::SECRET,
+            'digits'    => self::DIGITS_DEFAULT,
+            'algorithm' => self::ALGORITHM_DEFAULT,
+            'period'    => self::PERIOD_DEFAULT,
+        ];
+        $twofaccount = $this->twofaccountService->createFromParameters($parameters);
+
+        $parameters['service'] = self::SERVICE.'_bis';
+        $parameters['account'] = self::ACCOUNT.'_bis';
+        $twofaccount = $this->twofaccountService->createFromParameters($parameters);
+
+        $twofaccounts = $this->twofaccountService->convertMigrationFromGA(self::GOOGLE_AUTH_MIGRATION_URI);
+
+        $this->assertEquals(-1, $twofaccounts->first()->id);
+        $this->assertEquals(-1, $twofaccounts->last()->id);
+    }
+
+
+    /**
+     * @test
+     */
+    public function test_convert_invalid_migration_from_gauth_returns_InvalidGoogleAuthMigration_excpetion()
+    {
+        $this->expectException(\App\Exceptions\InvalidGoogleAuthMigration::class);
+        $twofaccounts = $this->twofaccountService->convertMigrationFromGA(self::GOOGLE_AUTH_MIGRATION_URI_WITH_INVALID_DATA);
+    }
+
 }

tests/Unit/Exceptions/HandlerTest.php

@@ -58,6 +58,9 @@ class HandlerTest extends TestCase
             [
                 '\App\Exceptions\DbEncryptionException'
             ],
+            [
+                '\App\Exceptions\InvalidGoogleAuthMigration'
+            ],
         ];
     }