test: verify CalDAV token auth bypasses TOTP check
Add a CalDAV token fixture (kind=4) for user10 who has TOTP enabled, and implement the previously-skipped test proving token-based auth still works when TOTP is active.
This commit is contained in:
parent
1ed813caf0
commit
1f2aef776c
|
|
@ -28,3 +28,9 @@
|
|||
token: 'disableduserpasswordresettoken'
|
||||
kind: 1
|
||||
created: 2024-01-01 00:00:00
|
||||
-
|
||||
id: 6
|
||||
user_id: 10
|
||||
token: '$2a$04$DT./vBYVmwfc8KlWOyLmNOF4KJLahG31L1eSzg45RRZKPhfjojSDa'
|
||||
kind: 4
|
||||
created: 2024-01-01 00:00:00
|
||||
|
|
|
|||
|
|
@ -748,9 +748,14 @@ func TestCaldavTOTPBlocksBasicAuth(t *testing.T) {
|
|||
})
|
||||
|
||||
t.Run("Basic auth with caldav token still works when TOTP is enabled", func(t *testing.T) {
|
||||
// This test ensures CalDAV tokens are NOT affected by the TOTP check.
|
||||
// It requires a CalDAV token fixture for user1.
|
||||
// If no CalDAV token fixture exists for user1, skip this test for now.
|
||||
t.Skip("Requires CalDAV token fixture for user1 — add if needed")
|
||||
e, _ := setupTestEnv()
|
||||
c, _ := createRequest(e, http.MethodGet, "", nil, nil)
|
||||
|
||||
// testuser10 has TOTP enabled AND a CalDAV token (kind=4) in fixtures.
|
||||
// "caldavtesttoken" is the plaintext of the bcrypt hash in user_tokens.yml.
|
||||
// CalDAV token auth should bypass the TOTP check.
|
||||
result, err := caldav.BasicAuth(c, testuser10.Username, "caldavtesttoken")
|
||||
require.NoError(t, err)
|
||||
assert.True(t, result, "BasicAuth with CalDAV token should succeed even when TOTP is enabled")
|
||||
})
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue