Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

refactor(core): add time window validation tolerance for otp authenticator #4684

Merged
merged 1 commit into from
Oct 18, 2023
Merged

refactor(core): add time window validation tolerance for otp authenticator #4684

merged 1 commit into from
Oct 18, 2023

Conversation

xiaoyijun
Copy link
Contributor

@xiaoyijun xiaoyijun commented Oct 17, 2023
edited

Summary

Considering T1 and T2 two consecutive time steps, any token generated within T1 but checked with T2 could be considered valid according to RFC 6238 5.2.

FYI: yeojz/otplib#697 (comment)

Updates

  • test: Extract filling totp code logic into a helper method
  • test: Remove getUserIdFromDemoAppPage method from the ExpectTotpExperience class since it's available in the base class(ExpectExperience).

Testing

IT

Checklist

  • .changeset
  • unit tests
  • integration tests
  • necessary TSDoc comments

@xiaoyijun xiaoyijun marked this pull request as draft October 17, 2023 10:36
@github-actions
Copy link

github-actions bot commented Oct 17, 2023
edited

COMPARE TO master

Total Size Diff 📉 -159 Bytes

Diff by File
Name Diff
packages/core/src/routes/interaction/utils/totp-validation.ts 📉 -422 Bytes
packages/integration-tests/src/ui-helpers/expect-totp-experience.ts 📉 -581 Bytes

@xiaoyijun xiaoyijun force-pushed the xiaoyijun-test-fix-totp-testing branch from aff7b78 to c1b38dc Compare October 18, 2023 03:40
@xiaoyijun xiaoyijun changed the title fix(test): fix totp testing issue feat(core): add time window validation tolerance for otp authenticator Oct 18, 2023
@github-actions github-actions bot added the feature Cool stuff label Oct 18, 2023
@xiaoyijun xiaoyijun requested a review from a team October 18, 2023 03:43
@xiaoyijun xiaoyijun marked this pull request as ready for review October 18, 2023 03:43
@xiaoyijun xiaoyijun changed the title feat(core): add time window validation tolerance for otp authenticator refactor(core): add time window validation tolerance for otp authenticator Oct 18, 2023
@github-actions github-actions bot added the enhancement Make it better label Oct 18, 2023
@xiaoyijun xiaoyijun merged commit 8c0b55a into master Oct 18, 2023
28 checks passed
@xiaoyijun xiaoyijun deleted the xiaoyijun-test-fix-totp-testing branch October 18, 2023 03:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@wangsijie wangsijie wangsijie approved these changes

@simeng-li simeng-li Awaiting requested review from simeng-li simeng-li is a code owner

@gao-sun gao-sun Awaiting requested review from gao-sun gao-sun is a code owner

Assignees

@xiaoyijun xiaoyijun

Labels
bugfix enhancement Make it better feature Cool stuff size/s
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@xiaoyijun @wangsijie