Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: security question verification #1182

Closed
wants to merge 5 commits into from
Closed

fix: security question verification #1182

wants to merge 5 commits into from

Conversation

aarongranick-okta
Copy link
Contributor

Fixes an issue with lib/idx/authenticator/SecurityQuestionVerification.ts where it was not accepting credentials.answer as provided by the Sign-in Widget.

When enrolling in security question there is no "contextualData", but this object is present when verifying. An omission in the mock used by SIW had it testing security question enrollment, but not verification. Fixing the mock revealed the issue with AuthJS.

Adding unit tests to cover these cases.

@codecov-commenter
Copy link

codecov-commenter commented Apr 14, 2022
edited
Loading

Codecov Report

Merging #1182 (ff9f1da) into 6.4 (df5296f) will increase coverage by 0.07%.
The diff coverage is 100.00%.

@@            Coverage Diff             @@
##              6.4    #1182      +/-   ##
==========================================
+ Coverage   93.32%   93.39%   +0.07%     
==========================================
  Files         153      153              
  Lines        4418     4422       +4     
  Branches      994      995       +1     
==========================================
+ Hits         4123     4130       +7     
+ Misses        276      273       -3     
  Partials       19       19
Impacted Files Coverage Δ
...ib/idx/authenticator/SecurityQuestionEnrollment.ts 100.00% <100.00%> (+12.50%) ⬆️
.../idx/authenticator/SecurityQuestionVerification.ts 100.00% <100.00%> (+9.09%) ⬆️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update df5296f...ff9f1da. Read the comment docs.

@aarongranick-okta aarongranick-okta changed the base branch from master to 6.4 April 14, 2022 21:47
jaredperreault-okta
jaredperreault-okta reviewed Apr 14, 2022
View reviewed changes
test/support/idx/factories/authenticators.ts
@@ -134,7 +134,14 @@ export const SecurityQuestionAuthenticatorFactory = IdxAuthenticatorFactory.para
type: 'security_question',
methods: [
{ type: 'security_question' }
]
],
// if already enrolled, contextualData will be set
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

remove this comment?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I put this in there deliberately, because it seems like the kind of thing we will forget. By default the factory will build an object for enrollment, but if you want to test verification you'll need to add that in yourself.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@shuowu shuowu shuowu approved these changes

@jaredperreault-okta jaredperreault-okta jaredperreault-okta approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@aarongranick-okta @codecov-commenter @shuowu @jaredperreault-okta @eng-services-aperture-github-bot-okta