diff --git a/packages/integration-tests/src/client/experience/index.ts b/packages/integration-tests/src/client/experience/index.ts index f4d90066d676..426e1b5aae37 100644 --- a/packages/integration-tests/src/client/experience/index.ts +++ b/packages/integration-tests/src/client/experience/index.ts @@ -179,6 +179,14 @@ export class ExperienceClient extends MockClient { .json<{ verificationId: string }>(); } + public async generateMfaBackupCodes() { + return api + .post(`${experienceRoutes.verification}/backup-code/generate`, { + headers: { cookie: this.interactionCookie }, + }) + .json<{ verificationId: string; codes: string[] }>(); + } + public async verifyBackupCode(payload: { code: string }) { return api .post(`${experienceRoutes.verification}/backup-code/verify`, { @@ -219,24 +227,10 @@ export class ExperienceClient extends MockClient { }); } - public async bindMfa(type: MfaFactor.TOTP | MfaFactor.WebAuthn, verificationId: string) { + public async bindMfa(type: MfaFactor, verificationId: string) { return api.post(`${experienceRoutes.mfa}`, { headers: { cookie: this.interactionCookie }, json: { type, verificationId }, }); } - - public async generateMfaBackupCodes() { - return api - .post(`${experienceRoutes.mfa}/backup-codes/generate`, { - headers: { cookie: this.interactionCookie }, - }) - .json<{ codes: string[] }>(); - } - - public async bindBackupCodes() { - return api.post(`${experienceRoutes.mfa}/backup-codes`, { - headers: { cookie: this.interactionCookie }, - }); - } } diff --git a/packages/integration-tests/src/tests/api/experience-api/bind-mfa/happpy-path.test.ts b/packages/integration-tests/src/tests/api/experience-api/bind-mfa/happpy-path.test.ts index fcb96a878f81..09b27d1e395d 100644 --- a/packages/integration-tests/src/tests/api/experience-api/bind-mfa/happpy-path.test.ts +++ b/packages/integration-tests/src/tests/api/experience-api/bind-mfa/happpy-path.test.ts @@ -220,11 +220,12 @@ devFeatureTest.describe('Bind MFA APIs happy path', () => { status: 422, }); - const { codes } = await client.generateMfaBackupCodes(); + const { codes, verificationId: backupCodeVerificationId } = + await client.generateMfaBackupCodes(); expect(codes.length).toBeGreaterThan(0); - await client.bindBackupCodes(); + await client.bindMfa(MfaFactor.BackupCode, backupCodeVerificationId); const { redirectTo } = await client.submitInteraction(); const userId = await processSession(client, redirectTo); @@ -261,10 +262,10 @@ devFeatureTest.describe('Bind MFA APIs happy path', () => { status: 422, }); - const { codes } = await client.generateMfaBackupCodes(); + const { codes, verificationId } = await client.generateMfaBackupCodes(); expect(codes.length).toBeGreaterThan(0); - await client.bindBackupCodes(); + await client.bindMfa(MfaFactor.BackupCode, verificationId); const { redirectTo } = await client.submitInteraction(); await processSession(client, redirectTo); diff --git a/packages/integration-tests/src/tests/api/experience-api/bind-mfa/sad-path.test.ts b/packages/integration-tests/src/tests/api/experience-api/bind-mfa/sad-path.test.ts index 18b50bf31ec2..8484caf1eb8d 100644 --- a/packages/integration-tests/src/tests/api/experience-api/bind-mfa/sad-path.test.ts +++ b/packages/integration-tests/src/tests/api/experience-api/bind-mfa/sad-path.test.ts @@ -82,7 +82,9 @@ devFeatureTest.describe('Bind MFA APIs sad path', () => { const client = await initExperienceClient(); await identifyUserWithUsernamePassword(client, username, password); - await expectRejects(client.generateMfaBackupCodes(), { + const { verificationId } = await client.generateMfaBackupCodes(); + + await expectRejects(client.bindMfa(MfaFactor.BackupCode, verificationId), { code: 'session.mfa.mfa_factor_not_enabled', status: 400, }); @@ -131,15 +133,16 @@ devFeatureTest.describe('Bind MFA APIs sad path', () => { }); }); - it('should throw if the interaction is not verified, when generate new backup codes', async () => { + it('should throw if the interaction is not verified, when add new backup codes', async () => { const { username, password } = generateNewUserProfile({ username: true, password: true }); const user = await userApi.create({ username, password }); await createUserMfaVerification(user.id, MfaFactor.TOTP); const client = await initExperienceClient(); await identifyUserWithUsernamePassword(client, username, password); + const { verificationId } = await client.generateMfaBackupCodes(); - await expectRejects(client.generateMfaBackupCodes(), { + await expectRejects(client.bindMfa(MfaFactor.BackupCode, verificationId), { code: 'session.mfa.require_mfa_verification', status: 403, }); @@ -151,7 +154,10 @@ devFeatureTest.describe('Bind MFA APIs sad path', () => { const client = await initExperienceClient(); await identifyUserWithUsernamePassword(client, username, password); - await expectRejects(client.generateMfaBackupCodes(), { + + const { verificationId } = await client.generateMfaBackupCodes(); + + await expectRejects(client.bindMfa(MfaFactor.BackupCode, verificationId), { code: 'session.mfa.backup_code_can_not_be_alone', status: 422, }); @@ -165,8 +171,9 @@ devFeatureTest.describe('Bind MFA APIs sad path', () => { await identifyUserWithUsernamePassword(client, username, password); const totpVerificationId = await successfullyCreateAndVerifyTotp(client); await client.bindMfa(MfaFactor.TOTP, totpVerificationId); - await expectRejects(client.bindBackupCodes(), { - code: 'session.mfa.pending_info_not_found', + + await expectRejects(client.bindMfa(MfaFactor.BackupCode, 'invalid_verification'), { + code: 'session.verification_session_not_found', status: 404, }); });