diff options
Diffstat (limited to 'tests/e2e/webauthn.test.e2e.js')
-rw-r--r-- | tests/e2e/webauthn.test.e2e.js | 60 |
1 files changed, 60 insertions, 0 deletions
diff --git a/tests/e2e/webauthn.test.e2e.js b/tests/e2e/webauthn.test.e2e.js new file mode 100644 index 0000000..e11c17c --- /dev/null +++ b/tests/e2e/webauthn.test.e2e.js @@ -0,0 +1,60 @@ +// Copyright 2024 The Forgejo Authors. All rights reserved. +// SPDX-License-Identifier: MIT +// @ts-check + +import {expect} from '@playwright/test'; +import {test, login_user, load_logged_in_context} from './utils_e2e.js'; + +test.beforeAll(async ({browser}, workerInfo) => { + await login_user(browser, workerInfo, 'user40'); +}); + +test('WebAuthn register & login flow', async ({browser}, workerInfo) => { + test.skip(workerInfo.project.name !== 'chromium', 'Uses Chrome protocol'); + const context = await load_logged_in_context(browser, workerInfo, 'user40'); + const page = await context.newPage(); + + // Register a security key. + let response = await page.goto('/user/settings/security'); + await expect(response?.status()).toBe(200); + + // https://github.com/microsoft/playwright/issues/7276#issuecomment-1516768428 + const cdpSession = await page.context().newCDPSession(page); + await cdpSession.send('WebAuthn.enable'); + await cdpSession.send('WebAuthn.addVirtualAuthenticator', { + options: { + protocol: 'ctap2', + ctap2Version: 'ctap2_1', + hasUserVerification: true, + transport: 'usb', + automaticPresenceSimulation: true, + isUserVerified: true, + backupEligibility: true, + }, + }); + + await page.locator('input#nickname').fill('Testing Security Key'); + await page.getByText('Add security key').click(); + + // Logout. + await page.locator('div[aria-label="Profile and settingsā¦"]').click(); + await page.getByText('Sign Out').click(); + await page.waitForURL(`${workerInfo.project.use.baseURL}/`); + + // Login. + response = await page.goto('/user/login'); + await expect(response?.status()).toBe(200); + + await page.getByLabel('Username or email address').fill('user40'); + await page.getByLabel('Password').fill('password'); + await page.getByRole('button', {name: 'Sign in'}).click(); + await page.waitForURL(`${workerInfo.project.use.baseURL}/user/webauthn`); + await page.waitForURL(`${workerInfo.project.use.baseURL}/`); + + // Cleanup. + response = await page.goto('/user/settings/security'); + await expect(response?.status()).toBe(200); + await page.getByRole('button', {name: 'Remove'}).click(); + await page.getByRole('button', {name: 'Yes'}).click(); + await page.waitForURL(`${workerInfo.project.use.baseURL}/user/settings/security`); +}); |