server/test/Core.Test/Auth/UserFeatures/WebAuthnLogin/WebAuthnChallengeCacheProviderTests.cs at 4af0daa5b9943a29226f1f0b16fc637a18d797ab · bitwarden/server · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
using Bit.Core.Auth.UserFeatures.WebAuthnLogin.Implementations;
using Bit.Core.Utilities;
using Bit.Test.Common.AutoFixture;
using Bit.Test.Common.AutoFixture.Attributes;
using Microsoft.Extensions.Caching.Distributed;
using NSubstitute;
using Xunit;

namespace Bit.Core.Test.Auth.UserFeatures.WebAuthnLogin;

[SutProviderCustomize]
public class WebAuthnChallengeCacheProviderTests
{
    [Theory, BitAutoData]
    internal async Task TryMarkChallengeAsUsedAsync_FirstUse_SavesAndReturnsTrue(
        SutProvider<WebAuthnChallengeCacheProvider> sutProvider)
    {
        // Arrange
        var challenge = new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 };
        var expectedKey = $"WebAuthnLoginAssertion_{CoreHelpers.Base64UrlEncode(challenge)}";

        sutProvider.GetDependency<IDistributedCache>()
            .GetAsync(expectedKey, Arg.Any<CancellationToken>())
            .Returns((byte[])null);

        // Act
        var result = await sutProvider.Sut.TryMarkChallengeAsUsedAsync(challenge);

        // Assert
        Assert.True(result);
        await sutProvider.GetDependency<IDistributedCache>()
            .Received(1)
            .SetAsync(
                expectedKey,
                Arg.Is<byte[]>(b => b.Length == 1 && b[0] == 1),
                Arg.Is<DistributedCacheEntryOptions>(o =>
                    o.AbsoluteExpirationRelativeToNow == TimeSpan.FromMinutes(17)),
                Arg.Any<CancellationToken>());
    }

    [Theory, BitAutoData]
    internal async Task TryMarkChallengeAsUsedAsync_AlreadyUsed_ReturnsFalseAndDoesNotSave(
        SutProvider<WebAuthnChallengeCacheProvider> sutProvider)
    {
        // Arrange
        var challenge = new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 };
        var expectedKey = $"WebAuthnLoginAssertion_{CoreHelpers.Base64UrlEncode(challenge)}";

        sutProvider.GetDependency<IDistributedCache>()
            .GetAsync(expectedKey, Arg.Any<CancellationToken>())
            .Returns(new byte[] { 1 });

        // Act
        var result = await sutProvider.Sut.TryMarkChallengeAsUsedAsync(challenge);

        // Assert
        Assert.False(result);
        await sutProvider.GetDependency<IDistributedCache>()
            .DidNotReceive()
            .SetAsync(
                Arg.Any<string>(),
                Arg.Any<byte[]>(),
                Arg.Any<DistributedCacheEntryOptions>(),
                Arg.Any<CancellationToken>());
    }
}