Mercurial > prosody-modules
view mod_auth_token/test_token_auth.lua @ 4210:a0937b5cfdcb
mod_invites_page: Remove preauth URI button
This button is incompatible with the majority of XMPP clients around, yet based
on feedback from users, many are drawn to click it when they have any XMPP client
installed already.
In the case where the user already has software installed, we would prefer them to
select it from the software list so they can follow the setup process suited to
their specific client (we already track which software supports preauth URIs). If
their client is not listed, they can still use the manual registration link instead.
author | Matthew Wild <mwild1@gmail.com> |
---|---|
date | Fri, 16 Oct 2020 11:03:38 +0100 |
parents | d0ca211e1b0e |
children |
line wrap: on
line source
local base64 = require "util.encodings".base64; local hmac = require "openssl.hmac"; local luatz = require "luatz"; local luaunit = require "luaunit"; local uuid = require "uuid"; local otp = require "otp"; local mock = require "mock"; local pkey = require "openssl.pkey"; local token_utils = dofile("token_auth_utils.lib.lua"); math.randomseed(os.time()) local OTP_SEED = 'E3W374VRSFO4NVKE'; function generate_token(jid, key) local nonce = ''; for i=1,32 do nonce = nonce..math.random(9); end local utc_time_table = luatz.gmtime(luatz.time()); local totp = otp.new_totp_from_key( OTP_SEED, token_utils.OTP_DIGITS, token_utils.OTP_INTERVAL ):generate(0, utc_time_table); local hmac_ctx = hmac.new(key, token_utils.DIGEST_TYPE) local signature = hmac_ctx:final(totp..nonce..jid) return totp..nonce..' '..base64.encode(signature) end function test_token_verification() -- Test verification of a valid token local key = uuid(); local result = token_utils.verify_token( 'root', generate_token('root@localhost', key), 'localhost', OTP_SEED, key ) luaunit.assert_is(result, true) end function test_token_is_valid_only_once() local key = uuid(); local token = generate_token('root@localhost', key); local result = token_utils.verify_token( 'root', token, 'localhost', OTP_SEED, key ) luaunit.assert_is(result, true) result = token_utils.verify_token( 'root', token, 'localhost', OTP_SEED, key ) luaunit.assert_is(result, false) end function test_token_expiration() -- Test that a token expires after (at most) the configured interval plus -- any amount of deviations. local key = uuid(); local token = generate_token('root@localhost', key); -- Wait two ticks of the interval window and then check that the token is -- no longer valid. mock.mock(os); os.time.replace(function () return os.time.original() + (token_utils.OTP_INTERVAL + (token_utils.OTP_DEVIATION * token_utils.OTP_INTERVAL)); end) result = token_utils.verify_token( 'root', token, 'localhost', OTP_SEED, key ) mock.unmock(os); luaunit.assert_is(result, false) end os.exit(luaunit.LuaUnit.run())