From 3c9f324f29eaf9a5dc74221af79d059feba156cb Mon Sep 17 00:00:00 2001
From: Leo Liu <karta1041337@gmail.com>
Date: Wed, 23 Aug 2023 15:28:41 +0800
Subject: [PATCH 1/3] add print number

---
 .../pingfed/example/swipe-number.html         | 106 ++++++++++++++++++
 pkg/provider/pingfed/pingfed.go               |   4 +
 pkg/provider/pingfed/pingfed_test.go          |   5 +
 3 files changed, 115 insertions(+)
 create mode 100644 pkg/provider/pingfed/example/swipe-number.html

diff --git a/pkg/provider/pingfed/example/swipe-number.html b/pkg/provider/pingfed/example/swipe-number.html
new file mode 100644
index 000000000..eea8b5506
--- /dev/null
+++ b/pkg/provider/pingfed/example/swipe-number.html
@@ -0,0 +1,106 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title></title>
+  <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+  <meta name="format-detection" content="telephone=no">
+  <meta http-equiv="x-ua-compatible" content="IE=edge">
+  <link rel="stylesheet" href="/pingid/assets/css/main-v21.144.css" media="screen" title="no title" charset="utf-8">
+  <link rel="stylesheet" media="screen" type="text/css" href="/pingid/assets/css/jsdisabled.css" />
+  <script type="text/javascript" src="/pingid/assets/js/jquery-1.11.1.min.js"></script>
+  <script type="text/javascript" src="/pingid/assets/js/spin.js"></script>
+</head>
+<body>
+  <noscript>
+    <!DOCTYPE html>
+    <html>
+    <head>
+    	<title></title>
+    	<meta name="viewport" content="width=device-width, initial-scale=1.0" />
+    	<meta name = "format-detection" content = "telephone=no">
+    	<link rel="stylesheet" href="/pingid/assets/css/jsdisabled.css" media="screen" title="no title" charset="utf-8">
+    </head>
+    <body>
+        <div class="nojspage">
+                <div class="window settings authenticating">
+                    <div class="content">
+                      <h1>
+                          Authentication
+                      </h1>
+                      <p>
+                          Select the number displayed in your PingID mobile app
+                      </p>
+                      <div class="status">
+                          <div class="numbermatching">10</div>
+                      </div>
+            			<div class="title-text">
+            			    Important
+                        </div>
+            	            <div class="error-text">
+            					<div class="text">
+            					    PingID requires Javascript to be enabled. If the problem persists, please contact your administrator.
+            					</div>
+            	            </div>
+                    </div>
+                </div>
+                <div class="footer">
+                    <div class="pingid_logo"></div>
+                    <div class="copyright">
+                        Copyright &copy; 2003-2018 Ping Identity Corporation. All rights reserved.
+                    </div>
+                </div>
+        </div>
+    </body>
+    </html>
+    <style type="text/css">
+			.dialog { display:none; }
+    </style>
+	</noscript>
+  <div class="dialog">
+    <div class="window authenticating">
+      <div class="content">
+        <div class="status">
+          <div id="spinner"></div>
+        </div>
+        <div class="text device">
+          Authenticating on
+          <div class="device-name">
+            iPhone X
+          </div>
+        </div>
+        <a class="button" href="/pingid/ppm/devices">Change Device</a>
+      </div>
+    </div>
+    <div class="admin-message">corporate motd</div>
+    <div class="footer">
+      <a class="button settings-btn" href="https://authenticator.pingone.com/pingid/ppm/settings">Settings</a>
+      <div class="logo"></div>
+      <div class="copyright">
+        Copyright &copy; 2003-2018 Ping Identity Corporation. All rights reserved.
+      </div>
+    </div>
+    <!-- This can be removed once Async FF is removed. -->
+    <form method="POST" action="https://authenticator.pingone.com/pingid/ppm/auth/status" id="form1">
+      <input type="hidden" name="csrfToken" id="csrfToken" value="abdb4264-6aab-4e1a-a830-63c9188e2395" encode="false" />
+      <noscript><input type="submit" value="Resume"/></noscript>
+    </form>
+    <form method="GET" action="https://authenticator.pingone.com/pingid/ppm/auth/response" id="reponseView">
+      <input type="hidden" name="csrfToken" id="csrfToken" value="abdb4264-6aab-4e1a-a830-63c9188e2395" encode="false" />
+      <input type="hidden" name="status" id="status" encode="false" />
+      <noscript><input type="submit" value="Resume"/></noscript>
+    </form>
+    <form method="GET" action="https://authenticator.pingone.com/pingid/ppm/auth/response" id="errorReponseView">
+      <input type="hidden" name="csrfToken" id="csrfToken" value="abdb4264-6aab-4e1a-a830-63c9188e2395" encode="false" />
+    </form>
+    <div id="authModelSection">
+      <input type="hidden" name="isAsync" id="isAsync" value="true" encode="false" />
+      <input type="hidden" name="actionLink" id="actionLink" value="https://authenticator.pingone.com/pingid/ppm/auth/status" encode="false" />
+      <input type="hidden" name="useCodeUrl" id="useCodeUrl" value="/pingid/ppm/auth/usecode" encode="false" />
+    </div>
+    <script type="text/javascript" src="/pingid/assets/js/utils/spinner.js"></script>
+    <script type="text/javascript" src="/pingid/assets/js/utils/getAuthStatus.js"></script>
+    <script type="text/javascript" src="/pingid/assets/js/utils/authenticationselfsubmit.js"></script>
+    <script type="text/javascript" src="/pingid/assets/js/utils/usecodesubmit.js"></script>
+  </div>
+</body>
+</html>
diff --git a/pkg/provider/pingfed/pingfed.go b/pkg/provider/pingfed/pingfed.go
index 8618af0af..cf244156f 100644
--- a/pkg/provider/pingfed/pingfed.go
+++ b/pkg/provider/pingfed/pingfed.go
@@ -172,6 +172,10 @@ func (ac *Client) handleSwipe(ctx context.Context, doc *goquery.Document, _ *url
 		return ctx, nil, errors.Wrap(err, "error extracting swipe status form")
 	}
 
+	if number := doc.Find("div.numbermatching").Text(); number != "" {
+		fmt.Printf("Select %v in your PingID mobile app ...\n", number)
+	}
+
 	// poll status. request must specifically be a GET
 	form.Method = "GET"
 	req, err := form.BuildRequest()
diff --git a/pkg/provider/pingfed/pingfed_test.go b/pkg/provider/pingfed/pingfed_test.go
index 4feb78760..e179ec661 100644
--- a/pkg/provider/pingfed/pingfed_test.go
+++ b/pkg/provider/pingfed/pingfed_test.go
@@ -33,26 +33,31 @@ var docTests = []struct {
 	{docIsLogin, "example/login2.html", true},
 	{docIsLogin, "example/otp.html", false},
 	{docIsLogin, "example/swipe.html", false},
+	{docIsLogin, "example/swipe-number.html", false},
 	{docIsLogin, "example/form-redirect.html", false},
 	{docIsLogin, "example/webauthn.html", false},
 	{docIsOTP, "example/login.html", false},
 	{docIsOTP, "example/otp.html", true},
 	{docIsOTP, "example/swipe.html", false},
+	{docIsOTP, "example/swipe-number.html", false},
 	{docIsOTP, "example/form-redirect.html", false},
 	{docIsOTP, "example/webauthn.html", false},
 	{docIsSwipe, "example/login.html", false},
 	{docIsSwipe, "example/otp.html", false},
 	{docIsSwipe, "example/swipe.html", true},
+	{docIsSwipe, "example/swipe-number.html", true},
 	{docIsSwipe, "example/form-redirect.html", false},
 	{docIsSwipe, "example/webauthn.html", false},
 	{docIsFormRedirect, "example/login.html", false},
 	{docIsFormRedirect, "example/otp.html", false},
 	{docIsFormRedirect, "example/swipe.html", false},
+	{docIsFormRedirect, "example/swipe-number.html", false},
 	{docIsFormRedirect, "example/form-redirect.html", true},
 	{docIsFormRedirect, "example/webauthn.html", false},
 	{docIsWebAuthn, "example/login.html", false},
 	{docIsWebAuthn, "example/otp.html", false},
 	{docIsWebAuthn, "example/swipe.html", false},
+	{docIsWebAuthn, "example/swipe-number.html", false},
 	{docIsWebAuthn, "example/form-redirect.html", false},
 	{docIsWebAuthn, "example/webauthn.html", true},
 }

From 13691d7a90b571cb21bf75b2c95870622ca7544c Mon Sep 17 00:00:00 2001
From: Leo Liu <karta1041337@gmail.com>
Date: Wed, 23 Aug 2023 18:41:33 +0800
Subject: [PATCH 2/3] update unit test

---
 .../pingfed/example/swipe-number.html         | 20 +++----
 pkg/provider/pingfed/pingfed.go               |  3 +-
 pkg/provider/pingfed/pingfed_test.go          | 56 +++++++++++++++++++
 3 files changed, 67 insertions(+), 12 deletions(-)

diff --git a/pkg/provider/pingfed/example/swipe-number.html b/pkg/provider/pingfed/example/swipe-number.html
index eea8b5506..d80475e8c 100644
--- a/pkg/provider/pingfed/example/swipe-number.html
+++ b/pkg/provider/pingfed/example/swipe-number.html
@@ -22,17 +22,9 @@
     </head>
     <body>
         <div class="nojspage">
-                <div class="window settings authenticating">
+                <div class="window error">
                     <div class="content">
-                      <h1>
-                          Authentication
-                      </h1>
-                      <p>
-                          Select the number displayed in your PingID mobile app
-                      </p>
-                      <div class="status">
-                          <div class="numbermatching">10</div>
-                      </div>
+                        <div class="status"></div>
             			<div class="title-text">
             			    Important
                         </div>
@@ -59,8 +51,14 @@ <h1>
   <div class="dialog">
     <div class="window authenticating">
       <div class="content">
+        <h1>
+            Authentication
+        </h1>
+        <p>
+            Select the number displayed in your PingID mobile app
+        </p>
         <div class="status">
-          <div id="spinner"></div>
+            <div class="numbermatching">10</div>
         </div>
         <div class="text device">
           Authenticating on
diff --git a/pkg/provider/pingfed/pingfed.go b/pkg/provider/pingfed/pingfed.go
index cf244156f..718534f04 100644
--- a/pkg/provider/pingfed/pingfed.go
+++ b/pkg/provider/pingfed/pingfed.go
@@ -5,6 +5,7 @@ import (
 	"encoding/base64"
 	"fmt"
 	"io"
+	"log"
 	"net/http"
 	"net/url"
 	"time"
@@ -173,7 +174,7 @@ func (ac *Client) handleSwipe(ctx context.Context, doc *goquery.Document, _ *url
 	}
 
 	if number := doc.Find("div.numbermatching").Text(); number != "" {
-		fmt.Printf("Select %v in your PingID mobile app ...\n", number)
+		log.Printf("Select %v in your PingID mobile app ...\n", number)
 	}
 
 	// poll status. request must specifically be a GET
diff --git a/pkg/provider/pingfed/pingfed_test.go b/pkg/provider/pingfed/pingfed_test.go
index e179ec661..460edd65e 100644
--- a/pkg/provider/pingfed/pingfed_test.go
+++ b/pkg/provider/pingfed/pingfed_test.go
@@ -3,9 +3,12 @@ package pingfed
 import (
 	"bytes"
 	"context"
+	"crypto/tls"
 	"io"
+	"log"
 	"net/http"
 	"net/http/cookiejar"
+	"net/http/httptest"
 	"net/url"
 	"os"
 	"testing"
@@ -140,6 +143,59 @@ func TestHandleOTP(t *testing.T) {
 	require.Contains(t, s, "csrfToken=some-token")
 }
 
+func TestHandleSwipe(t *testing.T) {
+	ts := httptest.NewTLSServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		switch r.URL.Path {
+		case "/pingid/ppm/auth/status":
+			_, err := w.Write([]byte("{\"status\":\"OK\"}"))
+			require.Nil(t, err)
+		default:
+			http.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest)
+		}
+	}))
+	defer ts.Close()
+
+	performTest := func(data []byte) bytes.Buffer {
+		doc, err := goquery.NewDocumentFromReader(bytes.NewReader(bytes.ReplaceAll(data, []byte("https://authenticator.pingone.com"), []byte(ts.URL))))
+		require.Nil(t, err)
+
+		testTransport := http.DefaultTransport.(*http.Transport).Clone()
+		testTransport.TLSClientConfig = &tls.Config{InsecureSkipVerify: true}
+		ac := Client{
+			client: &provider.HTTPClient{Client: http.Client{Transport: testTransport}, Options: &provider.HTTPClientOptions{IsWithRetries: false}},
+		}
+
+		var out bytes.Buffer
+		log.SetOutput(&out)
+		_, req, err := ac.handleSwipe(context.Background(), doc, &url.URL{})
+		log.SetOutput(os.Stderr)
+		require.Nil(t, err)
+
+		b, err := io.ReadAll(req.Body)
+		require.Nil(t, err)
+
+		s := string(b[:])
+		require.Contains(t, s, "csrfToken=abdb4264-6aab-4e1a-a830-63c9188e2395")
+
+		return out
+	}
+
+	t.Run("Swipe", func(t *testing.T) {
+		data, err := os.ReadFile("example/swipe.html")
+		require.Nil(t, err)
+
+		performTest(data)
+	})
+
+	t.Run("Swipe with number", func(t *testing.T) {
+		data, err := os.ReadFile("example/swipe-number.html")
+		require.Nil(t, err)
+
+		out := performTest(data)
+		require.Contains(t, out.String(), "Select 10 in your PingID mobile app ...")
+	})
+}
+
 func TestHandleFormRedirect(t *testing.T) {
 	data, err := os.ReadFile("example/form-redirect.html")
 	require.Nil(t, err)

From d3cbc5214f37cbb6a1db6517101d28fe825e7753 Mon Sep 17 00:00:00 2001
From: Leo Liu <karta1041337@gmail.com>
Date: Wed, 23 Aug 2023 18:57:33 +0800
Subject: [PATCH 3/3] empty