Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

More integration test for account defender #1684

Draft
wants to merge 4 commits into
base: recaptcha
Choose a base branch
from
Draft
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
44 changes: 44 additions & 0 deletions test/integration/auth.spec.ts
Original file line number Diff line number Diff line change
Expand Up @@ -1219,6 +1219,18 @@ describe('admin.auth', () => {
return getAuth().projectConfigManager().updateProjectConfig(projectConfigOption3)
.should.eventually.be.rejected.and.have.property('code', 'auth/racaptcha-not-enabled');
});

it('updateProjectConfig() should reject when trying to disable Account Defender while reCAPTCHA is enabled', () => {
// enable account defender first.
return getAuth().projectConfigManager().updateProjectConfig(projectConfigOption1)
.then((actualProjectConfig) => {
// verify account defender is enabled.
expect(actualProjectConfig.recaptchaConfig?.useAccountDefender).to.be.true;
// attempt to disable reCAPTCHA.
return getAuth().projectConfigManager().updateProjectConfig(projectConfigOption3)
.should.eventually.be.rejected.and.have.property('code', 'auth/invalid-config');
});
});
});

describe('Tenant management operations', () => {
Expand Down Expand Up @@ -1784,6 +1796,38 @@ describe('admin.auth', () => {
});

it('updateTenant() enable Account Defender should be rejected when tenant reCAPTCHA is disabled',
function () {
// Skipping for now as Emulator resolves this operation, which is not expected.
// TODO: investigate with Rest API and Access team for this behavior.
if (authEmulatorHost) {
return this.skip();
}
expectedUpdatedTenant.tenantId = createdTenantId;
const updatedOptions: UpdateTenantRequest = {
displayName: expectedUpdatedTenant2.displayName,
recaptchaConfig: {
emailPasswordEnforcementState: 'AUDIT',
useAccountDefender: true,
},
};
const updatedOptions2: UpdateTenantRequest = {
displayName: expectedUpdatedTenant2.displayName,
recaptchaConfig: {
emailPasswordEnforcementState: 'OFF',
useAccountDefender: true,
},
};
// enable account defender first.
return getAuth().tenantManager().updateTenant(createdTenantId, updatedOptions)
.then((actualTenant) => {
expect(actualTenant.recaptchaConfig?.useAccountDefender).to.be.true;
// attempt to disable reCAPTCHA.
return getAuth().tenantManager().updateTenant(createdTenantId, updatedOptions2)
.should.eventually.be.rejected.and.have.property('code', 'auth/invalid-config');
});
});

it('updateTenant() disable reCAPTCHA should be rejected when Account Defender is enabled',
function () {
// Skipping for now as Emulator resolves this operation, which is not expected.
// TODO: investigate with Rest API and Access team for this behavior.
Expand Down