Skip to content

Commit f7f8919

Browse files
officialmeritinfosofficialmeritinfos
committed
test: cover standardized JSON validation response for two-factor challenge request
1 parent f6ab385 commit f7f8919

File tree

1 file changed

+50
-0
lines changed

1 file changed

+50
-0
lines changed

tests/Feature/Api/TwoFactorChallengeTest.php

Lines changed: 50 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -419,6 +419,56 @@ function base32_decode_bytes(string $value): string
419419
return $output;
420420
}
421421

422+
it('returns standardized DTO validation response for JSON two-factor challenge requests', function () {
423+
$response = $this->postJson(route('authkit.api.twofactor.challenge'), []);
424+
425+
$response
426+
->assertStatus(422)
427+
->assertJson([
428+
'ok' => false,
429+
'status' => 422,
430+
'message' => 'The given data was invalid.',
431+
])
432+
->assertJsonPath('flow.name', 'failed')
433+
->assertJsonPath('payload.fields.challenge.0', 'The Challenge field is required.')
434+
->assertJsonPath('payload.fields.code.0', 'The Authentication code field is required.');
435+
436+
$errors = $response->json('errors');
437+
438+
expect($errors)->toBeArray()
439+
->and(count($errors))->toBe(2)
440+
->and($errors[0])->toHaveKeys(['code', 'message', 'field', 'meta'])
441+
->and($errors[1])->toHaveKeys(['code', 'message', 'field', 'meta']);
442+
443+
expect(collect($errors)->pluck('field')->all())
444+
->toContain('challenge', 'code');
445+
446+
expect(collect($errors)->pluck('code')->unique()->values()->all())
447+
->toBe(['validation_error']);
448+
});
449+
450+
it('hydrates challenge from session before validation for JSON two-factor challenge requests', function () {
451+
$response = $this
452+
->withSession([AuthKitSessionKeys::TWO_FACTOR_CHALLENGE => 'session-challenge-token'])
453+
->postJson(route('authkit.api.twofactor.challenge'), []);
454+
455+
$response
456+
->assertStatus(422)
457+
->assertJson([
458+
'ok' => false,
459+
'status' => 422,
460+
'message' => 'The given data was invalid.',
461+
])
462+
->assertJsonPath('flow.name', 'failed')
463+
->assertJsonMissingPath('payload.fields.challenge')
464+
->assertJsonPath('payload.fields.code.0', 'The Authentication code field is required.');
465+
466+
$errors = collect($response->json('errors'));
467+
468+
expect($errors->pluck('field')->all())
469+
->toBe(['code']);
470+
});
471+
422472
/**
423473
* TwoFactorChallengeTestUser
424474
*

0 commit comments

Comments
 (0)