adding unit tests for mfa

Author: srushtisv

FirebaseAuth/Tests/Unit/RPCBaseTests.swift

@@ -42,6 +42,7 @@ class RPCBaseTests: XCTestCase {
   let kCreationDateTimeIntervalInSeconds = 1_505_858_500.0
   let kLastSignInDateTimeIntervalInSeconds = 1_505_858_583.0
   let kTestPhoneNumber = "415-555-1234"
+  let kIdToken = "FAKE_ID_TOKEN"
   static let kOAuthSessionID = "sessionID"
   static let kOAuthRequestURI = "requestURI"
   let kGoogleIDToken = "GOOGLE_ID_TOKEN"

FirebaseAuth/Tests/Unit/StartMFAEnrollmentRequestTests.swift

@@ -23,6 +23,13 @@ import XCTest
 @available(iOS 13, tvOS 13, macOS 10.15, macCatalyst 13, watchOS 7, *)
 class StartMFAEnrollmentRequestTests: RPCBaseTests {
   let kAPIKey = "APIKey"
+  let kIDToken = "idToken"
+  let kTOTPEnrollmentInfo = "totpEnrollmentInfo"
+  let kPhoneEnrollmentInfo = "enrollmentInfo"
+  let kPhoneNumber = "phoneNumber"
+  let kReCAPTCHAToken = "recaptchaToken"
+  let kCaptchaResponse = "captchaResponse"
+  let kRecaptchaVersion = "recaptchaVersion"
 
   /**
    @fn testTOTPStartMFAEnrollmentRequest
@@ -58,4 +65,55 @@ class StartMFAEnrollmentRequestTests: RPCBaseTests {
     XCTAssertEqual(totpInfo, [:])
     XCTAssertNil(requestDictionary[kPhoneEnrollmentInfo])
   }
+
+  /**
+   @fn testPhoneStartMFAEnrollmentRequest
+   @brief Tests the Start MFA Enrollment using SMS request.
+   */
+  func testPhoneStartMFAEnrollmentInjectRecaptchaFields() async throws {
+    // created a base startMFAEnrollment Request
+    let testPhoneNumber = "1234567890"
+    let testRecaptchaToken = "RECAPTCHA_FAKE_TOKEN"
+
+    let requestConfiguration = AuthRequestConfiguration(apiKey: kAPIKey, appID: "appID")
+    let smsEnrollmentInfo = AuthProtoStartMFAPhoneRequestInfo(
+      phoneNumber: testPhoneNumber,
+      codeIdentity: CodeIdentity.recaptcha(testRecaptchaToken)
+    )
+    let request = StartMFAEnrollmentRequest(idToken: kIDToken,
+                                            enrollmentInfo: smsEnrollmentInfo,
+                                            requestConfiguration: requestConfiguration)
+
+    // inject reCAPTCHA response
+    let testRecaptchaResponse = "RECAPTCHA_FAKE_RESPONSE"
+    let testRecaptchaVersion = "RECAPTCHA_FAKE_ENTERPRISE"
+    request.injectRecaptchaFields(
+      recaptchaResponse: testRecaptchaResponse,
+      recaptchaVersion: testRecaptchaVersion
+    )
+
+    let expectedURL =
+      "https://identitytoolkit.googleapis.com/v2/accounts/mfaEnrollment:start?key=\(kAPIKey)"
+
+    do {
+      try await checkRequest(
+        request: request,
+        expected: expectedURL,
+        key: kIDToken,
+        value: kIDToken
+      )
+    } catch {
+      // Ignore error from missing users array in fake JSON return.
+      return
+    }
+
+    let requestDictionary = try XCTUnwrap(rpcIssuer.decodedRequest as? [String: AnyHashable])
+    let smsInfo = try XCTUnwrap(requestDictionary["phoneEnrollmentInfo"] as? [String: String])
+    XCTAssertEqual(smsInfo[kPhoneNumber], testPhoneNumber)
+    XCTAssertEqual(smsInfo[kReCAPTCHAToken], testRecaptchaToken)
+    XCTAssertEqual(smsInfo[kRecaptchaVersion], kRecaptchaVersion)
+    XCTAssertEqual(smsInfo[kCaptchaResponse], testRecaptchaResponse)
+
+    XCTAssertNil(requestDictionary[kTOTPEnrollmentInfo])
+  }
 }

StartMFASignInRequestTests.swift

@@ -0,0 +1,89 @@
+// Copyright 2024 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+import Foundation
+import XCTest
+
+@testable import FirebaseAuth
+
+/** @class StartMFASignInRequestTests
+    @brief Tests for @c StartMFASignInRequest
+ */
+@available(iOS 13, tvOS 13, macOS 10.15, macCatalyst 13, watchOS 7, *)
+class StartMFASignInRequestTests: RPCBaseTests {
+  let kAPIKey = "APIKey"
+  let kMfaEnrollmentId = "mfaEnrollmentId"
+  let kTOTPEnrollmentInfo = "totpEnrollmentInfo"
+  let kPhoneEnrollmentInfo = "enrollmentInfo"
+  let kPhoneNumber = "phoneNumber"
+  let kReCAPTCHAToken = "recaptchaToken"
+  let kCaptchaResponse = "captchaResponse"
+  let kRecaptchaVersion = "recaptchaVersion"
+
+  /**
+   @fn testPhoneStartMFASignInRequest
+   @brief Tests the Start MFA Sign In using SMS request.
+   */
+  func testPhoneStartMFASignInRequest() async throws {
+    let testPendingCredential = "FAKE_PENDING_CREDENTIAL"
+    let testEnrollmentID = "FAKE_ENROLLMENT_ID"
+    let testPhoneNumber = "1234567890"
+    let testRecaptchaToken = "RECAPTCHA_FAKE_TOKEN"
+
+    let requestConfiguration = AuthRequestConfiguration(apiKey: kAPIKey, appID: "appID")
+    let smsSignInInfo = AuthProtoStartMFAPhoneRequestInfo(
+      phoneNumber: testPhoneNumber,
+      codeIdentity: CodeIdentity.recaptcha(testRecaptchaToken)
+    )
+
+    let request = StartMFASignInRequest(
+      MFAPendingCredential: testPendingCredential,
+      MFAEnrollmentID: testEnrollmentID,
+      signInInfo: smsSignInInfo,
+      requestConfiguration: requestConfiguration
+    )
+
+    let expectedURL =
+      "https://identitytoolkit.googleapis.com/v2/accounts/mfaSignIn:start?key=\(kAPIKey)"
+
+    // inject reCAPTCHA response
+    let testRecaptchaResponse = "RECAPTCHA_FAKE_RESPONSE"
+    let testRecaptchaVersion = "RECAPTCHA_FAKE_ENTERPRISE"
+    request.injectRecaptchaFields(
+      recaptchaResponse: testRecaptchaResponse,
+      recaptchaVersion: testRecaptchaVersion
+    )
+
+    do {
+      try await checkRequest(
+        request: request,
+        expected: expectedURL,
+        key: kMfaEnrollmentId,
+        value: testEnrollmentID
+      )
+    } catch {
+      // Ignore error from missing users array in fake JSON return.
+      return
+    }
+
+    let requestDictionary = try XCTUnwrap(rpcIssuer.decodedRequest as? [String: AnyHashable])
+    let smsInfo = try XCTUnwrap(requestDictionary["phoneEnrollmentInfo"] as? [String: String])
+    XCTAssertEqual(smsInfo[kPhoneNumber], testPhoneNumber)
+    XCTAssertEqual(smsInfo[kReCAPTCHAToken], testRecaptchaToken)
+    XCTAssertEqual(smsInfo[kRecaptchaVersion], kRecaptchaVersion)
+    XCTAssertEqual(smsInfo[kCaptchaResponse], testRecaptchaResponse)
+
+    XCTAssertNil(requestDictionary[kTOTPEnrollmentInfo])
+  }
+}