Merge pull request #91 from magento-cia/2.4.6-develop-2.4-develop-sync-101022

Sync of 2.4.6-develop with 2.4-develop

Author: dvoskoboinikov

ReCaptchaUser/Test/Mftf/ActionGroup/RecaptchaDisabledActionGroup.xml

@@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ /**
+  * Copyright © Magento, Inc. All rights reserved.
+  * See COPYING.txt for license details.
+  */
+-->
+
+<actionGroups xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+              xsi:noNamespaceSchemaLocation="urn:magento:mftf:Test/etc/actionGroupSchema.xsd">
+    <actionGroup name="RecaptchaDisabledActionGroup">
+        <annotations>
+            <description>Disable admin login recaptcha</description>
+        </annotations>
+
+        <amOnPage url="{{AdminStoreConfigurationPage.url}}" stepKey="navigateToAdminStoresConfiguration"/>
+        <conditionalClick selector="{{RecaptchaFormSection.adminblock}}" dependentSelector="{{RecaptchaFormSection.label}}" visible="false" stepKey="expand_panel"/>
+        <scrollTo selector="{{RecaptchaFormSection.label}}" stepKey="scroll_to_dropdown" />
+        <wait time="2" stepKey="wait_for_Load"/>
+        <checkOption selector="{{RecaptchaFormSection.useConfigSettings}}" stepKey="check_config_setting"/>
+        <wait time="2" stepKey="wait_for_load1"/>
+        <click selector="{{RecaptchaFormSection.saveConfig}}" stepKey="click_save"/>
+
+    </actionGroup>
+</actionGroups>

ReCaptchaUser/Test/Mftf/ActionGroup/RecaptchaEnabledActionGroup.xml

@@ -0,0 +1,29 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ /**
+  * Copyright © Magento, Inc. All rights reserved.
+  * See COPYING.txt for license details.
+  */
+-->
+
+<actionGroups xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+              xsi:noNamespaceSchemaLocation="urn:magento:mftf:Test/etc/actionGroupSchema.xsd">
+    <actionGroup name="RecaptchaEnabledActionGroup">
+        <annotations>
+            <description>Enable admin login recaptcha</description>
+        </annotations>
+        <arguments>
+            <argument name="optionValue" type="string" defaultValue="{{recaptchaForm.value}}"/>
+        </arguments>
+
+        <amOnPage url="{{AdminStoreConfigurationPage.url}}" stepKey="navigateToAdminStoreConfiguration"/>
+        <conditionalClick selector="{{RecaptchaFormSection.adminblock}}" dependentSelector="{{RecaptchaFormSection.label}}" visible="false" stepKey="expand_panel"/>
+        <scrollTo selector="{{RecaptchaFormSection.label}}" stepKey="scrollToDropdownSelection" />
+        <wait time="2" stepKey="waitForLoad"/>
+        <uncheckOption selector="{{RecaptchaFormSection.useConfigSettings}}" stepKey="uncheckConfigSetting"/>
+        <wait time="2" stepKey="waitForLoad_1"/>
+        <selectOption selector="{{RecaptchaFormSection.optionvalue}}" userInput="{{optionValue}}" stepKey="setAttributeValue"/>
+        <click selector="{{RecaptchaFormSection.saveConfig}}" stepKey="clickSave"/>
+
+    </actionGroup>
+</actionGroups>

ReCaptchaUser/Test/Mftf/Data/RecaptchaConfigPageData.xml

@@ -0,0 +1,17 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ /**
+  * Copyright © Magento, Inc. All rights reserved.
+  * See COPYING.txt for license details.
+  */
+-->
+
+<entities xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+          xsi:noNamespaceSchemaLocation="urn:magento:mftf:DataGenerator/etc/dataProfileSchema.xsd">
+    <entity name="recaptchaForm">
+        <data key="value">recaptcha_v3</data>
+    </entity>
+    <entity name="recaptchaFormDisabled">
+        <data key="value"></data>
+    </entity>
+</entities>

ReCaptchaUser/Test/Mftf/Page/AdminStoreConfigurationPage.xml

@@ -0,0 +1,14 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ /**
+  * Copyright © Magento, Inc. All rights reserved.
+  * See COPYING.txt for license details.
+  */
+-->
+
+<pages xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+        xsi:noNamespaceSchemaLocation="urn:magento:mftf:Page/etc/PageObject.xsd">
+    <page name="AdminStoreConfigurationPage" url="admin/system_config/edit/section/recaptcha_backend" area="admin" module="Magento_Backend">
+        <section name="RecaptchaFormSection"/>
+    </page>
+</pages>

ReCaptchaUser/Test/Mftf/Section/RecaptchaFormSection.xml

@@ -0,0 +1,18 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ /**
+  * Copyright © Magento, Inc. All rights reserved.
+  * See COPYING.txt for license details.
+  */
+-->
+
+<sections xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+        xsi:noNamespaceSchemaLocation="urn:magento:mftf:Page/etc/SectionObject.xsd">
+    <section name="RecaptchaFormSection">
+        <element name="optionvalue" type="select" selector="#recaptcha_backend_type_for_user_login"/>
+        <element name="saveConfig" type="button" selector="#save" timeout="30"/>
+        <element name="label" type="input" selector="#row_recaptcha_backend_type_for_user_login"/>
+        <element name="useConfigSettings" type="checkbox" selector="//input[@name='groups[type_for][fields][user_login][inherit]']"/>
+        <element name="adminblock" type="button" selector='a#recaptcha_backend_type_for-head'/>
+    </section>
+</sections>

ReCaptchaUser/Test/Mftf/Test/AdminLoginReCaptchaFunctionalityTest.xml

@@ -0,0 +1,31 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ /**
+  * Copyright © Magento, Inc. All rights reserved.
+  * See COPYING.txt for license details.
+  */
+-->
+
+<tests xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="urn:magento:mftf:Test/etc/testSchema.xsd">
+    <test name="AdminLoginReCaptchaFunctionalityTest">
+        <annotations>
+            <features value="Backend"/>
+            <stories value="Check for Recaptcha on the Admin Login page"/>
+            <title value="Admin should be able to login with enabled recaptcha option"/>
+            <description value="Admin should be able to login with enabled recaptcha option"/>
+            <severity value="AVERAGE"/>
+            <group value="login"/>
+            <testCaseId value="AC-3179"/>
+        </annotations>
+        <before>
+            <actionGroup ref="AdminLoginActionGroup" stepKey="login"/>
+            <actionGroup ref="RecaptchaEnabledActionGroup" stepKey="recaptchaEnabled"/>
+            <actionGroup ref="AdminLogoutActionGroup" stepKey="logout"/>
+            <actionGroup ref="AdminLoginActionGroup" stepKey="loginAgain11"/>
+            <actionGroup ref="RecaptchaDisabledActionGroup" stepKey="recaptchaDisabled"/>
+        </before>
+        <after>
+            <actionGroup ref="AdminLogoutActionGroup" stepKey="logout"/>
+        </after>
+    </test>
+</tests>

ReCaptchaUser/view/adminhtml/templates/recaptcha.phtml

@@ -13,7 +13,6 @@ $isInvisible = !empty($config['invisible']);
          class="admin-recaptcha-content<?=
          /* @noEscape */ !empty($renderingOptions['size']) ? ' size-' . $renderingOptions['size'] : '' ?>"></div>
 </div>
-
 <script>
     require([
         'jquery'
@@ -27,36 +26,57 @@ $isInvisible = !empty($config['invisible']);
         element.src = 'https://www.google.com/recaptcha/api.js'
             + '?onload=globalOnRecaptchaOnLoadCallback&render=explicit';
 
-        window.globalOnRecaptchaOnLoadCallback = function () {
-            let token = '';
+        let isRecaptchaLoaded = false;
+        let token = '';
+        let maxRetryAttempts = 5;
+        let attempts = 0;
+        let widgetId = 0;
+        <?php if ($isInvisible): ?>
+        $('#login-form').submit(function (event) {
+            if (!token) {
+                event.preventDefault(event);
+                event.stopImmediatePropagation();
+                event.stopPropagation();
 
-            this.widgetId = grecaptcha.render('admin-recaptcha', {
-                <?php foreach ($renderingOptions as $key => $value): ?>
-                '<?= $block->escapeJs($key) ?>': '<?= $block->escapeJs($value) ?>',
-                <?php endforeach; ?>
-                'callback': function (token) { // jscs:ignore jsDoc
-                    <?php if ($isInvisible): ?>
-                    this.token = token;
-                    $('#login-form').submit();
-                    <?php endif; ?>
-                }.bind(this)
-            });
+                let attemptRecaptcha = () => {
+                    attempts++;
+                    if (attempts > maxRetryAttempts){
+                        console.error("Could not fetch invisible ReCaptcha token. Please refresh the page.");
+                        return;
+                    }
+                    if (!isRecaptchaLoaded) {
 
-            <?php if ($isInvisible): ?>
-            $('#login-form').submit(function (event) {
-                if (!this.token) {
-                    grecaptcha.execute(this.widgetId).then(
-                        function() {
+                        setTimeout(() => {
+                            attemptRecaptcha()
+                        }, 1000);
+                        return;
+                    }
+                    grecaptcha.execute(widgetId)
+                        .then( () => {
                             event.preventDefault(event);
                             event.stopImmediatePropagation();
-                        }, function(reason) {
-                        });
+                            event.stopPropagation();
+                        }, (reason) => { })
+                        .catch(err => { console.error(err); });
                 }
-            }.bind(this));
-            <?php endif; ?>
-
-        }.bind(this);
+                attemptRecaptcha();
+            }
+        });
+        <?php endif; ?>
+        window.globalOnRecaptchaOnLoadCallback = function () {
 
+            widgetId = grecaptcha.render('admin-recaptcha', {
+                <?php foreach ($renderingOptions as $key => $value): ?>
+                    '<?= $block->escapeJs($key) ?>': '<?= $block->escapeJs($value) ?>',
+                <?php endforeach; ?> 'callback': function (_token) {
+                    <?php if ($isInvisible): ?>
+                    token = _token;
+                    $('#login-form').unbind('submit');
+                    $('#login-form').submit();
+                    <?php endif; ?> }
+            });
+            isRecaptchaLoaded = true;
+        }
         scriptTag.parentNode.insertBefore(element, scriptTag);
     });
 </script>

TwoFactorAuth/Test/Integration/UserConfigRequestManagerTest.php

@@ -9,14 +9,17 @@
 namespace Magento\TwoFactorAuth\Test\Integration;
 
 use Magento\Framework\Acl\Builder;
-use Magento\TestFramework\Helper\Bootstrap;
+use Magento\Framework\Exception\AuthorizationException;
+use Magento\TestFramework\Bootstrap;
+use Magento\TestFramework\Helper\Bootstrap as BootstrapHelper;
 use Magento\TestFramework\Mail\Template\TransportBuilderMock;
 use Magento\User\Model\User;
 use Magento\TwoFactorAuth\Api\TfaInterface;
 use Magento\TwoFactorAuth\Api\UserConfigRequestManagerInterface;
 use Magento\TwoFactorAuth\Api\UserConfigTokenManagerInterface;
 use Magento\TwoFactorAuth\Model\Provider\Engine\Google;
 use PHPUnit\Framework\TestCase;
+use Throwable;
 
 /**
  * @magentoDbIsolation enabled
@@ -58,15 +61,15 @@ class UserConfigRequestManagerTest extends TestCase
     protected function setUp(): void
     {
         /** @var User $user */
-        $user = Bootstrap::getObjectManager()->create(User::class);
-        $user->loadByUsername(\Magento\TestFramework\Bootstrap::ADMIN_NAME);
+        $user = BootstrapHelper::getObjectManager()->create(User::class);
+        $user->loadByUsername(Bootstrap::ADMIN_NAME);
         $this->user = $user;
-        $this->tfa = Bootstrap::getObjectManager()->get(TfaInterface::class);
-        $this->transportBuilderMock = Bootstrap::getObjectManager()->get(TransportBuilderMock::class);
-        $this->tokenManager = Bootstrap::getObjectManager()->get(UserConfigTokenManagerInterface::class);
-        $this->aclBuilder = Bootstrap::getObjectManager()->get(Builder::class);
+        $this->tfa = BootstrapHelper::getObjectManager()->get(TfaInterface::class);
+        $this->transportBuilderMock = BootstrapHelper::getObjectManager()->get(TransportBuilderMock::class);
+        $this->tokenManager = BootstrapHelper::getObjectManager()->get(UserConfigTokenManagerInterface::class);
+        $this->aclBuilder = BootstrapHelper::getObjectManager()->get(Builder::class);
 
-        $this->manager = Bootstrap::getObjectManager()->get(UserConfigRequestManagerInterface::class);
+        $this->manager = BootstrapHelper::getObjectManager()->get(UserConfigRequestManagerInterface::class);
     }
 
     /**
@@ -104,25 +107,28 @@ public function testIsRequiredWithConfig(): void
     }
 
     /**
-     * Check that app config request E-mail is NOT sent for a user that does not posses proper rights.
+     * Check that app config request E-mail is NOT sent for a user that does not possess proper rights.
      *
      * @return void
-     * @throws \Throwable
+     * @throws Throwable
      * @magentoAppArea adminhtml
      * @magentoAppIsolation enabled
      */
     public function testFailAppConfigRequest(): void
     {
-        $this->expectException(\Magento\Framework\Exception\AuthorizationException::class);
-        $this->aclBuilder->getAcl()->deny(null, 'Magento_TwoFactorAuth::config');
+        $this->expectException(AuthorizationException::class);
+        $this->aclBuilder->getAcl()->deny(
+            Bootstrap::ADMIN_ROLE_ID,
+            'Magento_TwoFactorAuth::config'
+        );
         $this->manager->sendConfigRequestTo($this->user);
     }
 
     /**
      * Check that app config request E-mail is sent for a user that posseses proper rights.
      *
      * @return void
-     * @throws \Throwable
+     * @throws Throwable
      * @magentoAppArea adminhtml
      */
     public function testSendAppConfigRequest(): void
@@ -151,7 +157,7 @@ public function testSendAppConfigRequest(): void
      * Check that personal 2FA config request E-mail is sent for users.
      *
      * @return void
-     * @throws \Throwable
+     * @throws Throwable
      * @magentoAppArea adminhtml
      * @magentoConfigFixture default/twofactorauth/general/force_providers google
      */