Add integration tests for validator constraints

Author: scheb

app/composer.json

@@ -14,6 +14,7 @@
         "symfony/console": "^7.4 || ^8.0",
         "symfony/doctrine-bridge": "^7.4 || ^8.0",
         "symfony/dotenv": "^7.4 || ^8.0",
+        "symfony/form": "^7.4 || ^8.0",
         "symfony/framework-bundle": "^7.4 || ^8.0",
         "symfony/http-kernel": "^7.4 || ^8.0",
         "symfony/mailer": "^7.4 || ^8.0",
@@ -23,6 +24,7 @@
         "symfony/security-bundle": "^7.4 || ^8.0",
         "symfony/translation": "^7.4 || ^8.0",
         "symfony/twig-bundle": "^7.4 || ^8.0",
+        "symfony/validator": "^7.4 || ^8.0",
         "symfony/web-profiler-bundle": "^7.4 || ^8.0",
         "symfony/yaml": "^7.4 || ^8.0"
     },

app/config/reference.php

@@ -146,7 +146,7 @@
  *         cookie_name?: scalar|null, // The name of the cookie to use when using stateless protection. // Default: "csrf-token"
  *     },
  *     form?: bool|array{ // Form configuration
- *         enabled?: bool, // Default: false
+ *         enabled?: bool, // Default: true
  *         csrf_protection?: array{
  *             enabled?: scalar|null, // Default: null
  *             token_id?: scalar|null, // Default: null
@@ -325,7 +325,7 @@
  *         }>,
  *     },
  *     validation?: bool|array{ // Validation configuration
- *         enabled?: bool, // Default: false
+ *         enabled?: bool, // Default: true
  *         enable_attributes?: bool, // Default: true
  *         static_method?: list<scalar|null>,
  *         translation_domain?: scalar|null, // Default: "validators"

app/src/Controller/MembersController.php

@@ -4,9 +4,11 @@
 
 namespace App\Controller;
 
+use App\Form\TwoFactorFormData;
 use Scheb\TwoFactorBundle\Model\Google\TwoFactorInterface as GoogleAuthenticatorTwoFactorInterface;
 use Scheb\TwoFactorBundle\Model\Totp\TwoFactorInterface as TotpTwoFactorInterface;
 use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
+use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\Routing\Attribute\Route;
 use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
@@ -23,4 +25,25 @@ public function membersArea(TokenStorageInterface $tokenStorage): Response
             'displayQrCodeTotp' => $user instanceof TotpTwoFactorInterface && $user->isTotpAuthenticationEnabled(),
         ]);
     }
+
+    #[Route('/members/validators', name: 'validators_form')]
+    public function validators(Request $request): Response
+    {
+        $formData = new TwoFactorFormData();
+        $form = $this->createFormBuilder($formData)
+            ->add('googleTotpCode')
+            ->add('totpCode')
+            ->getForm();
+
+        $isValid = null;
+        $form->handleRequest($request);
+        if ($form->isSubmitted()) {
+            $isValid = $form->isValid();
+        }
+
+        return $this->render('members/validators.html.twig', [
+            'form' => $form,
+            'isValid' => $isValid,
+        ]);
+    }
 }

app/src/Form/TwoFactorFormData.php

@@ -0,0 +1,17 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Form;
+
+use Scheb\TwoFactorBundle\Security\TwoFactor\Validator\Constraints\UserGoogleTotpCode;
+use Scheb\TwoFactorBundle\Security\TwoFactor\Validator\Constraints\UserTotpCode;
+
+class TwoFactorFormData
+{
+    #[UserGoogleTotpCode]
+    public string $googleTotpCode;
+
+    #[UserTotpCode]
+    public string $totpCode;
+}

app/templates/members/validators.html.twig

@@ -0,0 +1,12 @@
+{% extends "base.html.twig" %}
+
+{% block body %}
+    <h2>Form Validators</h2>
+    {% if isValid %}
+        <p class="notice">All codes valid!</p>
+    {% endif %}
+    {{ form_start(form) }}
+        {{ form_widget(form) }}
+        <p><button type="submit" name="submit-button">Check Codes</button></p>
+    {{ form_end(form) }}
+{% endblock %}

app/tests/TestCase.php

@@ -32,7 +32,7 @@ abstract class TestCase extends WebTestCase
     private const TRUSTED_DEVICE_COOKIE_NAME = 'trusted_device';
     private const REMEMBER_ME_COOKIE_NAME = 'REMEMBERME';
 
-    private KernelBrowser $client;
+    protected KernelBrowser $client;
 
     // //////////////////// CONFIGURATION
 
@@ -224,6 +224,11 @@ protected function navigateTo2faForm(): Crawler
         return $this->client->request('GET', '/2fa');
     }
 
+    protected function navigateToValidatorsForm(): Crawler
+    {
+        return $this->client->request('GET', '/members/validators');
+    }
+
     // //////////////////// ASSERTS
 
     protected function assertLoggerHasInfo(string $message): void
@@ -337,7 +342,7 @@ protected function assertHasTrustedDeviceCookieSet(): void
         $this->assertNotNull($this->client->getCookieJar()->get(self::TRUSTED_DEVICE_COOKIE_NAME), 'Trusted device cookie must be set');
     }
 
-    private function assertResponseStatusCode(int $code): void
+    protected function assertResponseStatusCode(int $code): void
     {
         $this->assertEquals(
             $code,

app/tests/ValidatorConstraintsTest.php

@@ -0,0 +1,62 @@
+<?php
+
+declare(strict_types=1);
+
+use App\Tests\TestCase;
+use Symfony\Component\DomCrawler\Crawler;
+
+class ValidatorConstraintsTest extends TestCase
+{
+    public function testValidatorConstraintsWithWrongCodes(): void
+    {
+        // Login
+        $this->setAll2faProvidersEnabled(false);
+        $this->performLogin();
+
+        $submittedPage = $this->submitValidatorForm('wrongCode', 'wrongCode');
+
+        $this->assertValidatedWrongCodes($submittedPage);
+    }
+
+    public function testValidatorConstraintsWithCorrectCodes(): void
+    {
+        // Login
+        $this->setAll2faProvidersEnabled(false);
+        $this->performLogin();
+
+        $submittedPage = $this->submitValidatorForm($this->getGoogleAuthenticatorCode(), $this->getTotpCode());
+
+        $this->assertValidatedCorrectCodes($submittedPage);
+    }
+
+    private function submitValidatorForm(string $googleTotpCode, string $totpCode): Crawler
+    {
+        $formPage = $this->navigateToValidatorsForm();
+
+        $form = $formPage->selectButton('submit-button')->form();
+        $form['form[googleTotpCode]'] = $googleTotpCode;
+        $form['form[totpCode]'] = $totpCode;
+
+        return $this->client->submit($form);
+    }
+
+    private function assertValidatedWrongCodes(Crawler $submitPage): void
+    {
+        $this->assertResponseStatusCode(422);  // Unprocessable Entity
+        $this->assertStringContainsString(
+            'The verification code is not valid',
+            $submitPage->html(),
+            'The page must show an error message'
+        );
+    }
+
+    private function assertValidatedCorrectCodes(Crawler $submitPage): void
+    {
+        $this->assertResponseStatusCode(200);  // Unprocessable Entity
+        $this->assertStringContainsString(
+            'All codes valid!',
+            $submitPage->html(),
+            'The page must show the success message'
+        );
+    }
+}