kyush/misskey
1
0
Fork 0
forked from mirrors/misskey
Code Pull requests Projects Releases Packages 1 Activity Actions

attempt to fix test

Browse source
This commit is contained in:
kakkokari-gtyih 2026-06-22 17:38:02 +09:00
commit ebe92c9dd9
3 changed files with 116 additions and 27 deletions
Download patch file Download diff file Expand all files Collapse all files

38
packages/backend/test-server/entry.ts
View file

@ -1,6 +1,7 @@
import { portToPid } from 'pid-port';
import fkill from 'fkill';
import Fastify from 'fastify';
import * as lolex from '@sinonjs/fake-timers';
import { NestFactory } from '@nestjs/core';
import { MainModule } from '@/MainModule.js';
import { ServerService } from '@/server/ServerService.js';
@ -10,11 +11,22 @@ import { INestApplicationContext } from '@nestjs/common';
const config = loadConfig();
const originEnv = JSON.stringify(process.env);
const originalDateNow = Date.now.bind(Date);
process.env.NODE_ENV = 'test';
let app: INestApplicationContext;
let serverService: ServerService;
let baseNowMs = originalDateNow();
const clock = lolex.install({
toFake: Object.keys(lolex.timers).filter((key) => !['nextTick', 'queueMicrotask'].includes(key)) as lolex.FakeMethod[],
now: baseNowMs,
});
function resetFakeTime() {
baseNowMs = originalDateNow();
clock.setSystemTime(baseNowMs);
}
/**
*
@ -84,6 +96,7 @@ async function startControllerEndpoints(port = config.port + 1000) {
fastify.post<{ Body: { key?: string, value?: string } }>('/env-reset', async (req, res) => {
process.env = JSON.parse(originEnv);
resetFakeTime();
await serverService.dispose();
await app.close();
@ -101,5 +114,30 @@ async function startControllerEndpoints(port = config.port + 1000) {
res.code(200).send({ success: true });
});
fastify.post<{ Body: { ms?: number } }>('/time/advance', async (req, res) => {
if (typeof req.body.ms !== 'number' || !Number.isFinite(req.body.ms)) {
res.code(400).send({ success: false });
return;
}
clock.setSystemTime(Date.now() + req.body.ms);
res.code(200).send({
success: true,
now: Date.now(),
offsetMs: Date.now() - baseNowMs,
});
});
fastify.post('/time/reset', async (_req, res) => {
resetFakeTime();
res.code(200).send({
success: true,
now: Date.now(),
offsetMs: Date.now() - baseNowMs,
});
});
await fastify.listen({ port: port, host: 'localhost' });
}

65
packages/backend/test/e2e/2fa.ts
View file

@ -10,7 +10,7 @@ import * as crypto from 'node:crypto';
import cbor from 'cbor';
import * as OTPAuth from 'otpauth';
import { loadConfig } from '@/config.js';
import { api, signup } from '../utils.js';
import { api, sendTimeAdvanceRequest, sendTimeResetRequest, signup } from '../utils.js';
import type {
AuthenticationResponseJSON,
AuthenticatorAssertionResponseJSON,
@ -20,7 +20,7 @@ import type {
RegistrationResponseJSON,
} from '@simplewebauthn/server';
import type * as misskey from 'misskey-js';
import { describe, beforeAll, test } from 'vitest';
import { describe, beforeAll, beforeEach, test } from 'vitest';
describe('2要素認証', () => {
let alice: misskey.entities.SignupResponse;
@ -45,13 +45,19 @@ describe('2要素認証', () => {
'M0c+PVy4WGvCyMQ6SUWklvzo2+2osjqwsQ==\n' +
'-----END EC PRIVATE KEY-----\n';
const otpToken = (secret: string): string => {
const otpToken = (secret: string, timestamp?: number): string => {
return OTPAuth.TOTP.generate({
secret: OTPAuth.Secret.fromBase32(secret),
digits: 6,
timestamp,
});
};
const nextOtpToken = async (secret: string): Promise<string> => {
const timestamp = await sendTimeAdvanceRequest({ ms: 30 * 1000 });
return otpToken(secret, timestamp);
};
const rpIdHash = (): Buffer => {
return crypto.createHash('sha256')
.update(Buffer.from(config.host, 'utf-8'))
@ -181,6 +187,11 @@ describe('2要素認証', () => {
alice = await signup({ username, password });
}, 1000 * 60 * 2);
beforeEach(async () => {
await sendTimeResetRequest();
});
test('が設定でき、OTPでログインできる。', async () => {
const registerResponse = await api('i/2fa/register', {
password,
@ -193,7 +204,7 @@ describe('2要素認証', () => {
assert.strictEqual(registerResponse.body.issuer, config.host);
const doneResponse = await api('i/2fa/done', {
token: otpToken(registerResponse.body.secret),
token: await nextOtpToken(registerResponse.body.secret),
}, alice);
assert.strictEqual(doneResponse.status, 200);
@ -208,7 +219,7 @@ describe('2要素認証', () => {
const signinResponse = await api('signin-flow', {
...signinParam(),
token: otpToken(registerResponse.body.secret),
token: await nextOtpToken(registerResponse.body.secret),
});
assert.strictEqual(signinResponse.status, 200);
assert.strictEqual(signinResponse.body.finished, true);
@ -217,7 +228,7 @@ describe('2要素認証', () => {
// 後片付け
await api('i/2fa/unregister', {
password,
token: otpToken(registerResponse.body.secret),
token: await nextOtpToken(registerResponse.body.secret),
}, alice);
});
@ -228,13 +239,13 @@ describe('2要素認証', () => {
assert.strictEqual(registerResponse.status, 200);
const doneResponse = await api('i/2fa/done', {
token: otpToken(registerResponse.body.secret),
token: await nextOtpToken(registerResponse.body.secret),
}, alice);
assert.strictEqual(doneResponse.status, 200);
const registerKeyResponse = await api('i/2fa/register-key', {
password,
token: otpToken(registerResponse.body.secret),
token: await nextOtpToken(registerResponse.body.secret),
}, alice);
assert.strictEqual(registerKeyResponse.status, 200);
assert.notEqual(registerKeyResponse.body.rp, undefined);
@ -243,7 +254,7 @@ describe('2要素認証', () => {
const keyName = 'example-key';
const credentialId = crypto.randomBytes(0x41);
const keyDoneResponse = await api('i/2fa/key-done', keyDoneParam({
token: otpToken(registerResponse.body.secret),
token: await nextOtpToken(registerResponse.body.secret),
keyName,
credentialId,
creationOptions: registerKeyResponse.body,
@ -274,7 +285,7 @@ describe('2要素認証', () => {
// 後片付け
await api('i/2fa/unregister', {
password,
token: otpToken(registerResponse.body.secret),
token: await nextOtpToken(registerResponse.body.secret),
}, alice);
});
@ -285,12 +296,12 @@ describe('2要素認証', () => {
assert.strictEqual(registerResponse.status, 200);
const doneResponse = await api('i/2fa/done', {
token: otpToken(registerResponse.body.secret),
token: await nextOtpToken(registerResponse.body.secret),
}, alice);
assert.strictEqual(doneResponse.status, 200);
const registerKeyResponse = await api('i/2fa/register-key', {
token: otpToken(registerResponse.body.secret),
token: await nextOtpToken(registerResponse.body.secret),
password,
}, alice);
assert.strictEqual(registerKeyResponse.status, 200);
@ -298,7 +309,7 @@ describe('2要素認証', () => {
const keyName = 'example-key';
const credentialId = crypto.randomBytes(0x41);
const keyDoneResponse = await api('i/2fa/key-done', keyDoneParam({
token: otpToken(registerResponse.body.secret),
token: await nextOtpToken(registerResponse.body.secret),
keyName,
credentialId,
creationOptions: registerKeyResponse.body,
@ -339,7 +350,7 @@ describe('2要素認証', () => {
// 後片付け
await api('i/2fa/unregister', {
password,
token: otpToken(registerResponse.body.secret),
token: await nextOtpToken(registerResponse.body.secret),
}, alice);
});
@ -350,12 +361,12 @@ describe('2要素認証', () => {
assert.strictEqual(registerResponse.status, 200);
const doneResponse = await api('i/2fa/done', {
token: otpToken(registerResponse.body.secret),
token: await nextOtpToken(registerResponse.body.secret),
}, alice);
assert.strictEqual(doneResponse.status, 200);
const registerKeyResponse = await api('i/2fa/register-key', {
token: otpToken(registerResponse.body.secret),
token: await nextOtpToken(registerResponse.body.secret),
password,
}, alice);
assert.strictEqual(registerKeyResponse.status, 200);
@ -363,7 +374,7 @@ describe('2要素認証', () => {
const keyName = 'example-key';
const credentialId = crypto.randomBytes(0x41);
const keyDoneResponse = await api('i/2fa/key-done', keyDoneParam({
token: otpToken(registerResponse.body.secret),
token: await nextOtpToken(registerResponse.body.secret),
keyName,
credentialId,
creationOptions: registerKeyResponse.body,
@ -389,7 +400,7 @@ describe('2要素認証', () => {
// 後片付け
await api('i/2fa/unregister', {
password,
token: otpToken(registerResponse.body.secret),
token: await nextOtpToken(registerResponse.body.secret),
}, alice);
});
@ -400,12 +411,12 @@ describe('2要素認証', () => {
assert.strictEqual(registerResponse.status, 200);
const doneResponse = await api('i/2fa/done', {
token: otpToken(registerResponse.body.secret),
token: await nextOtpToken(registerResponse.body.secret),
}, alice);
assert.strictEqual(doneResponse.status, 200);
const registerKeyResponse = await api('i/2fa/register-key', {
token: otpToken(registerResponse.body.secret),
token: await nextOtpToken(registerResponse.body.secret),
password,
}, alice);
assert.strictEqual(registerKeyResponse.status, 200);
@ -413,7 +424,7 @@ describe('2要素認証', () => {
const keyName = 'example-key';
const credentialId = crypto.randomBytes(0x41);
const keyDoneResponse = await api('i/2fa/key-done', keyDoneParam({
token: otpToken(registerResponse.body.secret),
token: await nextOtpToken(registerResponse.body.secret),
keyName,
credentialId,
creationOptions: registerKeyResponse.body,
@ -427,7 +438,7 @@ describe('2要素認証', () => {
assert.ok(beforeIResponse.body.securityKeysList);
for (const key of beforeIResponse.body.securityKeysList) {
const removeKeyResponse = await api('i/2fa/remove-key', {
token: otpToken(registerResponse.body.secret),
token: await nextOtpToken(registerResponse.body.secret),
password,
credentialId: key.id,
}, alice);
@ -440,7 +451,7 @@ describe('2要素認証', () => {
const signinResponse = await api('signin-flow', {
...signinParam(),
token: otpToken(registerResponse.body.secret),
token: await nextOtpToken(registerResponse.body.secret),
});
assert.strictEqual(signinResponse.status, 200);
assert.strictEqual(signinResponse.body.finished, true);
@ -449,7 +460,7 @@ describe('2要素認証', () => {
// 後片付け
await api('i/2fa/unregister', {
password,
token: otpToken(registerResponse.body.secret),
token: await nextOtpToken(registerResponse.body.secret),
}, alice);
});
@ -460,7 +471,7 @@ describe('2要素認証', () => {
assert.strictEqual(registerResponse.status, 200);
const doneResponse = await api('i/2fa/done', {
token: otpToken(registerResponse.body.secret),
token: await nextOtpToken(registerResponse.body.secret),
}, alice);
assert.strictEqual(doneResponse.status, 200);
@ -469,7 +480,7 @@ describe('2要素認証', () => {
assert.strictEqual(iResponse.body.twoFactorEnabled, true);
const unregisterResponse = await api('i/2fa/unregister', {
token: otpToken(registerResponse.body.secret),
token: await nextOtpToken(registerResponse.body.secret),
password,
}, alice);
assert.strictEqual(unregisterResponse.status, 204);
@ -484,7 +495,7 @@ describe('2要素認証', () => {
// 後片付け
await api('i/2fa/unregister', {
password,
token: otpToken(registerResponse.body.secret),
token: await nextOtpToken(registerResponse.body.secret),
}, alice);
});
});

40
packages/backend/test/utils.ts
View file

@ -644,6 +644,46 @@ export async function sendEnvResetRequest() {
}
}
export async function sendTimeAdvanceRequest(params: { ms: number }): Promise<number> {
const res = await fetch(
`http://localhost:${port + 1000}/time/advance`,
{
method: 'POST',
headers: {
'Content-Type': 'application/json',
},
body: JSON.stringify(params),
},
);
if (res.status !== 200) {
throw new Error('server time advance failed.');
}
const body = await res.json() as { now: number };
return body.now;
}
export async function sendTimeResetRequest(): Promise<number> {
const res = await fetch(
`http://localhost:${port + 1000}/time/reset`,
{
method: 'POST',
headers: {
'Content-Type': 'application/json',
},
body: JSON.stringify({}),
},
);
if (res.status !== 200) {
throw new Error('server time reset failed.');
}
const body = await res.json() as { now: number };
return body.now;
}
// 与えられた値を強制的にエラーとみなす。この関数は型安全性を破壊するため、異常系のアサーション以外で用いられるべきではない。
// FIXME(misskey-js): misskey-jsがエラー情報を公開するようになったらこの関数を廃止する
export function castAsError(obj: Record<string, unknown>): { error: ApiError } {