feat(api/v2): implement U2F session check (#6339)

2025-08-12 00:47:33 +00:00 · 2023-08-11 18:36:18 +03:00
parent 4e0c3115fe
commit 86af67d1be
47 changed files with 1035 additions and 665 deletions
--- a/internal/api/grpc/session/v2/session_test.go
+++ b/internal/api/grpc/session/v2/session_test.go
@@ -70,7 +70,7 @@ func Test_sessionsToPb(t *testing.T) {
 			},
 			Metadata: map[string][]byte{"hello": []byte("world")},
 		},
-		{ // passkey factor
+		{ // webAuthN factor
 			ID:            "999",
 			CreationDate:  now,
 			ChangeDate:    now,
@@ -85,8 +85,9 @@ func Test_sessionsToPb(t *testing.T) {
 				DisplayName:   "donald duck",
 				ResourceOwner: "org1",
 			},
-			PasskeyFactor: query.SessionPasskeyFactor{
-				PasskeyCheckedAt: past,
+			WebAuthNFactor: query.SessionWebAuthNFactor{
+				WebAuthNCheckedAt: past,
+				UserVerified:      true,
 			},
 			Metadata: map[string][]byte{"hello": []byte("world")},
 		},
@@ -136,7 +137,7 @@ func Test_sessionsToPb(t *testing.T) {
 			},
 			Metadata: map[string][]byte{"hello": []byte("world")},
 		},
-		{ // passkey factor
+		{ // webAuthN factor
 			Id:           "999",
 			CreationDate: timestamppb.New(now),
 			ChangeDate:   timestamppb.New(now),
@@ -149,8 +150,9 @@ func Test_sessionsToPb(t *testing.T) {
 					DisplayName:    "donald duck",
 					OrganisationId: "org1",
 				},
-				Passkey: &session.PasskeyFactor{
-					VerifiedAt: timestamppb.New(past),
+				WebAuthN: &session.WebAuthNFactor{
+					VerifiedAt:   timestamppb.New(past),
+					UserVerified: true,
 				},
 			},
 			Metadata: map[string][]byte{"hello": []byte("world")},
@@ -432,3 +434,40 @@ func Test_userCheck(t *testing.T) {
 		})
 	}
 }
+
+func Test_userVerificationRequirementToDomain(t *testing.T) {
+	type args struct {
+		req session.UserVerificationRequirement
+	}
+	tests := []struct {
+		args args
+		want domain.UserVerificationRequirement
+	}{
+		{
+			args: args{session.UserVerificationRequirement_USER_VERIFICATION_REQUIREMENT_UNSPECIFIED},
+			want: domain.UserVerificationRequirementUnspecified,
+		},
+		{
+			args: args{session.UserVerificationRequirement_USER_VERIFICATION_REQUIREMENT_REQUIRED},
+			want: domain.UserVerificationRequirementRequired,
+		},
+		{
+			args: args{session.UserVerificationRequirement_USER_VERIFICATION_REQUIREMENT_PREFERRED},
+			want: domain.UserVerificationRequirementPreferred,
+		},
+		{
+			args: args{session.UserVerificationRequirement_USER_VERIFICATION_REQUIREMENT_DISCOURAGED},
+			want: domain.UserVerificationRequirementDiscouraged,
+		},
+		{
+			args: args{999},
+			want: domain.UserVerificationRequirementUnspecified,
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.args.req.String(), func(t *testing.T) {
+			got := userVerificationRequirementToDomain(tt.args.req)
+			assert.Equal(t, tt.want, got)
+		})
+	}
+}