Changes based on feedback - 2

okta · Feb 15, 2018 · 23fcc94 · 23fcc94
1 parent 1a0724f
commit 23fcc94
Show file tree

Hide file tree

Showing 3 changed files with 310 additions and 9 deletions.
diff --git a/lib/tx.js b/lib/tx.js
@@ -1,4 +1,4 @@
-/* eslint-disable complexity */
+/* eslint-disable complexity, max-statements */
 var http              = require('./http');
 var util              = require('./util');
 var Q                 = require('q');
@@ -8,7 +8,7 @@ var config            = require('./config');
 
 function addStateToken(res, options) {
   var builtArgs = {};
-  util.extend(builtArgs, options || {});
+  util.extend(builtArgs, options);
 
   // Add the stateToken if one isn't passed and we have one
   if (!builtArgs.stateToken && res.stateToken) {
@@ -78,8 +78,16 @@ function getPollFn(sdk, res, ref) {
     var pollLink = util.getLink(res, 'next', 'poll');
     function pollFn() {
       var opts = {};
-      if (autoPush !== undefined && autoPush !== null) {
-        opts.autoPush = (typeof autoPush === 'function') ? autoPush() : !!autoPush;
+      if (typeof autoPush === 'function') {
+        try {
+          opts.autoPush = !!autoPush();
+        }
+        catch (e) {
+          return Q.reject(new AuthSdkError('AutoPush resulted in an error.'));
+        }
+      }
+      else if (autoPush !== undefined && autoPush !== null) {
+        opts.autoPush = !!autoPush;
       }
       if (rememberDevice) {
         opts.rememberDevice = true;
@@ -94,12 +102,10 @@ function getPollFn(sdk, res, ref) {
 
     var retryCount = 0;
     var recursivePoll = function () {
-
       // If the poll was manually stopped during the delay
       if (!ref.isPolling) {
         return Q.reject(new AuthPollStopError());
       }
-
       return pollFn()
         .then(function (pollRes) {
           // Reset our retry counter on success
@@ -188,9 +194,18 @@ function link2fn(sdk, res, obj, link, ref) {
           }
 
           var params = {};
-          if (data.autoPush !== undefined) {
-            if (data.autoPush !== null) {
-              params.autoPush = (typeof data.autoPush === 'function') ? data.autoPush() : !!data.autoPush;
+          var autoPush = data.autoPush;
+          if (autoPush !== undefined) {
+            if (typeof autoPush === 'function') {
+              try {
+                params.autoPush = !!autoPush();
+              }
+              catch (e) {
+                return Q.reject(new AuthSdkError('AutoPush resulted in an error.'));
+              }
+            }
+            else if (autoPush !== null) {
+              params.autoPush = !!autoPush;
             }
             data = util.omit(data, 'autoPush');
           }

diff --git a/test/spec/mfa-challenge.js b/test/spec/mfa-challenge.js
@@ -131,6 +131,71 @@ define(function(require) {
         }
       });
 
+      util.itMakesCorrectRequestResponse({
+        title: 'allows verification when autoPush function returns truthy value',
+        setup: {
+          status: 'mfa-challenge-sms',
+          request: {
+            uri: '/api/v1/authn/factors/smsigwDlH85L9FyQK0g3/verify?autoPush=true',
+            data: {
+              stateToken: '00rt1IY9c6Q3RVc4a2jJPbS2uAtFNWJz_d8A26KTdF',
+              passCode: '123456'
+            }
+          },
+          response: 'success'
+        },
+        execute: function (test) {
+          return test.trans.verify({
+            passCode: '123456',
+            autoPush: function () {
+              return 'test';
+            }
+          });
+        }
+      });
+
+      util.itMakesCorrectRequestResponse({
+        title: 'allows verification when autoPush function returns falsy value',
+        setup: {
+          status: 'mfa-challenge-sms',
+          request: {
+            uri: '/api/v1/authn/factors/smsigwDlH85L9FyQK0g3/verify?autoPush=false',
+            data: {
+              stateToken: '00rt1IY9c6Q3RVc4a2jJPbS2uAtFNWJz_d8A26KTdF',
+              passCode: '123456'
+            }
+          },
+          response: 'success'
+        },
+        execute: function (test) {
+          return test.trans.verify({
+            passCode: '123456',
+            autoPush: function () {
+              return '';
+            }
+          });
+        }
+      });
+
+      util.itErrorsCorrectly({
+        title: 'throws an error when autoPush function throws an error',
+        setup: {
+          status: 'mfa-challenge-sms'
+        },
+        execute: function (test) {
+          return test.trans.verify({
+            passCode: '123456',
+            autoPush: function () {
+              throw new Error('test');
+            }
+          });
+        },
+        expectations: function (test, err) {
+          expect(err.name).toEqual('AuthSdkError');
+          expect(err.errorSummary).toEqual('AutoPush resulted in an error.');
+        }
+      });
+
       util.itMakesCorrectRequestResponse({
         title: 'allows verification with autoPush as undefined',
         setup: {
@@ -472,6 +537,162 @@ define(function(require) {
         }
       });
 
+      util.itMakesCorrectRequestResponse({
+        title: 'allows polling for push with autoPush value changing during poll',
+        setup: {
+          status: 'mfa-challenge-push',
+          calls: [
+            {
+              request: {
+                uri: '/api/v1/authn/factors/opf492vmb3s1blLTs0h7/verify?autoPush=true',
+                data: {
+                  stateToken: '00T4jcVNRzJy5dkWJ4P7c9051dY3FUYY9O2zvbU_vI'
+                }
+              },
+              response: 'mfa-challenge-push'
+            },
+            {
+              request: {
+                uri: '/api/v1/authn/factors/opf492vmb3s1blLTs0h7/verify?autoPush=true',
+                data: {
+                  stateToken: '00T4jcVNRzJy5dkWJ4P7c9051dY3FUYY9O2zvbU_vI'
+                }
+              },
+              response: 'mfa-challenge-push'
+            },
+            {
+              request: {
+                uri: '/api/v1/authn/factors/opf492vmb3s1blLTs0h7/verify?autoPush=false',
+                data: {
+                  stateToken: '00T4jcVNRzJy5dkWJ4P7c9051dY3FUYY9O2zvbU_vI'
+                }
+              },
+              response: 'success'
+            }
+          ]
+        },
+        execute: function (test) {
+          var count = 1;
+          return test.trans.poll({
+            delay: 0,
+            autoPush: function () {
+              if(count === 3) {
+                return false;
+              }
+              count ++;
+              return true;
+            }
+          });
+        }
+      });
+
+      util.itMakesCorrectRequestResponse({
+        title: 'allows polling for push when autoPush function returns truthy value',
+        setup: {
+          status: 'mfa-challenge-push',
+          calls: [
+            {
+              request: {
+                uri: '/api/v1/authn/factors/opf492vmb3s1blLTs0h7/verify?autoPush=true',
+                data: {
+                  stateToken: '00T4jcVNRzJy5dkWJ4P7c9051dY3FUYY9O2zvbU_vI'
+                }
+              },
+              response: 'mfa-challenge-push'
+            },
+            {
+              request: {
+                uri: '/api/v1/authn/factors/opf492vmb3s1blLTs0h7/verify?autoPush=true',
+                data: {
+                  stateToken: '00T4jcVNRzJy5dkWJ4P7c9051dY3FUYY9O2zvbU_vI'
+                }
+              },
+              response: 'mfa-challenge-push'
+            },
+            {
+              request: {
+                uri: '/api/v1/authn/factors/opf492vmb3s1blLTs0h7/verify?autoPush=true',
+                data: {
+                  stateToken: '00T4jcVNRzJy5dkWJ4P7c9051dY3FUYY9O2zvbU_vI'
+                }
+              },
+              response: 'success'
+            }
+          ]
+        },
+        execute: function (test) {
+          return test.trans.poll({
+            delay: 0,
+            autoPush: function () {
+              return 'test';
+            }
+          });
+        }
+      });
+
+      util.itMakesCorrectRequestResponse({
+        title: 'allows polling for push when autoPush function returns falsy value',
+        setup: {
+          status: 'mfa-challenge-push',
+          calls: [
+            {
+              request: {
+                uri: '/api/v1/authn/factors/opf492vmb3s1blLTs0h7/verify?autoPush=false',
+                data: {
+                  stateToken: '00T4jcVNRzJy5dkWJ4P7c9051dY3FUYY9O2zvbU_vI'
+                }
+              },
+              response: 'mfa-challenge-push'
+            },
+            {
+              request: {
+                uri: '/api/v1/authn/factors/opf492vmb3s1blLTs0h7/verify?autoPush=false',
+                data: {
+                  stateToken: '00T4jcVNRzJy5dkWJ4P7c9051dY3FUYY9O2zvbU_vI'
+                }
+              },
+              response: 'mfa-challenge-push'
+            },
+            {
+              request: {
+                uri: '/api/v1/authn/factors/opf492vmb3s1blLTs0h7/verify?autoPush=false',
+                data: {
+                  stateToken: '00T4jcVNRzJy5dkWJ4P7c9051dY3FUYY9O2zvbU_vI'
+                }
+              },
+              response: 'success'
+            }
+          ]
+        },
+        execute: function (test) {
+          return test.trans.poll({
+            delay: 0,
+            autoPush: function () {
+              return '';
+            }
+          });
+        }
+      });
+
+      util.itErrorsCorrectly({
+        title: 'throws an error when autoPush function throws an error during polling',
+        setup: {
+          status: 'mfa-challenge-push'
+        },
+        execute: function (test) {
+          return test.trans.poll({
+            delay: 0,
+            autoPush: function () {
+              throw new Error('test');
+            }
+          });
+        },
+        expectations: function (test, err) {
+          expect(err.name).toEqual('AuthSdkError');
+          expect(err.errorSummary).toEqual('AutoPush resulted in an error.');
+        }
+      });
+
       util.itMakesCorrectRequestResponse({
         title: 'does not include autoPush for polling for push if autoPush undefined',
         setup: {

diff --git a/test/spec/mfa-required.js b/test/spec/mfa-required.js
@@ -172,6 +172,71 @@ define(function(require) {
           });
         }
       });
+      util.itMakesCorrectRequestResponse({
+        title: 'passes autoPush as a boolean query param if function returns a truthy value',
+        setup: {
+          status: 'mfa-required',
+          request: {
+            uri: '/api/v1/authn/factors/uftigiEmYTPOmvqTS0g3/verify?autoPush=true',
+            data: {
+              stateToken: '004KscPNUS2LswGp26qiu4Hetqt_zcgz-PcQhPseVP',
+              passCode: '123456'
+            }
+          },
+          response: 'success'
+        },
+        execute: function (test) {
+          var factor = _.find(test.trans.factors, {id: 'uftigiEmYTPOmvqTS0g3'});
+          return factor.verify({
+            'passCode': '123456',
+            'autoPush': function() {
+              return 'test';
+            }
+          });
+        }
+      });
+      util.itMakesCorrectRequestResponse({
+        title: 'passes autoPush as a boolean query param if function returns a falsy value',
+        setup: {
+          status: 'mfa-required',
+          request: {
+            uri: '/api/v1/authn/factors/uftigiEmYTPOmvqTS0g3/verify?autoPush=false',
+            data: {
+              stateToken: '004KscPNUS2LswGp26qiu4Hetqt_zcgz-PcQhPseVP',
+              passCode: '123456'
+            }
+          },
+          response: 'success'
+        },
+        execute: function (test) {
+          var factor = _.find(test.trans.factors, {id: 'uftigiEmYTPOmvqTS0g3'});
+          return factor.verify({
+            'passCode': '123456',
+            'autoPush': function() {
+              return '';
+            }
+          });
+        }
+      });
+      util.itErrorsCorrectly({
+        title: 'throws an error when autoPush function throws an error',
+        setup: {
+          status: 'mfa-required'
+        },
+        execute: function (test) {
+          var factor = _.find(test.trans.factors, {id: 'uftigiEmYTPOmvqTS0g3'});
+          return factor.verify({
+            'passCode': '123456',
+            'autoPush': function () {
+              throw new Error('test');
+            }
+          });
+        },
+        expectations: function (test, err) {
+          expect(err.name).toEqual('AuthSdkError');
+          expect(err.errorSummary).toEqual('AutoPush resulted in an error.');
+        }
+      });
       util.itMakesCorrectRequestResponse({
         title: 'doesn\'t pass autoPush as a query param if undefined',
         setup: {