firebase · AngelAngelXie · Jun 9, 2023 · Jun 6, 2023 · Jun 6, 2023 · Jun 6, 2023
diff --git a/packages/auth/test/helpers/integration/helpers.ts b/packages/auth/test/helpers/integration/helpers.ts
@@ -113,5 +113,6 @@ export function getTotpCode(
   return token;
 }
 export const email = '[email protected]';
+export const fakePassword = 'password';
 //1000000 is always incorrect since it has 7 digits and we expect 6.
 export const incorrectTotpCode = '1000000';
diff --git a/packages/auth/test/integration/flows/totp.test.ts b/packages/auth/test/integration/flows/totp.test.ts
@@ -21,6 +21,7 @@ import sinonChai from 'sinon-chai';
 import {
   Auth,
   multiFactor,
+  MultiFactorUser,
   signInWithEmailAndPassword,
   getMultiFactorResolver
 } from '@firebase/auth';
@@ -30,6 +31,7 @@ import {
   getTestInstance,
   getTotpCode,
   email,
+  fakePassword,
   incorrectTotpCode
 } from '../../helpers/integration/helpers';
 
@@ -42,22 +44,30 @@ import { getEmulatorUrl } from '../../helpers/integration/settings';
 use(chaiAsPromised);
 use(sinonChai);
 
-describe(' Integration tests: Mfa TOTP', () => {
-  let auth: Auth;
-  let totpSecret: TotpSecret;
-  let displayName: string;
-  let totpTimestamp: Date;
-  let emulatorUrl: string | null;
+let auth: Auth;
+let totpSecret: TotpSecret;
+let displayName: string;
+let totpTimestamp: Date;
+let emulatorUrl: string | null;
+let mfaUser: MultiFactorUser | null;
+
+describe(' Integration tests: Mfa enrollement using totp', () => {
   beforeEach(async () => {
     emulatorUrl = getEmulatorUrl();
     if (!emulatorUrl) {
+      mfaUser = null;
       auth = getTestInstance();
       displayName = 'totp-integration-test';
     }
   });
 
   afterEach(async () => {
     if (!emulatorUrl) {
+      if (mfaUser && mfaUser.enrolledFactors.length > 0) {
+        for (let i = 0; i < mfaUser.enrolledFactors.length; i++) {
+          await mfaUser.unenroll(mfaUser.enrolledFactors[i]);
+        }
+      }
       await cleanUpTestInstance(auth);
     }
   });
@@ -66,10 +76,12 @@ describe(' Integration tests: Mfa TOTP', () => {
     if (emulatorUrl) {
       this.skip();
     }
-    const cr = await signInWithEmailAndPassword(auth, email, 'password');
-    const mfaUser = multiFactor(cr.user);
+
+    const cr = await signInWithEmailAndPassword(auth, email, fakePassword);
+    mfaUser = multiFactor(cr.user);
     const session = await mfaUser.getSession();
     totpSecret = await TotpMultiFactorGenerator.generateSecret(session);
+
     const multiFactorAssertion =
       TotpMultiFactorGenerator.assertionForEnrollment(
         totpSecret,
@@ -85,16 +97,12 @@ describe(' Integration tests: Mfa TOTP', () => {
     if (emulatorUrl) {
       this.skip();
     }
-    const cr = await signInWithEmailAndPassword(auth, email, 'password');
-
-    const mfaUser = multiFactor(cr.user);
 
+    const cr = await signInWithEmailAndPassword(auth, email, fakePassword);
+    mfaUser = multiFactor(cr.user);
     const session = await mfaUser.getSession();
-
     totpSecret = await TotpMultiFactorGenerator.generateSecret(session);
-
     totpTimestamp = new Date();
-
     const totpVerificationCode = getTotpCode(
       totpSecret.secretKey,
       totpSecret.codeIntervalSeconds,
@@ -107,18 +115,61 @@ describe(' Integration tests: Mfa TOTP', () => {
         totpSecret,
         totpVerificationCode
       );
+
     await expect(mfaUser.enroll(multiFactorAssertion, displayName)).to.be
       .fulfilled;
   });
+});
+
+describe('Integration tests: sign-in for mfa-enrolled users', () => {
+  beforeEach(async () => {
+    emulatorUrl = getEmulatorUrl();
+    mfaUser = null;
+
+    if (!emulatorUrl) {
+      auth = getTestInstance();
+      displayName = 'totp-integration-test';
+
+      const cr = await signInWithEmailAndPassword(auth, email, fakePassword);
+      mfaUser = multiFactor(cr.user);
+      const session = await mfaUser.getSession();
+      totpSecret = await TotpMultiFactorGenerator.generateSecret(session);
+      totpTimestamp = new Date();
+      const totpVerificationCode = getTotpCode(
+        totpSecret.secretKey,
+        totpSecret.codeIntervalSeconds,
+        totpSecret.codeLength,
+        totpTimestamp
+      );
+
+      const multiFactorAssertion =
+        TotpMultiFactorGenerator.assertionForEnrollment(
+          totpSecret,
+          totpVerificationCode
+        );
+
+      await mfaUser.enroll(multiFactorAssertion, displayName);
+    }
+  });
+
+  afterEach(async () => {
+    if (!emulatorUrl) {
+      if (mfaUser && mfaUser.enrolledFactors.length > 0) {
+        for (let i = 0; i < mfaUser.enrolledFactors.length; i++) {
+          await mfaUser.unenroll(mfaUser.enrolledFactors[i]);
+        }
+      }
+      await cleanUpTestInstance(auth);
+    }
+  });
 
   it('should not allow sign-in with incorrect totp', async function () {
     let resolver: any;
-
     if (emulatorUrl) {
       this.skip();
     }
     try {
-      await signInWithEmailAndPassword(auth, email, 'password');
+      await signInWithEmailAndPassword(auth, email, fakePassword);
 
       throw new Error('Signin should not have been successful');
     } catch (error) {
@@ -145,7 +196,7 @@ describe(' Integration tests: Mfa TOTP', () => {
       this.skip();
     }
     try {
-      await signInWithEmailAndPassword(auth, email, 'password');
+      await signInWithEmailAndPassword(auth, email, fakePassword);
 
       throw new Error('Signin should not have been successful');
     } catch (error) {
@@ -169,11 +220,10 @@ describe(' Integration tests: Mfa TOTP', () => {
         totpVerificationCode
       );
       const userCredential = await resolver.resolveSignIn(assertion);
-
-      const mfaUser = multiFactor(userCredential.user);
+      mfaUser = multiFactor(userCredential.user);
 
       await expect(mfaUser.unenroll(resolver.hints[0].uid)).to.be.fulfilled;
-      await expect(signInWithEmailAndPassword(auth, email, 'password')).to.be
+      await expect(signInWithEmailAndPassword(auth, email, fakePassword)).to.be
         .fulfilled;
     }
   });