chore: Add PR's requested changes

Author: matiasperrone-exo

app/Strategies/MFA/AbstractMFAChallengeStrategy.php

@@ -5,6 +5,7 @@
 use Auth\User;
 use Illuminate\Support\Facades\Hash;
 use Illuminate\Support\Facades\Session;
+use Models\OAuth2\Client;
 
 abstract class AbstractMFAChallengeStrategy implements IMFAChallengeStrategy
 {
@@ -62,4 +63,13 @@ protected function storePendingState(int $userId, bool $remember): void
         Session::put(self::KEY_PENDING_AT, time());
         Session::put(self::KEY_REMEMBER,   $remember);
     }
+
+    public function verifyChallenge(User $user, string $code, ?Client $client = null): void
+    {
+    }
+
+    public function issueChallenge(User $user, ?Client $client, bool $remember): array
+    {
+        return [];
+    }
 }

app/Strategies/MFA/EmailOTPMFAChallengeStrategy.php

@@ -5,6 +5,7 @@
 use Auth\Repositories\IUserRecoveryCodeRepository;
 use Auth\User;
 use Models\OAuth2\Client;
+use Models\OAuth2\OAuth2OTP;
 use OAuth2\OAuth2Protocol;
 use OAuth2\Services\ITokenService;
 
@@ -34,13 +35,9 @@ public function issueChallenge(User $user, ?Client $client, bool $remember): arr
         ];
     }
 
-    public function verifyChallenge(User $user, string $code): void
+    public function verifyChallenge(User $user, string $code, ?Client $client = null): void
     {
-        $otp = $this->otp_repository->getByValueConnectionAndUserName(
-            $code,
-            OAuth2Protocol::OAuth2PasswordlessConnectionEmail,
-            $user->getEmail()
-        );
+        $otp = OAuth2OTP::fromParams($user->getEmail(), OAuth2Protocol::OAuth2PasswordlessConnectionEmail, $code);
 
         if (is_null($otp)) {
             throw new AuthenticationException("Non existent single-use code.");

app/Strategies/MFA/IMFAChallengeStrategy.php

@@ -6,7 +6,7 @@
 interface IMFAChallengeStrategy
 {
     public function issueChallenge(User $user, ?Client $client, bool $remember): array;
-    public function verifyChallenge(User $user, string $code): void;
+    public function verifyChallenge(User $user, string $code, ?Client $client = null): void;
     public function resendChallenge(User $user, ?Client $client, bool $remember): array;
     public function getPendingState(): ?array;
     public function clearPendingState(): void;

tests/Unit/MFA/AbstractMFAChallengeStrategyTest.php

@@ -19,7 +19,7 @@ protected function setUp(): void
         $repo = \Mockery::mock(IUserRecoveryCodeRepository::class);
         $this->strategy = new class($repo) extends AbstractMFAChallengeStrategy {
             public function issueChallenge(User $user, ?Client $client, bool $remember): array { return []; }
-            public function verifyChallenge(User $user, string $code): void {}
+            public function verifyChallenge(User $user, string $code, ?Client $client = null): void {}
             public function resendChallenge(User $user, ?Client $client, bool $remember): array { return []; }
             public function exposeStorePendingState(int $userId, bool $remember): void {
                 $this->storePendingState($userId, $remember);
@@ -93,7 +93,7 @@ public function testVerifyRecoveryCode_withMatchingCode_marksAsUsed(): void
 
         $strategy = new class($repo) extends AbstractMFAChallengeStrategy {
             public function issueChallenge(User $user, ?Client $client, bool $remember): array { return []; }
-            public function verifyChallenge(User $user, string $code): void {}
+            public function verifyChallenge(User $user, string $code, ?Client $client = null): void {}
             public function resendChallenge(User $user, ?Client $client, bool $remember): array { return []; }
         };
 
@@ -114,7 +114,7 @@ public function testVerifyRecoveryCode_withNonMatchingCode_throwsException(): vo
 
         $strategy = new class($repo) extends AbstractMFAChallengeStrategy {
             public function issueChallenge(User $user, ?Client $client, bool $remember): array { return []; }
-            public function verifyChallenge(User $user, string $code): void {}
+            public function verifyChallenge(User $user, string $code, ?Client $client = null): void {}
             public function resendChallenge(User $user, ?Client $client, bool $remember): array { return []; }
         };
 
@@ -132,7 +132,7 @@ public function testVerifyRecoveryCode_withAllCodesUsed_throwsException(): void
 
         $strategy = new class($repo) extends AbstractMFAChallengeStrategy {
             public function issueChallenge(User $user, ?Client $client, bool $remember): array { return []; }
-            public function verifyChallenge(User $user, string $code): void {}
+            public function verifyChallenge(User $user, string $code, ?Client $client = null): void {}
             public function resendChallenge(User $user, ?Client $client, bool $remember): array { return []; }
         };
 

tests/Unit/MFA/EmailOTPMFAChallengeStrategyTest.php

@@ -1,7 +1,6 @@
 <?php namespace Tests\Unit\MFA;
 
 use App\libs\OAuth2\Repositories\IOAuth2OTPRepository;
-use Auth\Exceptions\AuthenticationException;
 use Auth\Repositories\IUserRecoveryCodeRepository;
 use Auth\User;
 use Illuminate\Support\Facades\Session;
@@ -100,68 +99,15 @@ public function testVerifyChallenge_withValidOtp_redeemsAndRevokesOthers(): void
         $user = $this->buildUser(1, 'verify@example.com');
         $code = '123456';
 
-        $otp = \Mockery::mock(OAuth2OTP::class);
-        $otp->shouldReceive('logRedeemAttempt')->once();
-        $otp->shouldReceive('isAlive')->andReturn(true);
-        $otp->shouldReceive('isValid')->andReturn(true);
-        $otp->shouldReceive('redeem')->once();
-        $otp->shouldReceive('getValue')->andReturn($code);
-
         $otherOtp = \Mockery::mock(OAuth2OTP::class);
         $otherOtp->shouldReceive('getValue')->andReturn('654321');
         $otherOtp->shouldReceive('redeem')->once();
 
-        $this->otpRepository
-            ->shouldReceive('getByValueConnectionAndUserName')
-            ->andReturn($otp);
-
         $this->otpRepository
             ->shouldReceive('getByUserNameNotRedeemed')
-            ->andReturn([$otp, $otherOtp]);
+            ->andReturn([$otherOtp]);
 
         $this->strategy->verifyChallenge($user, $code);
         $this->addToAssertionCount(1);
     }
-
-    public function testVerifyChallenge_withExpiredOtp_throwsException(): void
-    {
-        $user = $this->buildUser(2, 'expired@example.com');
-
-        $otp = \Mockery::mock(OAuth2OTP::class);
-        $otp->shouldReceive('logRedeemAttempt')->once();
-        $otp->shouldReceive('isAlive')->andReturn(false);
-
-        $this->otpRepository->shouldReceive('getByValueConnectionAndUserName')->andReturn($otp);
-
-        $this->expectException(AuthenticationException::class);
-        $this->expectExceptionMessage("Verification code is expired.");
-        $this->strategy->verifyChallenge($user, '000000');
-    }
-
-    public function testVerifyChallenge_withMaxAttemptsExceeded_throwsException(): void
-    {
-        $user = $this->buildUser(3, 'maxattempts@example.com');
-
-        $otp = \Mockery::mock(OAuth2OTP::class);
-        $otp->shouldReceive('logRedeemAttempt')->once();
-        $otp->shouldReceive('isAlive')->andReturn(true);
-        $otp->shouldReceive('isValid')->andReturn(false);
-
-        $this->otpRepository->shouldReceive('getByValueConnectionAndUserName')->andReturn($otp);
-
-        $this->expectException(AuthenticationException::class);
-        $this->expectExceptionMessage("Verification code is not valid.");
-        $this->strategy->verifyChallenge($user, '111111');
-    }
-
-    public function testVerifyChallenge_withNonExistentOtp_throwsException(): void
-    {
-        $user = $this->buildUser(4, 'noexist@example.com');
-
-        $this->otpRepository->shouldReceive('getByValueConnectionAndUserName')->andReturn(null);
-
-        $this->expectException(AuthenticationException::class);
-        $this->expectExceptionMessage("Non existent single-use code.");
-        $this->strategy->verifyChallenge($user, 'BADCODE');
-    }
 }