feat(snjs): add authenticator use cases (#2145)

* feat(snjs): add authenticator use case * feat(snjs): add use cases for listing, deleting and verifying authenticators * fix(snjs): spec for deleting authenticator
2023-01-11 11:30:42 +01:00
parent 8fe78ecf5f
commit 5864ea84e7
16 changed files with 531 additions and 29 deletions
--- a/packages/snjs/lib/Domain/UseCase/AddAuthenticator/AddAuthenticator.spec.ts
+++ b/packages/snjs/lib/Domain/UseCase/AddAuthenticator/AddAuthenticator.spec.ts
@@ -0,0 +1,146 @@
+import { AuthenticatorClientInterface } from '@standardnotes/services'
+import { AddAuthenticator } from './AddAuthenticator'
+
+describe('AddAuthenticator', () => {
+  let authenticatorClient: AuthenticatorClientInterface
+  let authenticatorRegistrationPromptFunction: (
+    registrationOptions: Record<string, unknown>,
+  ) => Promise<Record<string, unknown>>
+
+
+  const createUseCase = () => new AddAuthenticator(authenticatorClient, authenticatorRegistrationPromptFunction)
+
+  beforeEach(() => {
+    authenticatorClient = {} as jest.Mocked<AuthenticatorClientInterface>
+    authenticatorClient.generateRegistrationOptions = jest.fn().mockReturnValue({ foo: 'bar' })
+    authenticatorClient.verifyRegistrationResponse = jest.fn().mockReturnValue(true)
+
+    authenticatorRegistrationPromptFunction = jest.fn()
+  })
+
+  it('should return error if userUuid is invalid', async () => {
+    const useCase = createUseCase()
+
+    const result = await useCase.execute({
+      userUuid: 'invalid',
+      username: 'username',
+      authenticatorName: 'authenticatorName',
+    })
+
+    expect(result.isFailed()).toBe(true)
+    expect(result.getError()).toBe('Could not generate authenticator registration options: Given value is not a valid uuid: invalid')
+  })
+
+  it('should return error if username is invalid', async () => {
+    const useCase = createUseCase()
+
+    const result = await useCase.execute({
+      userUuid: '00000000-0000-0000-0000-000000000000',
+      username: '',
+      authenticatorName: 'authenticatorName',
+    })
+
+    expect(result.isFailed()).toBe(true)
+    expect(result.getError()).toBe('Could not generate authenticator registration options: Username cannot be empty')
+  })
+
+  it('should return error if authenticatorName is invalid', async () => {
+    const useCase = createUseCase()
+
+    const result = await useCase.execute({
+      userUuid: '00000000-0000-0000-0000-000000000000',
+      username: 'username',
+      authenticatorName: '',
+    })
+
+    expect(result.isFailed()).toBe(true)
+    expect(result.getError()).toBe('Could not generate authenticator registration options: Given value is empty: ')
+  })
+
+  it('should return error if registration options are null', async () => {
+    authenticatorClient.generateRegistrationOptions = jest.fn().mockReturnValue(null)
+
+    const useCase = createUseCase()
+
+    const result = await useCase.execute({
+      userUuid: '00000000-0000-0000-0000-000000000000',
+      username: 'username',
+      authenticatorName: 'authenticator',
+    })
+
+    expect(result.isFailed()).toBe(true)
+    expect(result.getError()).toBe('Could not generate authenticator registration options')
+  })
+
+  it('should return error if authenticatorRegistrationPromptFunction throws', async () => {
+    authenticatorRegistrationPromptFunction = jest.fn().mockRejectedValue(new Error('error'))
+
+    const useCase = createUseCase()
+
+    const result = await useCase.execute({
+      userUuid: '00000000-0000-0000-0000-000000000000',
+      username: 'username',
+      authenticatorName: 'authenticator',
+    })
+
+    expect(result.isFailed()).toBe(true)
+    expect(result.getError()).toBe('Could not generate authenticator registration options: error')
+  })
+
+  it('should return error if authenticatorRegistrationPromptFunction throws InvalidStateError', async () => {
+    const error = new Error('error')
+    error.name = 'InvalidStateError'
+    authenticatorRegistrationPromptFunction = jest.fn().mockRejectedValue(error)
+
+    const useCase = createUseCase()
+
+    const result = await useCase.execute({
+      userUuid: '00000000-0000-0000-0000-000000000000',
+      username: 'username',
+      authenticatorName: 'authenticator',
+    })
+
+    expect(result.isFailed()).toBe(true)
+    expect(result.getError()).toBe('Authenticator was probably already registered by user')
+  })
+
+  it('should return error if registration response verification returns false', async () => {
+    authenticatorClient.verifyRegistrationResponse = jest.fn().mockReturnValue(false)
+
+    const useCase = createUseCase()
+
+    const result = await useCase.execute({
+      userUuid: '00000000-0000-0000-0000-000000000000',
+      username: 'username',
+      authenticatorName: 'authenticator',
+    })
+
+    expect(result.isFailed()).toBe(true)
+    expect(result.getError()).toBe('Could not verify authenticator registration response')
+  })
+
+  it('should register an authenticator', async () => {
+    const useCase = createUseCase()
+
+    const result = await useCase.execute({
+      userUuid: '00000000-0000-0000-0000-000000000000',
+      username: 'username',
+      authenticatorName: 'authenticator',
+    })
+
+    expect(result.isFailed()).toBe(false)
+  })
+
+  it('should return error if authenticator registration prompt function is not passed', async () => {
+    const useCase = new AddAuthenticator(authenticatorClient)
+
+    const result = await useCase.execute({
+      userUuid: '00000000-0000-0000-0000-000000000000',
+      username: 'username',
+      authenticatorName: 'authenticator',
+    })
+
+    expect(result.isFailed()).toBe(true)
+    expect(result.getError()).toBe('Could not generate authenticator registration options: No authenticator registration prompt function provided')
+  })
+})
--- a/packages/snjs/lib/Domain/UseCase/AddAuthenticator/AddAuthenticator.ts
+++ b/packages/snjs/lib/Domain/UseCase/AddAuthenticator/AddAuthenticator.ts
@@ -0,0 +1,67 @@
+import { AuthenticatorClientInterface } from '@standardnotes/services'
+import { Result, UseCaseInterface, Username, Uuid, Validator } from '@standardnotes/domain-core'
+
+import { AddAuthenticatorDTO } from './AddAuthenticatorDTO'
+
+export class AddAuthenticator implements UseCaseInterface<void> {
+  constructor(
+    private authenticatorClient: AuthenticatorClientInterface,
+    private authenticatorRegistrationPromptFunction?: (
+      registrationOptions: Record<string, unknown>,
+    ) => Promise<Record<string, unknown>>,
+  ) {}
+
+  async execute(dto: AddAuthenticatorDTO): Promise<Result<void>> {
+    if (!this.authenticatorRegistrationPromptFunction) {
+      return Result.fail(
+        'Could not generate authenticator registration options: No authenticator registration prompt function provided',
+      )
+    }
+
+    const userUuidOrError = Uuid.create(dto.userUuid)
+    if (userUuidOrError.isFailed()) {
+      return Result.fail(`Could not generate authenticator registration options: ${userUuidOrError.getError()}`)
+    }
+    const userUuid = userUuidOrError.getValue()
+
+    const usernameOrError = Username.create(dto.username)
+    if (usernameOrError.isFailed()) {
+      return Result.fail(`Could not generate authenticator registration options: ${usernameOrError.getError()}`)
+    }
+    const username = usernameOrError.getValue()
+
+    const authenticatorNameValidatorResult = Validator.isNotEmpty(dto.authenticatorName)
+    if (authenticatorNameValidatorResult.isFailed()) {
+      return Result.fail(
+        `Could not generate authenticator registration options: ${authenticatorNameValidatorResult.getError()}`,
+      )
+    }
+
+    const registrationOptions = await this.authenticatorClient.generateRegistrationOptions(userUuid, username)
+    if (registrationOptions === null) {
+      return Result.fail('Could not generate authenticator registration options')
+    }
+
+    let authenticatorResponse
+    try {
+      authenticatorResponse = await this.authenticatorRegistrationPromptFunction(registrationOptions)
+    } catch (error) {
+      if ((error as Error).name === 'InvalidStateError') {
+        return Result.fail('Authenticator was probably already registered by user')
+      } else {
+        return Result.fail(`Could not generate authenticator registration options: ${(error as Error).message}`)
+      }
+    }
+
+    const verificationResponse = await this.authenticatorClient.verifyRegistrationResponse(
+      userUuid,
+      dto.authenticatorName,
+      authenticatorResponse,
+    )
+    if (!verificationResponse) {
+      return Result.fail('Could not verify authenticator registration response')
+    }
+
+    return Result.ok()
+  }
+}
--- a/packages/snjs/lib/Domain/UseCase/AddAuthenticator/AddAuthenticatorDTO.ts
+++ b/packages/snjs/lib/Domain/UseCase/AddAuthenticator/AddAuthenticatorDTO.ts
@@ -0,0 +1,5 @@
+export interface AddAuthenticatorDTO {
+  userUuid: string
+  username: string
+  authenticatorName: string
+}
--- a/packages/snjs/lib/Domain/UseCase/DeleteAuthenticator/DeleteAuthenticator.spec.ts
+++ b/packages/snjs/lib/Domain/UseCase/DeleteAuthenticator/DeleteAuthenticator.spec.ts
@@ -0,0 +1,41 @@
+import { AuthenticatorClientInterface } from '@standardnotes/services'
+
+import { DeleteAuthenticator } from './DeleteAuthenticator'
+
+describe('DeleteAuthenticator', () => {
+  let authenticatorClient: AuthenticatorClientInterface
+
+  const createUseCase = () => new DeleteAuthenticator(authenticatorClient)
+
+  beforeEach(() => {
+    authenticatorClient = {} as jest.Mocked<AuthenticatorClientInterface>
+    authenticatorClient.delete = jest.fn().mockReturnValue(true)
+  })
+
+  it('should delete authenticator', async () => {
+    const useCase = createUseCase()
+
+    const result = await useCase.execute({ authenticatorId: '00000000-0000-0000-0000-000000000000' })
+
+    expect(result.isFailed()).toBe(false)
+  })
+
+  it('should fail if authenticator id is invalid', async () => {
+    const useCase = createUseCase()
+
+    const result = await useCase.execute({ authenticatorId: 'invalid' })
+
+    expect(result.isFailed()).toBe(true)
+    expect(result.getError()).toBe('Could not delete authenticator: Given value is not a valid uuid: invalid')
+  })
+
+  it('should fail if authenticator client fails to delete authenticator', async () => {
+    authenticatorClient.delete = jest.fn().mockReturnValue(false)
+    const useCase = createUseCase()
+
+    const result = await useCase.execute({ authenticatorId: '00000000-0000-0000-0000-000000000000' })
+
+    expect(result.isFailed()).toBe(true)
+    expect(result.getError()).toBe('Could not delete authenticator')
+  })
+})
--- a/packages/snjs/lib/Domain/UseCase/DeleteAuthenticator/DeleteAuthenticator.ts
+++ b/packages/snjs/lib/Domain/UseCase/DeleteAuthenticator/DeleteAuthenticator.ts
@@ -0,0 +1,23 @@
+import { AuthenticatorClientInterface } from '@standardnotes/services'
+import { Result, UseCaseInterface, Uuid } from '@standardnotes/domain-core'
+
+import { DeleteAuthenticatorDTO } from './DeleteAuthenticatorDTO'
+
+export class DeleteAuthenticator implements UseCaseInterface<void> {
+  constructor(private authenticatorClient: AuthenticatorClientInterface) {}
+
+  async execute(dto: DeleteAuthenticatorDTO): Promise<Result<void>> {
+    const authenticatorIdOrError = Uuid.create(dto.authenticatorId)
+    if (authenticatorIdOrError.isFailed()) {
+      return Result.fail(`Could not delete authenticator: ${authenticatorIdOrError.getError()}`)
+    }
+    const authenticatorId = authenticatorIdOrError.getValue()
+
+    const result = await this.authenticatorClient.delete(authenticatorId)
+    if (!result) {
+      return Result.fail('Could not delete authenticator')
+    }
+
+    return Result.ok()
+  }
+}
--- a/packages/snjs/lib/Domain/UseCase/DeleteAuthenticator/DeleteAuthenticatorDTO.ts
+++ b/packages/snjs/lib/Domain/UseCase/DeleteAuthenticator/DeleteAuthenticatorDTO.ts
@@ -0,0 +1,3 @@
+export interface DeleteAuthenticatorDTO {
+  authenticatorId: string
+}
--- a/packages/snjs/lib/Domain/UseCase/ListAuthenticators/ListAuthenticators.spec.ts
+++ b/packages/snjs/lib/Domain/UseCase/ListAuthenticators/ListAuthenticators.spec.ts
@@ -0,0 +1,23 @@
+import { AuthenticatorClientInterface } from '@standardnotes/services'
+
+import { ListAuthenticators } from './ListAuthenticators'
+
+describe('ListAuthenticators', () => {
+  let authenticatorClient: AuthenticatorClientInterface
+
+  const createUseCase = () => new ListAuthenticators(authenticatorClient)
+
+  beforeEach(() => {
+    authenticatorClient = {} as jest.Mocked<AuthenticatorClientInterface>
+    authenticatorClient.list = jest.fn().mockReturnValue([{ id: '1-2-3', name: 'My First Key' }])
+  })
+
+  it('should list authenticators', async () => {
+    const useCase = createUseCase()
+
+    const result = await useCase.execute()
+
+    expect(result.isFailed()).toBe(false)
+    expect(result.getValue()).toEqual([{ id: '1-2-3', name: 'My First Key' }])
+  })
+})
--- a/packages/snjs/lib/Domain/UseCase/ListAuthenticators/ListAuthenticators.ts
+++ b/packages/snjs/lib/Domain/UseCase/ListAuthenticators/ListAuthenticators.ts
@@ -0,0 +1,12 @@
+import { AuthenticatorClientInterface } from '@standardnotes/services'
+import { Result, UseCaseInterface } from '@standardnotes/domain-core'
+
+export class ListAuthenticators implements UseCaseInterface<Array<{ id: string; name: string }>> {
+  constructor(private authenticatorClient: AuthenticatorClientInterface) {}
+
+  async execute(): Promise<Result<Array<{ id: string; name: string }>>> {
+    const authenticators = await this.authenticatorClient.list()
+
+    return Result.ok(authenticators)
+  }
+}
--- a/packages/snjs/lib/Domain/UseCase/UseCaseContainerInterface.ts
+++ b/packages/snjs/lib/Domain/UseCase/UseCaseContainerInterface.ts
@@ -3,4 +3,8 @@ import { UseCaseInterface } from '@standardnotes/domain-core'
 export interface UseCaseContainerInterface {
  get signInWithRecoveryCodes(): UseCaseInterface<void>
  get getRecoveryCodes(): UseCaseInterface<string>
+  get addAuthenticator(): UseCaseInterface<void>
+  get listAuthenticators(): UseCaseInterface<Array<{ id: string; name: string }>>
+  get deleteAuthenticator(): UseCaseInterface<void>
+  get verifyAuthenticator(): UseCaseInterface<void>
 }
--- a/packages/snjs/lib/Domain/UseCase/VerifyAuthenticator/VerifyAuthenticator.spec.ts
+++ b/packages/snjs/lib/Domain/UseCase/VerifyAuthenticator/VerifyAuthenticator.spec.ts
@@ -0,0 +1,70 @@
+import { AuthenticatorClientInterface } from '@standardnotes/services'
+
+import { VerifyAuthenticator } from './VerifyAuthenticator'
+
+describe('VerifyAuthenticator', () => {
+  let authenticatorClient: AuthenticatorClientInterface
+  let authenticatorVerificationPromptFunction: (
+    authenticationOptions: Record<string, unknown>,
+  ) => Promise<Record<string, unknown>>
+
+  const createUseCase = () => new VerifyAuthenticator(authenticatorClient, authenticatorVerificationPromptFunction)
+
+  beforeEach(() => {
+    authenticatorClient = {} as jest.Mocked<AuthenticatorClientInterface>
+    authenticatorClient.generateAuthenticationOptions = jest.fn().mockResolvedValue({ foo: 'bar' })
+    authenticatorClient.verifyAuthenticationResponse = jest.fn().mockResolvedValue(true)
+
+    authenticatorVerificationPromptFunction = jest.fn()
+  })
+
+  it('should return an error if authenticator client fails to generate authentication options', async () => {
+    authenticatorClient.generateAuthenticationOptions = jest.fn().mockResolvedValue(null)
+
+    const result = await createUseCase().execute({ userUuid: '00000000-0000-0000-0000-000000000000' })
+
+    expect(result.isFailed()).toBe(true)
+    expect(result.getError()).toBe('Could not generate authenticator authentication options')
+  })
+
+  it('should return an error if authenticator verification prompt function fails', async () => {
+    authenticatorVerificationPromptFunction = jest.fn().mockRejectedValue(new Error('error'))
+
+    const result = await createUseCase().execute({ userUuid: '00000000-0000-0000-0000-000000000000' })
+
+    expect(result.isFailed()).toBe(true)
+    expect(result.getError()).toBe('Could not generate authenticator authentication options: error')
+  })
+
+  it('should return an error if authenticator client fails to verify authentication response', async () => {
+    authenticatorClient.verifyAuthenticationResponse = jest.fn().mockResolvedValue(false)
+
+    const result = await createUseCase().execute({ userUuid: '00000000-0000-0000-0000-000000000000' })
+
+    expect(result.isFailed()).toBe(true)
+    expect(result.getError()).toBe('Could not generate authenticator authentication options')
+  })
+
+  it('should return ok if authenticator client succeeds to verify authentication response', async () => {
+    const result = await createUseCase().execute({ userUuid: '00000000-0000-0000-0000-000000000000' })
+
+    expect(result.isFailed()).toBe(false)
+  })
+
+  it('should return an error if user uuid is invalid', async () => {
+    const result = await createUseCase().execute({ userUuid: 'invalid' })
+
+    expect(result.isFailed()).toBe(true)
+  })
+
+  it('should return error if authenticatorVerificationPromptFunction is not provided', async () => {
+    const result = await new VerifyAuthenticator(authenticatorClient).execute({
+      userUuid: '00000000-0000-0000-0000-000000000000',
+    })
+
+    expect(result.isFailed()).toBe(true)
+    expect(result.getError()).toBe(
+      'Could not generate authenticator authentication options: No authenticator verification prompt function provided',
+    )
+  })
+})
--- a/packages/snjs/lib/Domain/UseCase/VerifyAuthenticator/VerifyAuthenticator.ts
+++ b/packages/snjs/lib/Domain/UseCase/VerifyAuthenticator/VerifyAuthenticator.ts
@@ -0,0 +1,49 @@
+import { AuthenticatorClientInterface } from '@standardnotes/services'
+import { Result, UseCaseInterface, Uuid } from '@standardnotes/domain-core'
+
+import { VerifyAuthenticatorDTO } from './VerifyAuthenticatorDTO'
+
+export class VerifyAuthenticator implements UseCaseInterface<void> {
+  constructor(
+    private authenticatorClient: AuthenticatorClientInterface,
+    private authenticatorVerificationPromptFunction?: (
+      authenticationOptions: Record<string, unknown>,
+    ) => Promise<Record<string, unknown>>,
+  ) {}
+
+  async execute(dto: VerifyAuthenticatorDTO): Promise<Result<void>> {
+    if (!this.authenticatorVerificationPromptFunction) {
+      return Result.fail(
+        'Could not generate authenticator authentication options: No authenticator verification prompt function provided',
+      )
+    }
+
+    const userUuidOrError = Uuid.create(dto.userUuid)
+    if (userUuidOrError.isFailed()) {
+      return Result.fail(`Could not generate authenticator authentication options: ${userUuidOrError.getError()}`)
+    }
+    const userUuid = userUuidOrError.getValue()
+
+    const authenticationOptions = await this.authenticatorClient.generateAuthenticationOptions()
+    if (authenticationOptions === null) {
+      return Result.fail('Could not generate authenticator authentication options')
+    }
+
+    let authenticatorResponse
+    try {
+      authenticatorResponse = await this.authenticatorVerificationPromptFunction(authenticationOptions)
+    } catch (error) {
+      return Result.fail(`Could not generate authenticator authentication options: ${(error as Error).message}`)
+    }
+
+    const verificationResponse = await this.authenticatorClient.verifyAuthenticationResponse(
+      userUuid,
+      authenticatorResponse,
+    )
+    if (!verificationResponse) {
+      return Result.fail('Could not generate authenticator authentication options')
+    }
+
+    return Result.ok()
+  }
+}
--- a/packages/snjs/lib/Domain/UseCase/VerifyAuthenticator/VerifyAuthenticatorDTO.ts
+++ b/packages/snjs/lib/Domain/UseCase/VerifyAuthenticator/VerifyAuthenticatorDTO.ts
@@ -0,0 +1,3 @@
+export interface VerifyAuthenticatorDTO {
+  userUuid: string
+}