Add tests for challenge generation

3 files changed, 33 insertions, 5 deletions

diff --git a/packages/server/src/assertion/generateAssertionOptions.test.ts b/packages/server/src/assertion/generateAssertionOptions.test.ts
index 2567b48..f689445 100644
--- a/packages/server/src/assertion/generateAssertionOptions.test.ts
+++ b/packages/server/src/assertion/generateAssertionOptions.test.ts
@@ -1,4 +1,4 @@
-import base64url from 'base64url';
+jest.mock('../helpers/generateChallenge');
 
 import generateAssertionOptions from './generateAssertionOptions';
 
@@ -12,7 +12,8 @@ test('should generate credential request options suitable for sending via JSON',
   });
 
   expect(options).toEqual({
-    challenge: base64url.encode(challenge),
+    // base64url-encoded
+    challenge: 'dG90YWxseXJhbmRvbXZhbHVl',
     allowCredentials: [
       {
         id: 'MTIzNA==',
@@ -61,6 +62,16 @@ test('should set extensions if specified', () => {
   });
 });
 
+test('should generate a challenge if one is not provided', () => {
+  const opts = { ...goodOpts1 };
+  delete opts.challenge;
+
+  const options = generateAssertionOptions(opts);
+
+  // base64url-encoded 16-byte buffer from mocked `generateChallenge()`
+  expect(options.challenge).toEqual('AQIDBAUGBwgJCgsMDQ4PEA');
+});
+
 const goodOpts1 = {
   challenge: 'totallyrandomvalue',
   allowedCredentialIDs: [
diff --git a/packages/server/src/attestation/generateAttestationOptions.test.ts b/packages/server/src/attestation/generateAttestationOptions.test.ts
index 1d6da5f..6c95ad2 100644
--- a/packages/server/src/attestation/generateAttestationOptions.test.ts
+++ b/packages/server/src/attestation/generateAttestationOptions.test.ts
@@ -1,5 +1,6 @@
+jest.mock('../helpers/generateChallenge');
+
 import generateAttestationOptions from './generateAttestationOptions';
-import base64url from 'base64url';
 
 test('should generate credential request options suitable for sending via JSON', () => {
   const serviceName = 'SimpleWebAuthn';
@@ -21,7 +22,8 @@ test('should generate credential request options suitable for sending via JSON',
   });
 
   expect(options).toEqual({
-    challenge: base64url.encode(challenge),
+    // Challenge, base64url-encoded
+    challenge: 'dG90YWxseXJhbmRvbXZhbHVl',
     rp: {
       name: serviceName,
       id: rpID,
@@ -52,7 +54,7 @@ test('should map excluded credential IDs if specified', () => {
   const options = generateAttestationOptions({
     serviceName: 'SimpleWebAuthn',
     rpID: 'not.real',
-    challenge: base64url.encode('totallyrandomvalue'),
+    challenge: 'totallyrandomvalue',
     userID: '1234',
     userName: 'usernameHere',
     excludedCredentialIDs: ['someIDhere'],
@@ -126,3 +128,15 @@ test('should set extensions if specified', () => {
     appid: 'simplewebauthn',
   });
 });
+
+test('should generate a challenge if one is not provided', () => {
+  const options = generateAttestationOptions({
+    rpID: 'not.real',
+    serviceName: 'SimpleWebAuthn',
+    userID: '1234',
+    userName: 'usernameHere',
+  });
+
+  // base64url-encoded 16-byte buffer from mocked `generateChallenge()`
+  expect(options.challenge).toEqual('AQIDBAUGBwgJCgsMDQ4PEA');
+});
diff --git a/packages/server/src/helpers/__mocks__/generateChallenge.ts b/packages/server/src/helpers/__mocks__/generateChallenge.ts
new file mode 100644
index 0000000..04cfd6d
--- /dev/null
+++ b/packages/server/src/helpers/__mocks__/generateChallenge.ts
@@ -0,0 +1,3 @@
+export default function generateChallenge(): Buffer {
+  return Buffer.from([1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16]);
+}