diff --git a/app/controllers/two_factor_authentication/webauthn_verification_controller.rb b/app/controllers/two_factor_authentication/webauthn_verification_controller.rb index 01d87c985d6..e7e4b4f66ec 100644 --- a/app/controllers/two_factor_authentication/webauthn_verification_controller.rb +++ b/app/controllers/two_factor_authentication/webauthn_verification_controller.rb @@ -56,18 +56,14 @@ def handle_valid_webauthn def handle_invalid_webauthn is_platform_auth = params[:platform].to_s == 'true' if is_platform_auth - if presenter_for_two_factor_authentication_method.multiple_factors_enabled? - flash[:error] = t( - 'two_factor_authentication.webauthn_error.multiple_methods', - link: view_context.link_to( - t('two_factor_authentication.webauthn_error.additional_methods_link'), - login_two_factor_options_path, - ), - ) - redirect_to login_two_factor_webauthn_url(platform: params[:platform]) - else - redirect_to login_two_factor_webauthn_error_url - end + flash[:error] = t( + 'two_factor_authentication.webauthn_error.multiple_methods', + link: view_context.link_to( + t('two_factor_authentication.webauthn_error.additional_methods_link'), + login_two_factor_options_path, + ), + ) + redirect_to login_two_factor_webauthn_url(platform: 'true') else flash[:error] = t('errors.general') redirect_to login_two_factor_webauthn_url diff --git a/spec/controllers/two_factor_authentication/webauthn_verification_controller_spec.rb b/spec/controllers/two_factor_authentication/webauthn_verification_controller_spec.rb index 9109b47b4e5..9e56273bd80 100644 --- a/spec/controllers/two_factor_authentication/webauthn_verification_controller_spec.rb +++ b/spec/controllers/two_factor_authentication/webauthn_verification_controller_spec.rb @@ -181,65 +181,50 @@ controller.user_session[:webauthn_challenge] = webauthn_challenge end - context 'User has multiple MFA options' do - let(:view_context) { ActionController::Base.new.view_context } - before do - allow_any_instance_of(TwoFactorAuthCode::WebauthnAuthenticationPresenter). - to receive(:multiple_factors_enabled?). - and_return(true) - create( - :webauthn_configuration, - :platform_authenticator, - user: controller.current_user, - credential_id: credential_id, - credential_public_key: credential_public_key, - ) - end - - it 'redirects to webauthn show page' do - patch :confirm, params: params - expect(response).to redirect_to login_two_factor_webauthn_url(platform: true) - expect(subject.user_session[:auth_method]).to eq nil - expect(subject.user_session[TwoFactorAuthenticatable::NEED_AUTHENTICATION]).to eq true - end - - it 'displays flash error message' do - patch :confirm, params: params - expect(flash[:error]).to eq t( - 'two_factor_authentication.webauthn_error.multiple_methods', - link: view_context.link_to( - t('two_factor_authentication.webauthn_error.additional_methods_link'), - login_two_factor_options_path, - ), - ) - end - - it 'logs an event with error details' do - expect(@analytics).to receive(:track_mfa_submit_event).with( - hash_including( - success: false, - error_details: { webauthn_error: [webauthn_error] }, - context: UserSessionContext::AUTHENTICATION_CONTEXT, - multi_factor_auth_method: 'webauthn_platform', - webauthn_configuration_id: controller.current_user.webauthn_configurations.first.id, - ), - ) - - patch :confirm, params: params - end + let(:view_context) { ActionController::Base.new.view_context } + before do + allow_any_instance_of(TwoFactorAuthCode::WebauthnAuthenticationPresenter). + to receive(:multiple_factors_enabled?). + and_return(true) + create( + :webauthn_configuration, + user: controller.current_user, + credential_id: credential_id, + credential_public_key: credential_public_key, + platform_authenticator: true, + ) + end + + it 'redirects to webauthn show page' do + patch :confirm, params: params + expect(response).to redirect_to login_two_factor_webauthn_url(platform: true) + expect(subject.user_session[:auth_method]).to eq nil + expect(subject.user_session[TwoFactorAuthenticatable::NEED_AUTHENTICATION]).to eq true end - context 'User only has webauthn as an MFA method' do - before do - allow_any_instance_of(TwoFactorAuthCode::WebauthnAuthenticationPresenter). - to receive(:multiple_factors_enabled?). - and_return(false) - end - - it 'redirects to webauthn error page ' do - patch :confirm, params: params - expect(response).to redirect_to login_two_factor_webauthn_error_url - end + it 'displays flash error message' do + patch :confirm, params: params + expect(flash[:error]).to eq t( + 'two_factor_authentication.webauthn_error.multiple_methods', + link: view_context.link_to( + t('two_factor_authentication.webauthn_error.additional_methods_link'), + login_two_factor_options_path, + ), + ) + end + + it 'logs an event with error details' do + expect(@analytics).to receive(:track_mfa_submit_event).with( + hash_including( + success: false, + error_details: { webauthn_error: [webauthn_error] }, + context: UserSessionContext::AUTHENTICATION_CONTEXT, + multi_factor_auth_method: 'webauthn_platform', + webauthn_configuration_id: controller.current_user.webauthn_configurations.first.id, + ), + ) + + patch :confirm, params: params end end end