1
0
mirror of https://github.com/kremalicious/metamask-extension.git synced 2024-11-26 12:29:06 +01:00
metamask-extension/test/e2e/tests/security-provider.spec.js
Dhruv 07abc53cce
fix/BannerBase to TS (#20421)
* BannerBase to TS

* snapshot updates

* more snapshot updates

* addressing type definition error

* updating eth-sign-modal snapshot

* Updates to stories, types and adding data-testid

* Updating snapshots

* updating snapshot of blockaid-banner-alert and adding unit test for childrenWrapperProps

* BannerBase updates to stories, adding locale for close button, removing static data-testid in favor of using it at the instance, updating snapshots associated with those changes

* Removing incorrect arg from storybook file

* Updating html element in security provider e2e test to match BannerBase. Also updating snapshot of ConfirmTransaction page

* Fixing e2e tests

---------

Co-authored-by: georgewrmarshall <george.marshall@consensys.net>
2023-08-18 14:52:40 -07:00

236 lines
7.1 KiB
JavaScript
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

const { strict: assert } = require('assert');
const { convertToHexValue, withFixtures, openDapp } = require('../helpers');
const FixtureBuilder = require('../fixture-builder');
const OPENSEA_URL =
'https://proxy.metafi.codefi.network/opensea/security/v1/validate';
/**
* @param {import('mockttp').Mockttp} mockServer - The mock server.
*/
describe('Transaction security provider', function () {
let windowHandles;
async function mockSecurityProviderDetection(mockServer, scenario) {
switch (scenario) {
case 'notMalicious':
await mockServer.forPost(OPENSEA_URL).thenCallback(() => {
return {
statusCode: 200,
json: {
flagAsDangerous: 0,
},
};
});
break;
case 'malicious':
await mockServer.forPost(OPENSEA_URL).thenCallback(() => {
return {
statusCode: 200,
json: {
flagAsDangerous: 1,
reason:
'If you sign this request, you may lose all of your assets for good',
reason_header: 'This could be a scam',
},
};
});
break;
case 'notSafe':
await mockServer.forPost(OPENSEA_URL).thenCallback(() => {
return {
statusCode: 200,
json: {
flagAsDangerous: 2,
reason:
'The security provider didnt detect any known malicious activity, but it still may not be safe to continue.',
reason_header: 'Request may not be safe',
},
};
});
break;
case 'requestNotVerified':
await mockServer.forPost(OPENSEA_URL).thenCallback(() => {
return {
statusCode: 500,
json: {},
};
});
break;
default:
throw new Error(`Unknown scenario: ${scenario}`);
}
}
const ganacheOptions = {
accounts: [
{
secretKey:
'0x7C9529A67102755B7E6102D6D950AC5D5863C98713805CEC576B945B15B71EAC',
balance: convertToHexValue(25000000000000000000),
},
],
};
it('Should return malicious response', async function () {
await withFixtures(
{
fixtures: new FixtureBuilder()
.withPreferencesController({
transactionSecurityCheckEnabled: true,
})
.withPermissionControllerConnectedToTestDapp()
.build(),
ganacheOptions,
title: this.test.title,
testSpecificMock: async (mockServer) =>
await mockSecurityProviderDetection(mockServer, 'malicious'),
dapp: true,
failOnConsoleError: false,
},
async ({ driver }) => {
await driver.navigate();
await driver.fill('#password', 'correct horse battery staple');
await driver.press('#password', driver.Key.ENTER);
await openDapp(driver);
windowHandles = await driver.getAllWindowHandles();
await driver.clickElement('#personalSign');
await driver.waitUntilXWindowHandles(3);
await driver.switchToWindowWithTitle(
'MetaMask Notification',
windowHandles,
);
const warningHeader = await driver.isElementPresent({
text: 'This could be a scam',
tag: 'p',
});
assert.equal(warningHeader, true);
},
);
});
it('Should return not safe response', async function () {
await withFixtures(
{
fixtures: new FixtureBuilder()
.withPreferencesController({
transactionSecurityCheckEnabled: true,
})
.withPermissionControllerConnectedToTestDapp()
.build(),
ganacheOptions,
title: this.test.title,
testSpecificMock: async (mockServer) =>
await mockSecurityProviderDetection(mockServer, 'notSafe'),
dapp: true,
failOnConsoleError: false,
},
async ({ driver }) => {
await driver.navigate();
await driver.fill('#password', 'correct horse battery staple');
await driver.press('#password', driver.Key.ENTER);
await openDapp(driver);
windowHandles = await driver.getAllWindowHandles();
await driver.clickElement('#signTypedData');
await driver.waitUntilXWindowHandles(3);
await driver.switchToWindowWithTitle(
'MetaMask Notification',
windowHandles,
);
const warningHeader = await driver.isElementPresent({
text: 'Request may not be safe',
tag: 'p',
});
assert.equal(warningHeader, true);
},
);
});
it('Should return not malicious response', async function () {
await withFixtures(
{
fixtures: new FixtureBuilder()
.withPreferencesController({
transactionSecurityCheckEnabled: true,
})
.withPermissionControllerConnectedToTestDapp()
.build(),
ganacheOptions,
title: this.test.title,
testSpecificMock: async (mockServer) =>
await mockSecurityProviderDetection(mockServer, 'notMalicious'),
dapp: true,
failOnConsoleError: false,
},
async ({ driver }) => {
await driver.navigate();
await driver.fill('#password', 'correct horse battery staple');
await driver.press('#password', driver.Key.ENTER);
await openDapp(driver);
windowHandles = await driver.getAllWindowHandles();
await driver.clickElement('#siwe');
await driver.waitUntilXWindowHandles(3);
await driver.switchToWindowWithTitle(
'MetaMask Notification',
windowHandles,
);
const warningHeader = await driver.isElementPresent({
text: 'Request may not be safe',
tag: 'p',
});
assert.equal(warningHeader, false);
},
);
});
it('Should return request not verified response', async function () {
await withFixtures(
{
fixtures: new FixtureBuilder()
.withPreferencesController({
transactionSecurityCheckEnabled: true,
})
.withPermissionControllerConnectedToTestDapp()
.build(),
ganacheOptions,
title: this.test.title,
testSpecificMock: async (mockServer) =>
await mockSecurityProviderDetection(mockServer, 'requestNotVerified'),
dapp: true,
failOnConsoleError: false,
},
async ({ driver }) => {
await driver.navigate();
await driver.fill('#password', 'correct horse battery staple');
await driver.press('#password', driver.Key.ENTER);
await openDapp(driver);
windowHandles = await driver.getAllWindowHandles();
await driver.clickElement('#signTypedDataV4');
await driver.waitUntilXWindowHandles(3);
await driver.switchToWindowWithTitle(
'MetaMask Notification',
windowHandles,
);
const warningHeader = await driver.isElementPresent({
text: 'Request not verified',
tag: 'p',
});
assert.equal(warningHeader, true);
},
);
});
});