diff --git a/tests/conftest.py b/tests/conftest.py index 761a684..14b76f9 100644 --- a/tests/conftest.py +++ b/tests/conftest.py @@ -24,6 +24,27 @@ def pytest_addoption(parser): parser.addoption("--nfc", action="store_true") parser.addoption("--experimental", action="store_true") parser.addoption("--vendor", default="none") + parser.addoption("--non-interactive", action="store_true", + help="Skip tests that require user presence (button press) or power cycling") + parser.addoption("--no-ctap1", action="store_true", + help="Skip CTAP1/U2F tests") + + +def pytest_configure(config): + config.addinivalue_line( + "markers", "interactive: test requires user presence or power cycling" + ) + config.addinivalue_line( + "markers", "ctap1: test requires CTAP1/U2F support" + ) + + +def pytest_collection_modifyitems(config, items): + for item in items: + if config.getoption("--non-interactive") and "interactive" in item.keywords: + item.add_marker(pytest.mark.skip(reason="skipped in non-interactive mode")) + if config.getoption("--no-ctap1") and "ctap1" in item.keywords: + item.add_marker(pytest.mark.skip(reason="skipped: CTAP1/U2F not supported")) @pytest.fixture() diff --git a/tests/standard/fido2/test_ctap1_interop.py b/tests/standard/fido2/test_ctap1_interop.py index b737d09..93ae6d2 100644 --- a/tests/standard/fido2/test_ctap1_interop.py +++ b/tests/standard/fido2/test_ctap1_interop.py @@ -7,6 +7,7 @@ # Test U2F register works with FIDO2 auth +@pytest.mark.ctap1 class TestCtap1WithCtap2(object): def test_ctap1_register(self, RegRes): RegRes.verify(RegRes.request.appid, RegRes.request.challenge) @@ -29,6 +30,7 @@ def test_authenticate_ctap1_through_ctap2(self, device, RegRes): # Test FIDO2 register works with U2F auth +@pytest.mark.ctap1 class TestCtap2WithCtap1(object): def test_ctap1_authenticate(self, MCRes, device): req = FidoRequest() diff --git a/tests/standard/fido2/test_make_credential.py b/tests/standard/fido2/test_make_credential.py index a215d55..899e80d 100644 --- a/tests/standard/fido2/test_make_credential.py +++ b/tests/standard/fido2/test_make_credential.py @@ -103,6 +103,7 @@ def test_bad_type_rp_id(self, device, MCRes): with pytest.raises(CtapError) as e: device.sendMC(*req.toMC()) + @pytest.mark.xfail(reason="Known issue: firmware does not validate rp.icon type") def test_bad_type_rp_icon(self, device, MCRes): req = FidoRequest(MCRes, rp={"id": "test.org", "name": "name", "icon": 8}) diff --git a/tests/standard/fido2/user_presence/test_user_presence.py b/tests/standard/fido2/user_presence/test_user_presence.py index c9904b2..d8f2726 100644 --- a/tests/standard/fido2/user_presence/test_user_presence.py +++ b/tests/standard/fido2/user_presence/test_user_presence.py @@ -27,6 +27,7 @@ def test_user_presence(self, device, GARes): print("ACTIVATE UP ONCE") device.sendGA(*FidoRequest(GARes).toGA()) + @pytest.mark.interactive def test_no_user_presence(self, device, MCRes, GARes): print("DO NOT ACTIVATE UP") with pytest.raises(CtapError) as e: @@ -71,6 +72,7 @@ def test_user_presence_option_false_on_make_credential(self, device, MCRes): ) assert e.value.code == CtapError.ERR.INVALID_OPTION + @pytest.mark.interactive def test_user_presence_permits_only_one_request(self, device, MCRes, GARes): print("ACTIVATE UP ONCE") device.sendGA(*FidoRequest(GARes).toGA()) diff --git a/tests/standard/transport/test_hid.py b/tests/standard/transport/test_hid.py index c79c933..693ba15 100644 --- a/tests/standard/transport/test_hid.py +++ b/tests/standard/transport/test_hid.py @@ -222,6 +222,7 @@ def test_cid_ffffffff(self, device): assert r[0] == CtapError.ERR.INVALID_CHANNEL device.set_cid("\x05\x04\x03\x02") + @pytest.mark.interactive def test_keep_alive(self, device, check_timeouts=False): precanned_make_credential = unhexlify( diff --git a/tests/standard/u2f/test_u2f.py b/tests/standard/u2f/test_u2f.py index d028bfa..13f8ddc 100644 --- a/tests/standard/u2f/test_u2f.py +++ b/tests/standard/u2f/test_u2f.py @@ -6,6 +6,7 @@ from tests.utils import FidoRequest, verify +@pytest.mark.ctap1 class TestU2F(object): def test_u2f_reg(self, device, RegRes): RegRes.verify(RegRes.request.appid, RegRes.request.challenge)