Skip to content

Files

Latest commit

1e49bfc · Mar 14, 2023

History

History

OneTimePassword

One-time password technical profile

This folder contains unit tests for the One-time password technical profile. For more information, check out the Define an One-time password technical profile in an Azure AD B2C custom policy article.

Generate an OTP

The unit test generates and presents an OTP.

To test this policy:

  1. Run the B2C_1A_TP_OneTimePassword policy.
  2. Type an email address. This can be a fake one. Then select Send verification code.
  3. Type any value and select Verify, then select Continue.
  4. The OTP code should be presented for you.

live demo Live demo   Quick deploy Quick deploy   policy Policy   documentation Documentation

Number of code generation attempts

The unit test checks the limits the number of code generation attempts metadata. The NumCodeGenerationAttempts metadata is per identifier. For example, if the identifier is the user's email address, you can send up to 3 email. But, it the user types another email, there will be other 3 attempts.

To test this policy:

  1. Run the B2C_1A_TP_OneTimePassword_NumCodeGenerationAttempts policy.
  2. Type an email address. This can be a fake one. Then select Send verification code.
  3. Select Send new code three times and an error message will return.
  4. Repeat the steps above with another email. This time you get another three attempts.

The unit test defines the following components:

  • ExperimentalSetupTechnicalProfile - Self-asserted technical profile where you provide the email address.
  • ExperimentalTechnicalProfile-GenerateCode - Generates code, but doesn't send it.
  • ExperimentalTechnicalProfile-VerifyCode - Validates the code. Since this policy doesn't send the code, you can check any value to test the maximum number of attempts.

live demo Live demo   Quick deploy Quick deploy   policy Policy   documentation Documentation