From f3192742ec0b3e99155622ef505c55c260b3bdb0 Mon Sep 17 00:00:00 2001 From: Bryan Newbold Date: Tue, 9 Apr 2019 11:42:35 -0700 Subject: rust: fix macaroon expiry check There were two bugs with this code: the expiry timestamps were getting enclosed in double-quotes (which caused parse bugs), and the actual caveat check itself was backwards (expires < now instead of expires > now). An underlying issue was that these caveats weren't actually getting checked in the tests. Should fix a bug where users don't get auth'd correctly when logging in via mechanisms other than tokens. --- rust/tests/test_auth.rs | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'rust/tests/test_auth.rs') diff --git a/rust/tests/test_auth.rs b/rust/tests/test_auth.rs index c0d81753..2faf78ec 100644 --- a/rust/tests/test_auth.rs +++ b/rust/tests/test_auth.rs @@ -34,6 +34,13 @@ fn test_auth_db() { let editor_row = c.parse_macaroon_token(&conn, &token, None).unwrap(); assert_eq!(editor_row.id, editor_id.to_uuid()); + // create token w/ expiration + let token = c.create_token(editor_id, Some(chrono::Duration::days(1))).unwrap(); + + // verify token w/ expiration + let editor_row = c.parse_macaroon_token(&conn, &token, None).unwrap(); + assert_eq!(editor_row.id, editor_id.to_uuid()); + // revoke token auth::revoke_tokens(&conn, editor_id).unwrap(); -- cgit v1.2.3