Calculate cookie expiration from encoded timestamp

Found out the hard way that _incoming_ cookies do _not_ have their expiration
timestamps encoded. To perform auto-refresh based on expiration time, we have
to recalculate it from the time encoded in the cookie value.
This commit is contained in:
Mike Bland 2015-05-10 00:11:26 -04:00
parent 41b21dd0b1
commit 37f287bef4
2 changed files with 21 additions and 5 deletions

View File

@ -300,8 +300,9 @@ func (p *OauthProxy) ProcessCookie(rw http.ResponseWriter, req *http.Request) (e
log.Printf(err.Error()) log.Printf(err.Error())
ok = false ok = false
} else if p.CookieRefresh != time.Duration(0) { } else if p.CookieRefresh != time.Duration(0) {
expires := timestamp.Add(p.CookieExpire)
refresh_threshold := time.Now().Add(p.CookieRefresh) refresh_threshold := time.Now().Add(p.CookieRefresh)
if refresh_threshold.Unix() > timestamp.Unix() { if refresh_threshold.Unix() > expires.Unix() {
ok = p.Validator(email) && p.ValidateToken(access_token) ok = p.Validator(email) && p.ValidateToken(access_token)
if ok { if ok {
p.SetCookie(rw, req, value) p.SetCookie(rw, req, value)

View File

@ -492,8 +492,8 @@ func TestProcessCookieRefreshNotSet(t *testing.T) {
pc_test.InstantiateBackend() pc_test.InstantiateBackend()
defer pc_test.Close() defer pc_test.Close()
pc_test.proxy.CookieExpire = time.Duration(23) * time.Hour
cookie := pc_test.MakeCookie("michael.bland@gsa.gov", "") cookie := pc_test.MakeCookie("michael.bland@gsa.gov", "")
cookie.Expires = time.Now().Add(time.Duration(23) * time.Hour)
pc_test.req.AddCookie(cookie) pc_test.req.AddCookie(cookie)
_, _, _, ok := pc_test.ProcessCookie() _, _, _, ok := pc_test.ProcessCookie()
@ -506,8 +506,8 @@ func TestProcessCookieRefresh(t *testing.T) {
pc_test.InstantiateBackend() pc_test.InstantiateBackend()
defer pc_test.Close() defer pc_test.Close()
pc_test.proxy.CookieExpire = time.Duration(23) * time.Hour
cookie := pc_test.MakeCookie("michael.bland@gsa.gov", "my_access_token") cookie := pc_test.MakeCookie("michael.bland@gsa.gov", "my_access_token")
cookie.Expires = time.Now().Add(time.Duration(23) * time.Hour)
pc_test.req.AddCookie(cookie) pc_test.req.AddCookie(cookie)
pc_test.proxy.CookieRefresh = time.Duration(24) * time.Hour pc_test.proxy.CookieRefresh = time.Duration(24) * time.Hour
@ -516,14 +516,29 @@ func TestProcessCookieRefresh(t *testing.T) {
assert.NotEqual(t, []string(nil), pc_test.rw.HeaderMap["Set-Cookie"]) assert.NotEqual(t, []string(nil), pc_test.rw.HeaderMap["Set-Cookie"])
} }
func TestProcessCookieRefreshThresholdNotCrossed(t *testing.T) {
pc_test := NewProcessCookieTest()
pc_test.InstantiateBackend()
defer pc_test.Close()
pc_test.proxy.CookieExpire = time.Duration(25) * time.Hour
cookie := pc_test.MakeCookie("michael.bland@gsa.gov", "my_access_token")
pc_test.req.AddCookie(cookie)
pc_test.proxy.CookieRefresh = time.Duration(24) * time.Hour
_, _, _, ok := pc_test.ProcessCookie()
assert.Equal(t, true, ok)
assert.Equal(t, []string(nil), pc_test.rw.HeaderMap["Set-Cookie"])
}
func TestProcessCookieFailIfRefreshSetAndTokenNoLongerValid(t *testing.T) { func TestProcessCookieFailIfRefreshSetAndTokenNoLongerValid(t *testing.T) {
pc_test := NewProcessCookieTest() pc_test := NewProcessCookieTest()
pc_test.InstantiateBackend() pc_test.InstantiateBackend()
defer pc_test.Close() defer pc_test.Close()
pc_test.response_code = 401 pc_test.response_code = 401
pc_test.proxy.CookieExpire = time.Duration(23) * time.Hour
cookie := pc_test.MakeCookie("michael.bland@gsa.gov", "my_access_token") cookie := pc_test.MakeCookie("michael.bland@gsa.gov", "my_access_token")
cookie.Expires = time.Now().Add(time.Duration(23) * time.Hour)
pc_test.req.AddCookie(cookie) pc_test.req.AddCookie(cookie)
pc_test.proxy.CookieRefresh = time.Duration(24) * time.Hour pc_test.proxy.CookieRefresh = time.Duration(24) * time.Hour
@ -538,8 +553,8 @@ func TestProcessCookieFailIfRefreshSetAndUserNoLongerValid(t *testing.T) {
defer pc_test.Close() defer pc_test.Close()
pc_test.validate_user = false pc_test.validate_user = false
pc_test.proxy.CookieExpire = time.Duration(23) * time.Hour
cookie := pc_test.MakeCookie("michael.bland@gsa.gov", "my_access_token") cookie := pc_test.MakeCookie("michael.bland@gsa.gov", "my_access_token")
cookie.Expires = time.Now().Add(time.Duration(23) * time.Hour)
pc_test.req.AddCookie(cookie) pc_test.req.AddCookie(cookie)
pc_test.proxy.CookieRefresh = time.Duration(24) * time.Hour pc_test.proxy.CookieRefresh = time.Duration(24) * time.Hour