Enforce that cookie_refresh < cookie_expire
This commit is contained in:
parent
8ec967ac32
commit
41b21dd0b1
@ -137,6 +137,14 @@ func (o *Options) Validate() error {
|
||||
}
|
||||
}
|
||||
|
||||
if o.CookieRefresh >= o.CookieExpire {
|
||||
msgs = append(msgs, fmt.Sprintf(
|
||||
"cookie_refresh (%s) must be less than "+
|
||||
"cookie_expire (%s)",
|
||||
o.CookieRefresh.String(),
|
||||
o.CookieExpire.String()))
|
||||
}
|
||||
|
||||
if len(msgs) != 0 {
|
||||
return fmt.Errorf("Invalid configuration:\n %s",
|
||||
strings.Join(msgs, "\n "))
|
||||
|
@ -4,6 +4,7 @@ import (
|
||||
"net/url"
|
||||
"strings"
|
||||
"testing"
|
||||
"time"
|
||||
|
||||
"github.com/bmizerany/assert"
|
||||
)
|
||||
@ -125,3 +126,15 @@ func TestPassAccessTokenRequiresSpecificCookieSecretLengths(t *testing.T) {
|
||||
o.CookieSecret = "32 byte secret for AES-256------"
|
||||
assert.Equal(t, nil, o.Validate())
|
||||
}
|
||||
|
||||
func TestCookieRefreshMustBeLessThanCookieExpire(t *testing.T) {
|
||||
o := testOptions()
|
||||
assert.Equal(t, nil, o.Validate())
|
||||
|
||||
o.CookieSecret = "0123456789abcdef"
|
||||
o.CookieRefresh = o.CookieExpire
|
||||
assert.NotEqual(t, nil, o.Validate())
|
||||
|
||||
o.CookieRefresh -= time.Duration(1)
|
||||
assert.Equal(t, nil, o.Validate())
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user