Enforce that cookie_refresh < cookie_expire

2015-05-09 17:16:19 -04:00 · 2015-05-09 17:16:19 -04:00 · 41b21dd0b1
commit 41b21dd0b1
parent 8ec967ac32
2 changed files with 21 additions and 0 deletions
--- a/options.go
+++ b/options.go
@ -137,6 +137,14 @@ func (o *Options) Validate() error {
 		}
 	}

+	if o.CookieRefresh >= o.CookieExpire {
+		msgs = append(msgs, fmt.Sprintf(
+			"cookie_refresh (%s) must be less than "+
+				"cookie_expire (%s)",
+			o.CookieRefresh.String(),
+			o.CookieExpire.String()))
+	}
+
 	if len(msgs) != 0 {
 		return fmt.Errorf("Invalid configuration:\n  %s",
 			strings.Join(msgs, "\n  "))
--- a/options_test.go
+++ b/options_test.go
@ -4,6 +4,7 @@ import (
 	"net/url"
 	"strings"
 	"testing"
+	"time"

 	"github.com/bmizerany/assert"
 )
@ -125,3 +126,15 @@ func TestPassAccessTokenRequiresSpecificCookieSecretLengths(t *testing.T) {
 	o.CookieSecret = "32 byte secret for AES-256------"
 	assert.Equal(t, nil, o.Validate())
 }
+
+func TestCookieRefreshMustBeLessThanCookieExpire(t *testing.T) {
+	o := testOptions()
+	assert.Equal(t, nil, o.Validate())
+
+	o.CookieSecret = "0123456789abcdef"
+	o.CookieRefresh = o.CookieExpire
+	assert.NotEqual(t, nil, o.Validate())
+
+	o.CookieRefresh -= time.Duration(1)
+	assert.Equal(t, nil, o.Validate())
+}