Enforce that cookie_refresh < cookie_expire

This commit is contained in:
Mike Bland 2015-05-09 17:16:19 -04:00
parent 8ec967ac32
commit 41b21dd0b1
2 changed files with 21 additions and 0 deletions

View File

@ -137,6 +137,14 @@ func (o *Options) Validate() error {
} }
} }
if o.CookieRefresh >= o.CookieExpire {
msgs = append(msgs, fmt.Sprintf(
"cookie_refresh (%s) must be less than "+
"cookie_expire (%s)",
o.CookieRefresh.String(),
o.CookieExpire.String()))
}
if len(msgs) != 0 { if len(msgs) != 0 {
return fmt.Errorf("Invalid configuration:\n %s", return fmt.Errorf("Invalid configuration:\n %s",
strings.Join(msgs, "\n ")) strings.Join(msgs, "\n "))

View File

@ -4,6 +4,7 @@ import (
"net/url" "net/url"
"strings" "strings"
"testing" "testing"
"time"
"github.com/bmizerany/assert" "github.com/bmizerany/assert"
) )
@ -125,3 +126,15 @@ func TestPassAccessTokenRequiresSpecificCookieSecretLengths(t *testing.T) {
o.CookieSecret = "32 byte secret for AES-256------" o.CookieSecret = "32 byte secret for AES-256------"
assert.Equal(t, nil, o.Validate()) assert.Equal(t, nil, o.Validate())
} }
func TestCookieRefreshMustBeLessThanCookieExpire(t *testing.T) {
o := testOptions()
assert.Equal(t, nil, o.Validate())
o.CookieSecret = "0123456789abcdef"
o.CookieRefresh = o.CookieExpire
assert.NotEqual(t, nil, o.Validate())
o.CookieRefresh -= time.Duration(1)
assert.Equal(t, nil, o.Validate())
}