[ARVADOS] updated: 2.1.0-260-g7c3bc0685

Git user git at public.arvados.org
Thu Jan 14 21:59:33 UTC 2021 

Summary of changes:
 .../functional/user_sessions_controller_test.rb    | 47 ++++++++++++++++++++++
 1 file changed, 47 insertions(+)

       via  7c3bc0685d120eab7365fc18c06a174427c92312 (commit)
      from  e25d440d6d37538438c504f45ad194f9dc7913de (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.


commit 7c3bc0685d120eab7365fc18c06a174427c92312
Author: Nico Cesar <nico at nicocesar.com>
Date:   Thu Jan 14 16:59:00 2021 -0500

    added tests for expires_at auth cases
    
    Arvados-DCO-1.1-Signed-off-by: Nico Cesar <nico at curii.com>

diff --git a/services/api/test/functional/user_sessions_controller_test.rb b/services/api/test/functional/user_sessions_controller_test.rb
index d979208d3..e3638446c 100644
--- a/services/api/test/functional/user_sessions_controller_test.rb
+++ b/services/api/test/functional/user_sessions_controller_test.rb
@@ -46,6 +46,53 @@ class UserSessionsControllerTest < ActionController::TestCase
                     api_client_auth.updated_at + token_lifetime,
                     1.second)
   end
+  test "login with no configured lifetime and request has expires_at" do
+    token_lifetime = 0
+    Rails.configuration.Login.TokenLifetime = token_lifetime
+    request_expires_at = Time.now + 30.minutes
+    authorize_with :inactive
+    @request.headers['Authorization'] = 'Bearer '+Rails.configuration.SystemRootToken
+    get :create, params: {provider: 'controller', auth_info: {email: "foo at bar.com", expires_at: request_expires_at}, return_to: ',https://app.example'}
+    assert_response :redirect
+    api_client_auth = assigns(:api_client_auth)
+    assert_not_nil api_client_auth
+    assert_not_nil assigns(:api_client)
+    assert_in_delta(api_client_auth.expires_at,
+                    request_expires_at,
+                    1.second)
+  end
+
+  test "login with configured lifetime and request has small expires_at" do
+    token_lifetime = 1.hour
+    Rails.configuration.Login.TokenLifetime = token_lifetime
+    request_expires_at = Time.now + 30.minutes
+    authorize_with :inactive
+    @request.headers['Authorization'] = 'Bearer '+Rails.configuration.SystemRootToken
+    get :create, params: {provider: 'controller', auth_info: {email: "foo at bar.com", expires_at: request_expires_at}, return_to: ',https://app.example'}
+    assert_response :redirect
+    api_client_auth = assigns(:api_client_auth)
+    assert_not_nil api_client_auth
+    assert_not_nil assigns(:api_client)
+    assert_in_delta(api_client_auth.expires_at,
+                    request_expires_at,
+                    1.second)
+  end
+
+  test "login with configured lifetime and request has larger expires_at" do
+    token_lifetime = 1.hour
+    Rails.configuration.Login.TokenLifetime = token_lifetime
+    request_expires_at = Time.now + 90.minutes
+    authorize_with :inactive
+    @request.headers['Authorization'] = 'Bearer '+Rails.configuration.SystemRootToken
+    get :create, params: {provider: 'controller', auth_info: {email: "foo at bar.com", expires_at: request_expires_at}, return_to: ',https://app.example'}
+    assert_response :redirect
+    api_client_auth = assigns(:api_client_auth)
+    assert_not_nil api_client_auth
+    assert_not_nil assigns(:api_client)
+    assert_in_delta(api_client_auth.expires_at,
+                    api_client_auth.updated_at + token_lifetime,
+                    1.second)
+  end
 
   test "login with remote param returns a salted token" do
     authorize_with :inactive

-----------------------------------------------------------------------


hooks/post-receive
--

More information about the arvados-commits mailing list