[ARVADOS] updated: 2.1.0-260-g7c3bc0685
Git user
git at public.arvados.org
Thu Jan 14 21:59:33 UTC 2021
Summary of changes:
.../functional/user_sessions_controller_test.rb | 47 ++++++++++++++++++++++
1 file changed, 47 insertions(+)
via 7c3bc0685d120eab7365fc18c06a174427c92312 (commit)
from e25d440d6d37538438c504f45ad194f9dc7913de (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
commit 7c3bc0685d120eab7365fc18c06a174427c92312
Author: Nico Cesar <nico at nicocesar.com>
Date: Thu Jan 14 16:59:00 2021 -0500
added tests for expires_at auth cases
Arvados-DCO-1.1-Signed-off-by: Nico Cesar <nico at curii.com>
diff --git a/services/api/test/functional/user_sessions_controller_test.rb b/services/api/test/functional/user_sessions_controller_test.rb
index d979208d3..e3638446c 100644
--- a/services/api/test/functional/user_sessions_controller_test.rb
+++ b/services/api/test/functional/user_sessions_controller_test.rb
@@ -46,6 +46,53 @@ class UserSessionsControllerTest < ActionController::TestCase
api_client_auth.updated_at + token_lifetime,
1.second)
end
+ test "login with no configured lifetime and request has expires_at" do
+ token_lifetime = 0
+ Rails.configuration.Login.TokenLifetime = token_lifetime
+ request_expires_at = Time.now + 30.minutes
+ authorize_with :inactive
+ @request.headers['Authorization'] = 'Bearer '+Rails.configuration.SystemRootToken
+ get :create, params: {provider: 'controller', auth_info: {email: "foo at bar.com", expires_at: request_expires_at}, return_to: ',https://app.example'}
+ assert_response :redirect
+ api_client_auth = assigns(:api_client_auth)
+ assert_not_nil api_client_auth
+ assert_not_nil assigns(:api_client)
+ assert_in_delta(api_client_auth.expires_at,
+ request_expires_at,
+ 1.second)
+ end
+
+ test "login with configured lifetime and request has small expires_at" do
+ token_lifetime = 1.hour
+ Rails.configuration.Login.TokenLifetime = token_lifetime
+ request_expires_at = Time.now + 30.minutes
+ authorize_with :inactive
+ @request.headers['Authorization'] = 'Bearer '+Rails.configuration.SystemRootToken
+ get :create, params: {provider: 'controller', auth_info: {email: "foo at bar.com", expires_at: request_expires_at}, return_to: ',https://app.example'}
+ assert_response :redirect
+ api_client_auth = assigns(:api_client_auth)
+ assert_not_nil api_client_auth
+ assert_not_nil assigns(:api_client)
+ assert_in_delta(api_client_auth.expires_at,
+ request_expires_at,
+ 1.second)
+ end
+
+ test "login with configured lifetime and request has larger expires_at" do
+ token_lifetime = 1.hour
+ Rails.configuration.Login.TokenLifetime = token_lifetime
+ request_expires_at = Time.now + 90.minutes
+ authorize_with :inactive
+ @request.headers['Authorization'] = 'Bearer '+Rails.configuration.SystemRootToken
+ get :create, params: {provider: 'controller', auth_info: {email: "foo at bar.com", expires_at: request_expires_at}, return_to: ',https://app.example'}
+ assert_response :redirect
+ api_client_auth = assigns(:api_client_auth)
+ assert_not_nil api_client_auth
+ assert_not_nil assigns(:api_client)
+ assert_in_delta(api_client_auth.expires_at,
+ api_client_auth.updated_at + token_lifetime,
+ 1.second)
+ end
test "login with remote param returns a salted token" do
authorize_with :inactive
-----------------------------------------------------------------------
hooks/post-receive
--
More information about the arvados-commits
mailing list