aboutsummaryrefslogtreecommitdiff
path: root/lib/api/api_auth_test.go
diff options
context:
space:
mode:
Diffstat (limited to 'lib/api/api_auth_test.go')
-rw-r--r--lib/api/api_auth_test.go77
1 files changed, 77 insertions, 0 deletions
diff --git a/lib/api/api_auth_test.go b/lib/api/api_auth_test.go
index e4e207a09..a2d7146d9 100644
--- a/lib/api/api_auth_test.go
+++ b/lib/api/api_auth_test.go
@@ -8,8 +8,12 @@ package api
import (
"testing"
+ "time"
"github.com/syncthing/syncthing/lib/config"
+ "github.com/syncthing/syncthing/lib/db"
+ "github.com/syncthing/syncthing/lib/db/backend"
+ "github.com/syncthing/syncthing/lib/events"
)
var guiCfg config.GUIConfiguration
@@ -110,3 +114,76 @@ func TestEscapeForLDAPDN(t *testing.T) {
}
}
}
+
+type mockClock struct {
+ now time.Time
+}
+
+func (c *mockClock) Now() time.Time {
+ c.now = c.now.Add(1) // time always ticks by at least 1 ns
+ return c.now
+}
+
+func (c *mockClock) wind(t time.Duration) {
+ c.now = c.now.Add(t)
+}
+
+func TestTokenManager(t *testing.T) {
+ t.Parallel()
+
+ mdb, _ := db.NewLowlevel(backend.OpenMemory(), events.NoopLogger)
+ kdb := db.NewNamespacedKV(mdb, "test")
+ clock := &mockClock{now: time.Now()}
+
+ // Token manager keeps up to three tokens with a validity time of 24 hours.
+ tm := newTokenManager("testTokens", kdb, 24*time.Hour, 3)
+ tm.timeNow = clock.Now
+
+ // Create three tokens
+ t0 := tm.New()
+ t1 := tm.New()
+ t2 := tm.New()
+
+ // Check that the tokens are valid
+ if !tm.Check(t0) {
+ t.Errorf("token %q should be valid", t0)
+ }
+ if !tm.Check(t1) {
+ t.Errorf("token %q should be valid", t1)
+ }
+ if !tm.Check(t2) {
+ t.Errorf("token %q should be valid", t2)
+ }
+
+ // Create a fourth token
+ t3 := tm.New()
+ // It should be valid
+ if !tm.Check(t3) {
+ t.Errorf("token %q should be valid", t3)
+ }
+ // But the first token should have been removed
+ if tm.Check(t0) {
+ t.Errorf("token %q should be invalid", t0)
+ }
+
+ // Wind the clock by 12 hours
+ clock.wind(12 * time.Hour)
+ // The second token should still be valid (and checking it will give it more life)
+ if !tm.Check(t1) {
+ t.Errorf("token %q should be valid", t1)
+ }
+
+ // Wind the clock by 12 hours
+ clock.wind(12 * time.Hour)
+ // The second token should still be valid
+ if !tm.Check(t1) {
+ t.Errorf("token %q should be valid", t1)
+ }
+ // But the third and fourth tokens should have expired
+ if tm.Check(t2) {
+ t.Errorf("token %q should be invalid", t2)
+ }
+ if tm.Check(t3) {
+ t.Errorf("token %q should be invalid", t3)
+ }
+}
7apu2bq3rhoylwmucxizk54afw5jyda7pho4j5zdcqpwkufke7zdzwad.onion