diff options
Diffstat (limited to 'lib/api/api_auth_test.go')
-rw-r--r-- | lib/api/api_auth_test.go | 77 |
1 files changed, 77 insertions, 0 deletions
diff --git a/lib/api/api_auth_test.go b/lib/api/api_auth_test.go index e4e207a09..a2d7146d9 100644 --- a/lib/api/api_auth_test.go +++ b/lib/api/api_auth_test.go @@ -8,8 +8,12 @@ package api import ( "testing" + "time" "github.com/syncthing/syncthing/lib/config" + "github.com/syncthing/syncthing/lib/db" + "github.com/syncthing/syncthing/lib/db/backend" + "github.com/syncthing/syncthing/lib/events" ) var guiCfg config.GUIConfiguration @@ -110,3 +114,76 @@ func TestEscapeForLDAPDN(t *testing.T) { } } } + +type mockClock struct { + now time.Time +} + +func (c *mockClock) Now() time.Time { + c.now = c.now.Add(1) // time always ticks by at least 1 ns + return c.now +} + +func (c *mockClock) wind(t time.Duration) { + c.now = c.now.Add(t) +} + +func TestTokenManager(t *testing.T) { + t.Parallel() + + mdb, _ := db.NewLowlevel(backend.OpenMemory(), events.NoopLogger) + kdb := db.NewNamespacedKV(mdb, "test") + clock := &mockClock{now: time.Now()} + + // Token manager keeps up to three tokens with a validity time of 24 hours. + tm := newTokenManager("testTokens", kdb, 24*time.Hour, 3) + tm.timeNow = clock.Now + + // Create three tokens + t0 := tm.New() + t1 := tm.New() + t2 := tm.New() + + // Check that the tokens are valid + if !tm.Check(t0) { + t.Errorf("token %q should be valid", t0) + } + if !tm.Check(t1) { + t.Errorf("token %q should be valid", t1) + } + if !tm.Check(t2) { + t.Errorf("token %q should be valid", t2) + } + + // Create a fourth token + t3 := tm.New() + // It should be valid + if !tm.Check(t3) { + t.Errorf("token %q should be valid", t3) + } + // But the first token should have been removed + if tm.Check(t0) { + t.Errorf("token %q should be invalid", t0) + } + + // Wind the clock by 12 hours + clock.wind(12 * time.Hour) + // The second token should still be valid (and checking it will give it more life) + if !tm.Check(t1) { + t.Errorf("token %q should be valid", t1) + } + + // Wind the clock by 12 hours + clock.wind(12 * time.Hour) + // The second token should still be valid + if !tm.Check(t1) { + t.Errorf("token %q should be valid", t1) + } + // But the third and fourth tokens should have expired + if tm.Check(t2) { + t.Errorf("token %q should be invalid", t2) + } + if tm.Check(t3) { + t.Errorf("token %q should be invalid", t3) + } +} |