[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[libeufin] branch master updated: Testing token timing.
|
From: |
gnunet |
|
Subject: |
[libeufin] branch master updated: Testing token timing. |
|
Date: |
Fri, 29 Sep 2023 12:19:25 +0200 |
This is an automated email from the git hooks/post-receive script.
ms pushed a commit to branch master
in repository libeufin.
The following commit(s) were added to refs/heads/master by this push:
new 0a1c5a74 Testing token timing.
0a1c5a74 is described below
commit 0a1c5a7465418dff7d63dbcc2dccd58ca0cea6ab
Author: MS <ms@taler.net>
AuthorDate: Fri Sep 29 12:19:05 2023 +0200
Testing token timing.
---
.../tech/libeufin/bank/CorebankApiHandlers.kt | 2 ++
bank/src/main/kotlin/tech/libeufin/bank/Main.kt | 7 +++-
bank/src/test/kotlin/LibeuFinApiTest.kt | 42 +++++++++++++++++++++-
util/src/main/kotlin/time.kt | 5 ++-
4 files changed, 53 insertions(+), 3 deletions(-)
diff --git a/bank/src/main/kotlin/tech/libeufin/bank/CorebankApiHandlers.kt
b/bank/src/main/kotlin/tech/libeufin/bank/CorebankApiHandlers.kt
index 07056ed5..fc3ca211 100644
--- a/bank/src/main/kotlin/tech/libeufin/bank/CorebankApiHandlers.kt
+++ b/bank/src/main/kotlin/tech/libeufin/bank/CorebankApiHandlers.kt
@@ -58,9 +58,11 @@ fun Routing.accountsMgmtHandlers(db: Database, ctx:
BankApplicationContext) {
val creationTime = Instant.now()
val expirationTimestamp = if (tokenDuration ==
ChronoUnit.FOREVER.duration) {
+ logger.debug("Creating 'forever' token.")
Instant.MAX
} else {
try {
+ logger.debug("Creating token with days duration:
${tokenDuration.toDays()}")
creationTime.plus(tokenDuration)
} catch (e: Exception) {
logger.error("Could not add token duration to current time:
${e.message}")
diff --git a/bank/src/main/kotlin/tech/libeufin/bank/Main.kt
b/bank/src/main/kotlin/tech/libeufin/bank/Main.kt
index 307b29bd..f34212b4 100644
--- a/bank/src/main/kotlin/tech/libeufin/bank/Main.kt
+++ b/bank/src/main/kotlin/tech/libeufin/bank/Main.kt
@@ -153,6 +153,9 @@ object TalerProtocolTimestampSerializer :
KSerializer<TalerProtocolTimestamp> {
}
val ts: Long = maybeTs.longOrNull
?: throw badRequest("Could not convert t_s '${maybeTs.content}' to
a number")
+ // Not allowing negative values, despite java.time allowance.
+ if (ts < 0)
+ throw badRequest("Negative timestamp not allowed.")
val instant = try {
Instant.ofEpochSecond(ts)
} catch (e: Exception) {
@@ -217,8 +220,10 @@ object RelativeTimeSerializer : KSerializer<RelativeTime> {
}
val dUs: Long = maybeDUs.longOrNull
?: throw badRequest("Could not convert d_us: '${maybeDUs.content}'
to a number")
+ if (dUs < 0)
+ throw badRequest("Negative duration specified.")
val duration = try {
- Duration.ofNanos(dUs * 1000L)
+ Duration.of(dUs, ChronoUnit.MICROS)
} catch (e: Exception) {
logger.error("Could not get Duration out of d_us content: ${dUs}.
${e.message}")
throw badRequest("Could not get Duration out of d_us content:
${dUs}")
diff --git a/bank/src/test/kotlin/LibeuFinApiTest.kt
b/bank/src/test/kotlin/LibeuFinApiTest.kt
index 8683fef8..18020481 100644
--- a/bank/src/test/kotlin/LibeuFinApiTest.kt
+++ b/bank/src/test/kotlin/LibeuFinApiTest.kt
@@ -157,6 +157,45 @@ class LibeuFinApiTest {
}
}
+ // Testing that too big or invalid durations fail the request.
+ @Test
+ fun tokenInvalidDurationTest() {
+ val db = initDb()
+ val ctx = getTestContext()
+ assert(db.customerCreate(customerFoo) != null)
+ testApplication {
+ application {
+ corebankWebApp(db, ctx)
+ }
+ var r = client.post("/accounts/foo/token") {
+ expectSuccess = false
+ contentType(ContentType.Application.Json)
+ basicAuth("foo", "pw")
+ setBody("""{
+ "duration": {"d_us": "invalid"},
+ "scope": "readonly"}""".trimIndent())
+ }
+ assert(r.status == HttpStatusCode.BadRequest)
+ r = client.post("/accounts/foo/token") {
+ expectSuccess = false
+ contentType(ContentType.Application.Json)
+ basicAuth("foo", "pw")
+ setBody("""{
+ "duration": {"d_us": ${Long.MAX_VALUE}},
+ "scope": "readonly"}""".trimIndent())
+ }
+ assert(r.status == HttpStatusCode.BadRequest)
+ r = client.post("/accounts/foo/token") {
+ expectSuccess = false
+ contentType(ContentType.Application.Json)
+ basicAuth("foo", "pw")
+ setBody("""{
+ "duration": {"d_us": -1},
+ "scope": "readonly"}""".trimIndent())
+ }
+ assert(r.status == HttpStatusCode.BadRequest)
+ }
+ }
// Checking the POST /token handling.
@Test
fun tokenTest() {
@@ -182,7 +221,8 @@ class LibeuFinApiTest {
val newTokDb =
db.bearerTokenGet(Base32Crockford.decode(newTokObj.access_token))
val lifeTime = Duration.between(newTokDb!!.creationTime,
newTokDb.expirationTime)
assert(lifeTime == Duration.ofDays(1))
- // foo tries on bar endpoint
+
+ // foo tries to create a token on behalf of bar, expect 403.
val r = client.post("/accounts/bar/token") {
expectSuccess = false
basicAuth("foo", "pw")
diff --git a/util/src/main/kotlin/time.kt b/util/src/main/kotlin/time.kt
index 6c1b9464..c0b85171 100644
--- a/util/src/main/kotlin/time.kt
+++ b/util/src/main/kotlin/time.kt
@@ -58,7 +58,10 @@ private fun Instant.toNanos(): Long? {
fun Instant.toDbMicros(): Long? {
if (this == Instant.MAX)
return Long.MAX_VALUE
- val nanos = this.toNanos() ?: return null
+ val nanos = this.toNanos() ?: run {
+ logger.error("Could not obtain micros to store to database,
convenience conversion to nanos overflew.")
+ return null
+ }
return nanos / 1000L
}
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [libeufin] branch master updated: Testing token timing.,
gnunet <=