Skip to content

Commit

Permalink
Enforce that cookie_refresh < cookie_expire
Browse files Browse the repository at this point in the history
  • Loading branch information
Mike Bland committed May 9, 2015
1 parent 8ec967a commit 41b21dd
Show file tree
Hide file tree
Showing 2 changed files with 21 additions and 0 deletions.
8 changes: 8 additions & 0 deletions options.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -137,6 +137,14 @@ func (o *Options) Validate() error {
}
}

if o.CookieRefresh >= o.CookieExpire {
msgs = append(msgs, fmt.Sprintf(
"cookie_refresh (%s) must be less than "+
"cookie_expire (%s)",
o.CookieRefresh.String(),
o.CookieExpire.String()))
}

if len(msgs) != 0 {
return fmt.Errorf("Invalid configuration:\n %s",
strings.Join(msgs, "\n "))
Expand Down
13 changes: 13 additions & 0 deletions options_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ import (
"net/url"
"strings"
"testing"
"time"

"github.com/bmizerany/assert"
)
Expand Down Expand Up @@ -125,3 +126,15 @@ func TestPassAccessTokenRequiresSpecificCookieSecretLengths(t *testing.T) {
o.CookieSecret = "32 byte secret for AES-256------"
assert.Equal(t, nil, o.Validate())
}

func TestCookieRefreshMustBeLessThanCookieExpire(t *testing.T) {
o := testOptions()
assert.Equal(t, nil, o.Validate())

o.CookieSecret = "0123456789abcdef"
o.CookieRefresh = o.CookieExpire
assert.NotEqual(t, nil, o.Validate())

o.CookieRefresh -= time.Duration(1)
assert.Equal(t, nil, o.Validate())
}

0 comments on commit 41b21dd

Please sign in to comment.