commit 93a2e745d5ab4ff20c6c6ba00f0862bfc506d201
parent a769eff0a2f2bee9f82eac0adc716d702ae29c51
Author: Sebastian Mancke <s.mancke@tarent.de>
Date: Mon, 15 May 2017 12:01:22 +0200
fixed some reportcard findings
Diffstat:
3 files changed, 51 insertions(+), 47 deletions(-)
diff --git a/login/handler_test.go b/login/handler_test.go
@@ -224,7 +224,7 @@ func TestHandler_LoginWeb(t *testing.T) {
InDelta(t, time.Now().Add(testConfig().CookieExpiry).Unix(), cookie.Expires.Unix(), 2)
True(t, cookie.HttpOnly)
- // check the token contens
+ // check the token content
claims, err := tokenAsMap(cookie.Value)
NoError(t, err)
Equal(t, "bob", claims["sub"])
@@ -463,55 +463,59 @@ func readSetCookies(h http.Header) []*http.Cookie {
Raw: line,
}
- for i := 1; i < len(parts); i++ {
- parts[i] = strings.TrimSpace(parts[i])
- if len(parts[i]) == 0 {
- continue
+ readCookiesParts(c, parts)
+ cookies = append(cookies, c)
+ }
+ return cookies
+}
+
+func readCookiesParts(c *http.Cookie, parts []string) {
+ for i := 1; i < len(parts); i++ {
+ parts[i] = strings.TrimSpace(parts[i])
+ if len(parts[i]) == 0 {
+ continue
+ }
+ attr, val := parts[i], ""
+ if j := strings.Index(attr, "="); j >= 0 {
+ attr, val = attr[:j], attr[j+1:]
+ }
+ lowerAttr := strings.ToLower(attr)
+ switch lowerAttr {
+ case "secure":
+ c.Secure = true
+ continue
+ case "httponly":
+ c.HttpOnly = true
+ continue
+ case "domain":
+ c.Domain = val
+ continue
+ case "max-age":
+ secs, err := strconv.Atoi(val)
+ if err != nil || secs != 0 && val[0] == '0' {
+ break
}
- attr, val := parts[i], ""
- if j := strings.Index(attr, "="); j >= 0 {
- attr, val = attr[:j], attr[j+1:]
+ if secs <= 0 {
+ secs = -1
}
- lowerAttr := strings.ToLower(attr)
- switch lowerAttr {
- case "secure":
- c.Secure = true
- continue
- case "httponly":
- c.HttpOnly = true
- continue
- case "domain":
- c.Domain = val
- continue
- case "max-age":
- secs, err := strconv.Atoi(val)
- if err != nil || secs != 0 && val[0] == '0' {
- break
- }
- if secs <= 0 {
- secs = -1
- }
- c.MaxAge = secs
- continue
- case "expires":
- c.RawExpires = val
- exptime, err := time.Parse(time.RFC1123, val)
+ c.MaxAge = secs
+ continue
+ case "expires":
+ c.RawExpires = val
+ exptime, err := time.Parse(time.RFC1123, val)
+ if err != nil {
+ exptime, err = time.Parse("Mon, 02-Jan-2006 15:04:05 MST", val)
if err != nil {
- exptime, err = time.Parse("Mon, 02-Jan-2006 15:04:05 MST", val)
- if err != nil {
- c.Expires = time.Time{}
- break
- }
+ c.Expires = time.Time{}
+ break
}
- c.Expires = exptime.UTC()
- continue
- case "path":
- c.Path = val
- continue
}
- c.Unparsed = append(c.Unparsed, parts[i])
+ c.Expires = exptime.UTC()
+ continue
+ case "path":
+ c.Path = val
+ continue
}
- cookies = append(cookies, c)
+ c.Unparsed = append(c.Unparsed, parts[i])
}
- return cookies
}
diff --git a/oauth2/provider.go b/oauth2/provider.go
@@ -4,7 +4,7 @@ import (
"github.com/tarent/loginsrv/model"
)
-// Provider is the descriptoin of an oauth provider adapter
+// Provider is the description of an oauth provider adapter
type Provider struct {
// The name to access the provider in the configuration
Name string
diff --git a/osiam/backend_test.go b/osiam/backend_test.go
@@ -35,7 +35,7 @@ func TestBackend_Authenticate(t *testing.T) {
// wrong user credentials
backend, err = NewBackend(server.URL, "example-client", "secret")
NoError(t, err)
- authenticated, userInfo, err = backend.Authenticate("admin", "XXX")
+ authenticated, _, err = backend.Authenticate("admin", "XXX")
NoError(t, err)
False(t, authenticated)