loginsrv

Unnamed repository; edit this file 'description' to name the repository.
git clone git@jamesshield.xyz:repos/loginsrv.git
Log | Files | Refs | README | LICENSE

commit 93a2e745d5ab4ff20c6c6ba00f0862bfc506d201
parent a769eff0a2f2bee9f82eac0adc716d702ae29c51
Author: Sebastian Mancke <s.mancke@tarent.de>
Date:   Mon, 15 May 2017 12:01:22 +0200

fixed some reportcard findings

Diffstat:
Mlogin/handler_test.go | 94+++++++++++++++++++++++++++++++++++++++++--------------------------------------
Moauth2/provider.go | 2+-
Mosiam/backend_test.go | 2+-
3 files changed, 51 insertions(+), 47 deletions(-)

diff --git a/login/handler_test.go b/login/handler_test.go @@ -224,7 +224,7 @@ func TestHandler_LoginWeb(t *testing.T) { InDelta(t, time.Now().Add(testConfig().CookieExpiry).Unix(), cookie.Expires.Unix(), 2) True(t, cookie.HttpOnly) - // check the token contens + // check the token content claims, err := tokenAsMap(cookie.Value) NoError(t, err) Equal(t, "bob", claims["sub"]) @@ -463,55 +463,59 @@ func readSetCookies(h http.Header) []*http.Cookie { Raw: line, } - for i := 1; i < len(parts); i++ { - parts[i] = strings.TrimSpace(parts[i]) - if len(parts[i]) == 0 { - continue + readCookiesParts(c, parts) + cookies = append(cookies, c) + } + return cookies +} + +func readCookiesParts(c *http.Cookie, parts []string) { + for i := 1; i < len(parts); i++ { + parts[i] = strings.TrimSpace(parts[i]) + if len(parts[i]) == 0 { + continue + } + attr, val := parts[i], "" + if j := strings.Index(attr, "="); j >= 0 { + attr, val = attr[:j], attr[j+1:] + } + lowerAttr := strings.ToLower(attr) + switch lowerAttr { + case "secure": + c.Secure = true + continue + case "httponly": + c.HttpOnly = true + continue + case "domain": + c.Domain = val + continue + case "max-age": + secs, err := strconv.Atoi(val) + if err != nil || secs != 0 && val[0] == '0' { + break } - attr, val := parts[i], "" - if j := strings.Index(attr, "="); j >= 0 { - attr, val = attr[:j], attr[j+1:] + if secs <= 0 { + secs = -1 } - lowerAttr := strings.ToLower(attr) - switch lowerAttr { - case "secure": - c.Secure = true - continue - case "httponly": - c.HttpOnly = true - continue - case "domain": - c.Domain = val - continue - case "max-age": - secs, err := strconv.Atoi(val) - if err != nil || secs != 0 && val[0] == '0' { - break - } - if secs <= 0 { - secs = -1 - } - c.MaxAge = secs - continue - case "expires": - c.RawExpires = val - exptime, err := time.Parse(time.RFC1123, val) + c.MaxAge = secs + continue + case "expires": + c.RawExpires = val + exptime, err := time.Parse(time.RFC1123, val) + if err != nil { + exptime, err = time.Parse("Mon, 02-Jan-2006 15:04:05 MST", val) if err != nil { - exptime, err = time.Parse("Mon, 02-Jan-2006 15:04:05 MST", val) - if err != nil { - c.Expires = time.Time{} - break - } + c.Expires = time.Time{} + break } - c.Expires = exptime.UTC() - continue - case "path": - c.Path = val - continue } - c.Unparsed = append(c.Unparsed, parts[i]) + c.Expires = exptime.UTC() + continue + case "path": + c.Path = val + continue } - cookies = append(cookies, c) + c.Unparsed = append(c.Unparsed, parts[i]) } - return cookies } diff --git a/oauth2/provider.go b/oauth2/provider.go @@ -4,7 +4,7 @@ import ( "github.com/tarent/loginsrv/model" ) -// Provider is the descriptoin of an oauth provider adapter +// Provider is the description of an oauth provider adapter type Provider struct { // The name to access the provider in the configuration Name string diff --git a/osiam/backend_test.go b/osiam/backend_test.go @@ -35,7 +35,7 @@ func TestBackend_Authenticate(t *testing.T) { // wrong user credentials backend, err = NewBackend(server.URL, "example-client", "secret") NoError(t, err) - authenticated, userInfo, err = backend.Authenticate("admin", "XXX") + authenticated, _, err = backend.Authenticate("admin", "XXX") NoError(t, err) False(t, authenticated)