remove expiration code for oauth tokens
test-plan: when you get an access via oauth2 token you shouldn't get an expiration, and it shouldn't be set in the db Change-Id: Ie0b15b54ef789b9a94b726026c09fe9497f0adc5 Reviewed-on: https://gerrit.instructure.com/64749 Reviewed-by: Brad Horrocks <bhorrocks@instructure.com> Tested-by: Jenkins QA-Review: August Thornton <august@instructure.com> Product-Review: Nathan Mills <nathanm@instructure.com>
This commit is contained in:
parent
82399ff885
commit
7e4ffb6ffc
|
@ -54,7 +54,7 @@ module Canvas::Oauth
|
|||
user.access_tokens.where(developer_key_id: key).destroy_all if replace_tokens || key.replace_tokens
|
||||
|
||||
# Then create a new one
|
||||
@access_token = user.access_tokens.create!({:developer_key => key, :remember_access => remember_access?, :scopes => scopes, :purpose => purpose, expires_at: expiration_date})
|
||||
@access_token = user.access_tokens.create!({:developer_key => key, :remember_access => remember_access?, :scopes => scopes, :purpose => purpose})
|
||||
|
||||
@access_token.clear_full_token! if @access_token.scoped_to?(['userinfo'])
|
||||
@access_token.clear_plaintext_refresh_token! if @access_token.scoped_to?(['userinfo'])
|
||||
|
@ -80,7 +80,6 @@ module Canvas::Oauth
|
|||
'refresh_token' => access_token.plaintext_refresh_token,
|
||||
'user' => user.as_json(:only => [:id, :name], :include_root => false)
|
||||
}
|
||||
json['expires_in'] = access_token.expires_at.utc.to_time.to_i - Time.now.utc.to_i if access_token.expires_at
|
||||
json
|
||||
end
|
||||
|
||||
|
@ -112,20 +111,5 @@ module Canvas::Oauth
|
|||
Canvas.redis.del "#{REDIS_PREFIX}#{code}"
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
# This is a temporary measure to start letting developers know that they will need to start using refresh tokens on
|
||||
# June 30th 2016. It will short circuit starting June 29th 2016 at 23:00 UTC. It should be removed after that
|
||||
# date, and have tokens expire an hour after generation.
|
||||
def expiration_date
|
||||
now = DateTime.now
|
||||
if now > DateTime.parse('2016-06-29T00:00:00+00:00') #This should be the default behaviour after June 30th 2016
|
||||
now + 1.hour
|
||||
else
|
||||
expires_at = DateTime.parse('2016-06-30T00:00:00+00:00')
|
||||
expires_at.change(hour: now.hour, min: now.minute)
|
||||
end
|
||||
end
|
||||
|
||||
end
|
||||
end
|
||||
|
|
|
@ -133,7 +133,7 @@ describe Oauth2ProviderController do
|
|||
Canvas.stubs(:redis => redis)
|
||||
get :token, :client_id => key.id, :client_secret => key.api_key, :code => valid_code
|
||||
expect(response).to be_success
|
||||
expect(JSON.parse(response.body).keys.sort).to eq ['access_token', 'expires_in', 'refresh_token', 'user']
|
||||
expect(JSON.parse(response.body).keys.sort).to match_array(['access_token', 'refresh_token', 'user'])
|
||||
end
|
||||
|
||||
it 'deletes existing tokens for the same key when replace_tokens=1' do
|
||||
|
|
|
@ -148,16 +148,8 @@ module Canvas::Oauth
|
|||
expect(json['user']).to eq user.as_json(:only => [:id, :name], :include_root => false)
|
||||
end
|
||||
|
||||
it 'returns the expires_in parameter' do
|
||||
Time.stubs(:now).returns(DateTime.parse('2015-07-10T09:29:00+00:00').utc.to_time)
|
||||
access_token = token.access_token
|
||||
access_token.expires_at = DateTime.parse('2015-07-10T10:29:00+00:00')
|
||||
access_token.save!
|
||||
expect(json['expires_in']).to eq 3600
|
||||
end
|
||||
|
||||
it 'does not put anything else into the json' do
|
||||
expect(json.keys.sort).to eq ['access_token', 'expires_in', 'refresh_token', 'user']
|
||||
expect(json.keys.sort).to match_array(['access_token', 'refresh_token', 'user'])
|
||||
end
|
||||
|
||||
end
|
||||
|
@ -191,25 +183,5 @@ module Canvas::Oauth
|
|||
end
|
||||
end
|
||||
|
||||
context "token expiration" do
|
||||
context "interim June 30th 2016 expiration default" do
|
||||
it "sets the default expiration for new tokens to be on June 30th 2016 before 2016-06-29T23:00:00+00:00" do
|
||||
DateTime.stubs(:now).returns(DateTime.parse('2016-06-20T00:00:00+00:00'))
|
||||
expect(token.access_token.expires_at.utc.iso8601).to eq('2016-06-30T00:00:00+00:00')
|
||||
end
|
||||
|
||||
it "uses the curent hour and minute for setting the expiration on June 30th 2016" do
|
||||
DateTime.stubs(:now).returns(DateTime.parse('2015-07-10T09:29:00+00:00'))
|
||||
expect(token.access_token.expires_at.utc.iso8601).to eq('2016-06-30T09:29:00+00:00')
|
||||
end
|
||||
|
||||
it "starts expiring tokens in 1 hour intervals at 2016-06-29T23:00:00+00:00" do
|
||||
DateTime.stubs(:now).returns(DateTime.parse('2016-06-29T23:01:00+00:00'))
|
||||
expect(token.access_token.expires_at.utc.iso8601).to eq('2016-06-30T00:01:00+00:00')
|
||||
end
|
||||
|
||||
end
|
||||
end
|
||||
|
||||
end
|
||||
end
|
||||
|
|
Loading…
Reference in New Issue