about summary refs log tree commit diff
path: root/website/sandbox/learnpianochords/src/server/Spec.hs
diff options
context:
space:
mode:
authorWilliam Carroll <wpcarro@gmail.com>2020-08-08T13·47+0100
committerWilliam Carroll <wpcarro@gmail.com>2020-08-08T13·47+0100
commit8a7a3b29a9413d634b8f8a71119cc54a6132df41 (patch)
treefc32f99e9f1a9a7b9ef52f364718c56d33ccedcf /website/sandbox/learnpianochords/src/server/Spec.hs
parentf1883b279037375c66cf683b7392652624381c59 (diff)
Add tests for "exp" field of the JWT
Assert that the exp field of the JWT is "fresh".
Diffstat (limited to 'website/sandbox/learnpianochords/src/server/Spec.hs')
-rw-r--r--website/sandbox/learnpianochords/src/server/Spec.hs22
1 files changed, 22 insertions, 0 deletions
diff --git a/website/sandbox/learnpianochords/src/server/Spec.hs b/website/sandbox/learnpianochords/src/server/Spec.hs
index 96f10a9c4332..097ae3d5158d 100644
--- a/website/sandbox/learnpianochords/src/server/Spec.hs
+++ b/website/sandbox/learnpianochords/src/server/Spec.hs
@@ -4,11 +4,13 @@ module Spec where
 --------------------------------------------------------------------------------
 import Test.Hspec
 import Utils
+import Web.JWT (numericDate)
 import GoogleSignIn (ValidationResult(..))
 
 import qualified GoogleSignIn
 import qualified Fixtures as F
 import qualified TestUtils
+import qualified Data.Time.Clock.POSIX as POSIX
 --------------------------------------------------------------------------------
 
 main :: IO ()
@@ -44,3 +46,23 @@ main = hspec $ do
             encodedJWT = F.defaultJWTFields { F.overwriteIss = erroneousIssuer }
                          |> F.googleJWT
         jwtIsValid' encodedJWT `shouldReturn` Valid
+
+      it "fails validation when the exp field has expired" $ do
+        let mErroneousExp = numericDate 0
+        case mErroneousExp of
+          Nothing -> True `shouldBe` False
+          Just erroneousExp -> do
+            let encodedJWT = F.defaultJWTFields { F.overwriteExp = erroneousExp }
+                             |> F.googleJWT
+            jwtIsValid' encodedJWT `shouldReturn` StaleExpiry erroneousExp
+
+      it "passes validation when the exp field is current" $ do
+        mFreshExp <- POSIX.getPOSIXTime
+                     |> fmap (\x -> x * 60 * 60 * 24 * 10) -- 10 days later
+                     |> fmap numericDate
+        case mFreshExp of
+          Nothing -> True `shouldBe` False
+          Just freshExp -> do
+            let encodedJWT = F.defaultJWTFields { F.overwriteExp = freshExp }
+                             |> F.googleJWT
+            jwtIsValid' encodedJWT `shouldReturn` Valid
generated by cgit-pink 1.4.1 (git 2.44.2) at 2025-01-03T02·50+0000