aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/security.rs21
1 files changed, 19 insertions, 2 deletions
diff --git a/src/security.rs b/src/security.rs
index 258d3dc..51c2198 100644
--- a/src/security.rs
+++ b/src/security.rs
@@ -11,9 +11,9 @@ pub fn encode_expiring_claim(claim: &str, expiry_date: OffsetDateTime) -> String
/// Extract the string, failing if the expiry date is in the past.
pub fn decode_expiring_claim(value: String) -> Result<String,&'static str> {
- let mut parts = value.splitn(2, ':');
+ let mut parts = value.rsplitn(2, ':');
+ let expiry_date = parts.next().expect("first .rsplitn().next() is expected to return Some");
let claim = parts.next().ok_or("expected colon")?;
- let expiry_date = parts.next().ok_or("expected colon")?;
let expiry_date: i64 = expiry_date.parse().map_err(|_| "failed to parse timestamp")?;
if expiry_date > OffsetDateTime::now_utc().unix_timestamp() {
@@ -21,4 +21,21 @@ pub fn decode_expiring_claim(value: String) -> Result<String,&'static str> {
} else {
Err("token is expired")
}
+}
+
+#[cfg(test)]
+mod tests {
+ use time::{OffsetDateTime, Duration};
+
+ #[test]
+ fn test_expiring_claim() {
+ for claim in vec!["test", "", "foo:bar"] {
+ let encoded_claim = super::encode_expiring_claim(claim, OffsetDateTime::now_utc() + Duration::minutes(1));
+ assert_eq!(super::decode_expiring_claim(encoded_claim).unwrap(), claim);
+
+ let encoded_claim = super::encode_expiring_claim(claim, OffsetDateTime::now_utc() - Duration::minutes(1));
+ assert!(super::decode_expiring_claim(encoded_claim).is_err());
+ }
+ assert!(super::decode_expiring_claim("test".into()).is_err());
+ }
} \ No newline at end of file