From d90aab54541f459b673ca9908e6c020e5373e7a5 Mon Sep 17 00:00:00 2001 From: Airat Arifullin Date: Fri, 5 Jul 2024 11:50:11 +0300 Subject: [PATCH] [#1229] util: Fix session token expiration check * Make session token expired at `current_epoch + 1` but not at `current_epoch` when it's still valid. Signed-off-by: Airat Arifullin --- pkg/services/object/util/key.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/services/object/util/key.go b/pkg/services/object/util/key.go index 8304bf13..23d6c1c6 100644 --- a/pkg/services/object/util/key.go +++ b/pkg/services/object/util/key.go @@ -67,7 +67,7 @@ func (s *KeyStorage) GetKey(info *SessionInfo) (*ecdsa.PrivateKey, error) { pToken := s.tokenStore.Get(info.Owner, binID) if pToken != nil { - if pToken.ExpiredAt() <= s.networkState.CurrentEpoch() { + if pToken.ExpiredAt() < s.networkState.CurrentEpoch() { return nil, new(apistatus.SessionTokenExpired) } return pToken.SessionKey(), nil