forked from TrueCloudLab/frostfs-api-go
session: support the expiration of private tokens
All sessions in NeoFS has limited in epochs lifetime. There is a need
to limit the lifetime of private session tokens.
This commmit:
* extends PrivateToken interface with Expired method;
* defines EpochLifetimeStore interface with RemoveExpired method
and embeds it to PrivateTokenStore interface;
* adds epoch value parameter to private token constructor.
This commit is contained in:
Leonard Lyubich
parent
8cbdb9183f
commit
4fa7360cd1
5 changed files with 116 additions and 4 deletions
|
|
@ -9,7 +9,7 @@ import (
|
|||
|
||||
func TestMapTokenStore(t *testing.T) {
|
||||
// create new private token
|
||||
pToken, err := NewPrivateToken()
|
||||
pToken, err := NewPrivateToken(0)
|
||||
require.NoError(t, err)
|
||||
|
||||
// create map token store
|
||||
|
|
@ -33,3 +33,64 @@ func TestMapTokenStore(t *testing.T) {
|
|||
// ascertain that returned token equals to initial
|
||||
require.Equal(t, pToken, res)
|
||||
}
|
||||
|
||||
func TestMapTokenStore_RemoveExpired(t *testing.T) {
|
||||
// create some epoch number
|
||||
e1 := uint64(1)
|
||||
|
||||
// create private token that expires after e1
|
||||
tok1, err := NewPrivateToken(e1)
|
||||
require.NoError(t, err)
|
||||
|
||||
// create some greater than e1 epoch number
|
||||
e2 := e1 + 1
|
||||
|
||||
// create private token that expires after e2
|
||||
tok2, err := NewPrivateToken(e2)
|
||||
require.NoError(t, err)
|
||||
|
||||
// create token store instance
|
||||
s := NewMapTokenStore()
|
||||
|
||||
// create storage keys for tokens
|
||||
id1, err := refs.NewUUID()
|
||||
require.NoError(t, err)
|
||||
id2, err := refs.NewUUID()
|
||||
require.NoError(t, err)
|
||||
|
||||
assertPresence := func(ids ...TokenID) {
|
||||
for i := range ids {
|
||||
_, err = s.Fetch(ids[i])
|
||||
require.NoError(t, err)
|
||||
}
|
||||
}
|
||||
|
||||
assertAbsence := func(ids ...TokenID) {
|
||||
for i := range ids {
|
||||
_, err = s.Fetch(ids[i])
|
||||
require.EqualError(t, err, ErrPrivateTokenNotFound.Error())
|
||||
}
|
||||
}
|
||||
|
||||
// store both tokens
|
||||
require.NoError(t, s.Store(id1, tok1))
|
||||
require.NoError(t, s.Store(id2, tok2))
|
||||
|
||||
// ascertain that both tokens are available
|
||||
assertPresence(id1, id2)
|
||||
|
||||
// perform cleaning for epoch in which both tokens are not expired
|
||||
require.NoError(t, s.RemoveExpired(e1))
|
||||
|
||||
// ascertain that both tokens are still available
|
||||
assertPresence(id1, id2)
|
||||
|
||||
// perform cleaning for epoch greater than e1 and not greater than e2
|
||||
require.NoError(t, s.RemoveExpired(e1+1))
|
||||
|
||||
// ascertain that tok1 was removed
|
||||
assertAbsence(id1)
|
||||
|
||||
// ascertain that tok2 was not removed
|
||||
assertPresence(id2)
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue