Add expireAt field

kneu-messenger-pigeon · Nov 8, 2023 · efd7b7e · efd7b7e
1 parent e76a2db
commit efd7b7e
Show file tree

Hide file tree

Showing 2 changed files with 20 additions and 9 deletions.
diff --git a/ApiController.go b/ApiController.go
@@ -54,6 +54,11 @@ type Student struct {
 	Gender     events.Gender
 }
 
+type GetAuthUrlResponse struct {
+	AuthUrl  string    `json:"authUrl" binding:"required"`
+	ExpireAt time.Time `json:"expire" binding:"required"`
+}
+
 func (controller *ApiController) setupRouter() *gin.Engine {
 	router := gin.New()
 
@@ -88,20 +93,24 @@ func (controller *ApiController) getAuthUrl(c *gin.Context) {
 
 	authOptionsClaims := AuthOptionsClaims{}
 	err = c.Bind(&authOptionsClaims)
+	expireAt := time.Now().Add(stateLifetime).Truncate(jwt.TimePrecision)
 	if err == nil {
 		authOptionsClaims.KneuUserId = 0
 		authOptionsClaims.Issuer = "pigeonAuthorizer"
-		authOptionsClaims.ExpiresAt = jwt.NewNumericDate(time.Now().Add(stateLifetime))
+		authOptionsClaims.ExpiresAt = jwt.NewNumericDate(expireAt)
 
 		state, err = controller.buildState(authOptionsClaims)
 	}
 
 	if err != nil {
 		c.JSON(http.StatusBadRequest, gin.H{"error": "Wrong request data"})
 	} else {
-		c.JSON(http.StatusOK, gin.H{
-			"authUrl": controller.oauthClient.GetOauthUrl(controller.oauthRedirectUrl, state),
-		})
+		response := GetAuthUrlResponse{
+			AuthUrl:  controller.oauthClient.GetOauthUrl(controller.oauthRedirectUrl, state),
+			ExpireAt: expireAt,
+		}
+
+		c.JSON(http.StatusOK, &response)
 	}
 }
 

diff --git a/ApiController_test.go b/ApiController_test.go
@@ -20,10 +20,6 @@ import (
 	"time"
 )
 
-type GetAuthUrlResponse struct {
-	AuthUrl string `json:"authUrl" binding:"required"`
-}
-
 func TestPingRoute(t *testing.T) {
 	router := (&ApiController{}).setupRouter()
 
@@ -81,6 +77,8 @@ func TestGetAuthUrl(t *testing.T) {
 			config:      config,
 		}).setupRouter()
 
+		startTime := time.Now().Truncate(jwt.TimePrecision)
+
 		w := httptest.NewRecorder()
 		req, _ := http.NewRequest(http.MethodPost, "/url", strings.NewReader("client="+client+"&client_user_id="+clientUserId+"&redirect_uri="+redirectUrl))
 		req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
@@ -93,7 +91,7 @@ func TestGetAuthUrl(t *testing.T) {
 		err := json.NewDecoder(w.Body).Decode(&response)
 		assert.NoError(t, err)
 
-		assert.Equal(t, "https://auth.kneu.edu.ua/oauth?response_type=code&client_id=0&redirect_uri=https%3A%2F%2Fpigeon.com%2Fcomplete&_state_", response.AuthUrl)
+		assert.Equal(t, expectedOauthUrl, response.AuthUrl)
 
 		authOptionsClaims := AuthOptionsClaims{}
 		_, err = jwtParser.ParseWithClaims(
@@ -106,6 +104,10 @@ func TestGetAuthUrl(t *testing.T) {
 		assert.Equal(t, redirectUrl, authOptionsClaims.RedirectUri)
 		assert.Equal(t, client, authOptionsClaims.Client)
 		assert.Equal(t, clientUserId, authOptionsClaims.ClientUserId)
+
+		assert.GreaterOrEqual(t, response.ExpireAt, startTime.Add(stateLifetime))
+		assert.LessOrEqual(t, response.ExpireAt, time.Now().Add(stateLifetime))
+		assert.Equal(t, authOptionsClaims.ExpiresAt.Time, response.ExpireAt)
 	})
 
 	t.Run("error", func(t *testing.T) {