session: Provide getters of lifetime claims

Previously they could not be obtained directly. It's natural need to get what was set, e.g. in unit tests, logging, etc. So, it's better to provide way to receive such an open info. Signed-off-by: Leonard Lyubich <[email protected]>
nspcc-dev · Sep 18, 2024 · b9b920d · b9b920d
1 parent a236057
commit b9b920d
Show file tree

Hide file tree

Showing 4 changed files with 94 additions and 10 deletions.
diff --git a/session/common.go b/session/common.go
@@ -243,6 +243,11 @@ func (x *commonData) SetExp(exp uint64) {
 	x.exp = exp
 }
 
+// Exp returns "exp" (expiration time) claim.
+func (x commonData) Exp() uint64 {
+	return x.exp
+}
+
 // SetNbf sets "nbf" (not before) claim which identifies the time (in NeoFS
 // epochs) before which the session MUST NOT be accepted for processing.
 // The processing of the "nbf" claim requires that the current date/time MUST be
@@ -255,6 +260,11 @@ func (x *commonData) SetNbf(nbf uint64) {
 	x.nbf = nbf
 }
 
+// Nbf returns "nbf" (not before) claim.
+func (x commonData) Nbf() uint64 {
+	return x.nbf
+}
+
 // SetIat sets "iat" (issued at) claim which identifies the time (in NeoFS
 // epochs) at which the session was issued. This claim can be used to
 // determine the age of the session.
@@ -266,8 +276,13 @@ func (x *commonData) SetIat(iat uint64) {
 	x.iat = iat
 }
 
+// Iat returns "iat" (issued at) claim.
+func (x commonData) Iat() uint64 {
+	return x.iat
+}
+
 func (x commonData) expiredAt(epoch uint64) bool {
-	return x.exp < epoch
+	return x.Exp() < epoch
 }
 
 // InvalidAt asserts "exp", "nbf" and "iat" claims.
@@ -276,7 +291,7 @@ func (x commonData) expiredAt(epoch uint64) bool {
 //
 // See also SetExp, SetNbf, SetIat.
 func (x commonData) InvalidAt(epoch uint64) bool {
-	return x.expiredAt(epoch) || x.nbf > epoch || x.iat > epoch
+	return x.expiredAt(epoch) || x.Nbf() > epoch || x.Iat() > epoch
 }
 
 // SetID sets a unique identifier for the session. The identifier value MUST be

diff --git a/session/common_test.go b/session/common_test.go
@@ -0,0 +1,47 @@
+package session_test
+
+import (
+	"testing"
+
+	"github.com/nspcc-dev/neofs-sdk-go/session"
+	"github.com/stretchr/testify/require"
+)
+
+func testLifetimeClaim[T session.Container | session.Object](t testing.TB, get func(T) uint64, set func(*T, uint64)) {
+	var x T
+	require.Zero(t, get(x))
+	set(&x, 12094032)
+	require.EqualValues(t, 12094032, get(x))
+	set(&x, 5469830342)
+	require.EqualValues(t, 5469830342, get(x))
+}
+
+type lifetime interface {
+	SetExp(uint64)
+	SetIat(uint64)
+	SetNbf(uint64)
+	InvalidAt(uint64) bool
+}
+
+func testInvalidAt(t testing.TB, x lifetime) {
+	require.False(t, x.InvalidAt(0))
+
+	const iat = 13
+	const nbf = iat + 1
+	const exp = nbf + 1
+
+	x.SetIat(iat)
+	x.SetNbf(nbf)
+	x.SetExp(exp)
+
+	require.True(t, x.InvalidAt(iat-1))
+	require.True(t, x.InvalidAt(iat))
+	require.False(t, x.InvalidAt(nbf))
+	require.False(t, x.InvalidAt(exp))
+	require.True(t, x.InvalidAt(exp+1))
+}
+
+func TestInvalidAt(t *testing.T) {
+	testInvalidAt(t, new(session.Container))
+	testInvalidAt(t, new(session.Object))
+}
diff --git a/session/container_test.go b/session/container_test.go
@@ -152,10 +152,9 @@ func TestContainerProtocolV2(t *testing.T) {
 			},
 			restore: restoreLifetime,
 			assert: func(val session.Container) {
-				require.True(t, val.InvalidAt(1))
-				require.False(t, val.InvalidAt(2))
-				require.False(t, val.InvalidAt(3))
-				require.True(t, val.InvalidAt(4))
+				require.EqualValues(t, 1, val.Iat())
+				require.EqualValues(t, 2, val.Nbf())
+				require.EqualValues(t, 3, val.Exp())
 			},
 			breakSign: func(m *v2session.Token) {
 				lt := m.GetBody().GetLifetime()
@@ -624,3 +623,15 @@ func TestContainer_VerifyDataSignature(t *testing.T) {
 	require.False(t, tok.VerifySessionDataSignature(append(data, 1), sigV2.GetSign()))
 	require.False(t, tok.VerifySessionDataSignature(data, append(sigV2.GetSign(), 1)))
 }
+
+func TestContainer_SetExp(t *testing.T) {
+	testLifetimeClaim(t, session.Container.Exp, (*session.Container).SetExp)
+}
+
+func TestContainer_SetIat(t *testing.T) {
+	testLifetimeClaim(t, session.Container.Iat, (*session.Container).SetIat)
+}
+
+func TestContainer_SetNbf(t *testing.T) {
+	testLifetimeClaim(t, session.Container.Nbf, (*session.Container).SetNbf)
+}
diff --git a/session/object_test.go b/session/object_test.go
@@ -157,10 +157,9 @@ func TestObjectProtocolV2(t *testing.T) {
 			},
 			restore: restoreLifetime,
 			assert: func(val session.Object) {
-				require.True(t, val.InvalidAt(1))
-				require.False(t, val.InvalidAt(2))
-				require.False(t, val.InvalidAt(3))
-				require.True(t, val.InvalidAt(4))
+				require.EqualValues(t, 1, val.Iat())
+				require.EqualValues(t, 2, val.Nbf())
+				require.EqualValues(t, 3, val.Exp())
 			},
 			breakSign: func(m *v2session.Token) {
 				lt := m.GetBody().GetLifetime()
@@ -681,3 +680,15 @@ func TestObject_SignedData(t *testing.T) {
 
 	usertest.TestSignedData(t, issuer, &tokenSession)
 }
+
+func TestObject_SetExp(t *testing.T) {
+	testLifetimeClaim(t, session.Object.Exp, (*session.Object).SetExp)
+}
+
+func TestObject_SetIat(t *testing.T) {
+	testLifetimeClaim(t, session.Object.Iat, (*session.Object).SetIat)
+}
+
+func TestObject_SetNbf(t *testing.T) {
+	testLifetimeClaim(t, session.Object.Nbf, (*session.Object).SetNbf)
+}