summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAzul <azul@leap.se>2014-07-09 22:53:05 +0200
committerAzul <azul@leap.se>2014-07-12 09:14:23 +0200
commitbdd5060ccc13951524c171e2d3b81eeddec1625d (patch)
treebc07fcec83529a43c95cd1c54f0c4f43c77e51dd
parentcc1666d9832415058bf0b22bb5912e432261af4f (diff)
fix tests and simplify time calculations
-rw-r--r--app/models/client_certificate.rb30
-rw-r--r--test/functional/v1/smtp_certs_controller_test.rb3
-rw-r--r--test/integration/api/smtp_cert_test.rb6
3 files changed, 16 insertions, 23 deletions
diff --git a/app/models/client_certificate.rb b/app/models/client_certificate.rb
index 6b57985..815801e 100644
--- a/app/models/client_certificate.rb
+++ b/app/models/client_certificate.rb
@@ -48,7 +48,7 @@ class ClientCertificate
end
def expiry
- @expiry ||= months_from_yesterday(APP_CONFIG[:client_cert_lifespan])
+ @expiry ||= lifespan.months.from_now.utc.at_midnight
end
private
@@ -103,28 +103,18 @@ class ClientCertificate
}
end
- ##
- ## TIME HELPERS
- ##
- ## note: we use 'yesterday' instead of 'today', because times are in UTC, and some people on the planet
- ## are behind UTC.
- ##
-
- def yesterday
- t = Time.now - 24*60*60
- Time.utc t.year, t.month, t.day
- end
+ #
+ # TIME HELPERS
+ #
+ # We normalize timestamps at utc and midnight
+ # to reduce the fingerprinting possibilities.
+ #
def last_month
- t = Time.now - 24*60*60*30
- Time.utc t.year, t.month, t.day
+ 1.month.ago.utc.at_midnight
end
- def months_from_yesterday(num)
- t = yesterday
- date = Date.new t.year, t.month, t.day
- date = date >> num # >> is months in the future operator
- Time.utc date.year, date.month, date.day
+ def lifespan
+ APP_CONFIG[:client_cert_lifespan]
end
-
end
diff --git a/test/functional/v1/smtp_certs_controller_test.rb b/test/functional/v1/smtp_certs_controller_test.rb
index 9281ae6..3427e2d 100644
--- a/test/functional/v1/smtp_certs_controller_test.rb
+++ b/test/functional/v1/smtp_certs_controller_test.rb
@@ -27,7 +27,8 @@ class V1::SmtpCertsControllerTest < ActionController::TestCase
protected
def expect_cert(prefix)
- cert = stub :to_s => "#{prefix.downcase} cert"
+ cert = stub to_s: "#{prefix.downcase} cert",
+ expiry: 1.month.from_now.utc.at_midnight
ClientCertificate.expects(:new).
with(:prefix => prefix).
returns(cert)
diff --git a/test/integration/api/smtp_cert_test.rb b/test/integration/api/smtp_cert_test.rb
index f72362d..7697e44 100644
--- a/test/integration/api/smtp_cert_test.rb
+++ b/test/integration/api/smtp_cert_test.rb
@@ -33,8 +33,10 @@ class SmtpCertTest < ApiIntegrationTest
assert_text_response
cert = OpenSSL::X509::Certificate.new(get_response.body)
fingerprint = OpenSSL::Digest::SHA1.hexdigest(cert.to_der).scan(/../).join(':')
- today = DateTime.now.to_date.to_s
- assert_equal({fingerprint => today}, @user.reload.identity.cert_fingerprints)
+ expiry = APP_CONFIG[:client_cert_lifespan].months.from_now.utc.midnight
+ expiry_string = expiry.to_date.to_s
+ fingerprints = {fingerprint => expiry_string}
+ assert_equal fingerprints, @user.reload.identity.cert_fingerprints
end
test "fetching smtp certs requires email account" do