summaryrefslogtreecommitdiff
path: root/app/models/client_certificate.rb
diff options
context:
space:
mode:
authorazul <azul@leap.se>2014-07-14 07:52:12 +0200
committerazul <azul@leap.se>2014-07-14 07:52:12 +0200
commit07b141f3d677e993f02380b455738b20b9f0fe42 (patch)
tree553111ac07f6100738f29ddc7165fa800852f224 /app/models/client_certificate.rb
parent1c7308207a9ab46cfb60c72aceaee2b3c82281fe (diff)
parent3bbfdf29bbc40432c21e34fe84060cf9ae70273f (diff)
Merge pull request #175 from azul/feature/view-for-valid-certs
Feature/view for valid certs
Diffstat (limited to 'app/models/client_certificate.rb')
-rw-r--r--app/models/client_certificate.rb34
1 files changed, 14 insertions, 20 deletions
diff --git a/app/models/client_certificate.rb b/app/models/client_certificate.rb
index d5bb1e0..815801e 100644
--- a/app/models/client_certificate.rb
+++ b/app/models/client_certificate.rb
@@ -25,7 +25,7 @@ class ClientCertificate
# set expiration
cert.not_before = last_month
- cert.not_after = months_from_yesterday(APP_CONFIG[:client_cert_lifespan])
+ cert.not_after = expiry
# generate key
cert.serial_number.number = cert_serial_number
@@ -47,6 +47,10 @@ class ClientCertificate
OpenSSL::Digest::SHA1.hexdigest(openssl_cert.to_der).scan(/../).join(':')
end
+ def expiry
+ @expiry ||= lifespan.months.from_now.utc.at_midnight
+ end
+
private
def openssl_cert
@@ -99,28 +103,18 @@ class ClientCertificate
}
end
- ##
- ## TIME HELPERS
- ##
- ## note: we use 'yesterday' instead of 'today', because times are in UTC, and some people on the planet
- ## are behind UTC.
- ##
-
- def yesterday
- t = Time.now - 24*60*60
- Time.utc t.year, t.month, t.day
- end
+ #
+ # TIME HELPERS
+ #
+ # We normalize timestamps at utc and midnight
+ # to reduce the fingerprinting possibilities.
+ #
def last_month
- t = Time.now - 24*60*60*30
- Time.utc t.year, t.month, t.day
+ 1.month.ago.utc.at_midnight
end
- def months_from_yesterday(num)
- t = yesterday
- date = Date.new t.year, t.month, t.day
- date = date >> num # >> is months in the future operator
- Time.utc date.year, date.month, date.day
+ def lifespan
+ APP_CONFIG[:client_cert_lifespan]
end
-
end