X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/dc2a2c8ebd1a11e4a64555fda22c6859a51defff..1253bdcdc5dc43dc3880751a7255256c292e0ddc:/test/models/oauth_nonce_test.rb diff --git a/test/models/oauth_nonce_test.rb b/test/models/oauth_nonce_test.rb index f170bc69d..56178fb5f 100644 --- a/test/models/oauth_nonce_test.rb +++ b/test/models/oauth_nonce_test.rb @@ -1,19 +1,29 @@ require "test_helper" class OauthNonceTest < ActiveSupport::TestCase - api_fixtures - ## # the nonce has only one property, that it is a unique pair of # string and timestamp. def test_nonce_uniqueness string = "0123456789ABCDEF" - timestamp = Time.now + timestamp = Time.now.to_i nonce1 = OauthNonce.remember(string, timestamp) assert_not_equal false, nonce1, "First nonce should be unique. Check your test database is empty." nonce2 = OauthNonce.remember(string, timestamp) - assert_equal false, nonce2, "Shouldn't be able to remember the same nonce twice." + assert_not nonce2, "Shouldn't be able to remember the same nonce twice." + end + + ## + # nonces that are not current should be rejected + def test_nonce_not_current + string = "0123456789ABCDEF" + + nonce1 = OauthNonce.remember(string, Time.now.to_i - 86430) + assert_not nonce1, "Nonces over a day in the past should be rejected" + + nonce2 = OauthNonce.remember(string, Time.now.to_i - 86370) + assert_not_equal false, nonce2, "Nonces under a day in the past should be rejected" end end