Use java.time classes for stored verification code expiration; add tests.
This commit is contained in:
Jon Chambers
Jon Chambers
parent
ce3fb7fa99
commit
111f5ba024
|
|
@ -8,12 +8,14 @@ package org.whispersystems.textsecuregcm.auth;
|
|||
import com.fasterxml.jackson.annotation.JsonCreator;
|
||||
import com.fasterxml.jackson.annotation.JsonProperty;
|
||||
|
||||
import com.google.common.annotations.VisibleForTesting;
|
||||
import org.whispersystems.textsecuregcm.util.Util;
|
||||
|
||||
import javax.annotation.Nullable;
|
||||
import java.security.MessageDigest;
|
||||
import java.time.Duration;
|
||||
import java.time.Instant;
|
||||
import java.util.Optional;
|
||||
import java.util.concurrent.TimeUnit;
|
||||
|
||||
public class StoredVerificationCode {
|
||||
|
||||
|
|
@ -30,6 +32,8 @@ public class StoredVerificationCode {
|
|||
@Nullable
|
||||
private final String twilioVerificationSid;
|
||||
|
||||
public static final Duration EXPIRATION = Duration.ofMinutes(10);
|
||||
|
||||
@JsonCreator
|
||||
public StoredVerificationCode(
|
||||
@JsonProperty("code") final String code,
|
||||
|
|
@ -60,7 +64,12 @@ public class StoredVerificationCode {
|
|||
}
|
||||
|
||||
public boolean isValid(String theirCodeString) {
|
||||
if (timestamp + TimeUnit.MINUTES.toMillis(10) < System.currentTimeMillis()) {
|
||||
return isValid(theirCodeString, Instant.now());
|
||||
}
|
||||
|
||||
@VisibleForTesting
|
||||
boolean isValid(String theirCodeString, Instant currentTime) {
|
||||
if (Instant.ofEpochMilli(timestamp).plus(EXPIRATION).isBefore(currentTime)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -0,0 +1,37 @@
|
|||
/*
|
||||
* Copyright 2013-2021 Signal Messenger, LLC
|
||||
* SPDX-License-Identifier: AGPL-3.0-only
|
||||
*/
|
||||
|
||||
package org.whispersystems.textsecuregcm.auth;
|
||||
|
||||
import org.junit.jupiter.api.Test;
|
||||
import org.junit.jupiter.params.ParameterizedTest;
|
||||
import org.junit.jupiter.params.provider.Arguments;
|
||||
import org.junit.jupiter.params.provider.MethodSource;
|
||||
|
||||
import java.time.Duration;
|
||||
import java.time.Instant;
|
||||
import java.util.stream.Stream;
|
||||
|
||||
import static org.junit.jupiter.api.Assertions.*;
|
||||
|
||||
class StoredVerificationCodeTest {
|
||||
|
||||
@ParameterizedTest
|
||||
@MethodSource
|
||||
void isValid(final StoredVerificationCode storedVerificationCode, final String code, final Instant currentTime, final boolean expectValid) {
|
||||
assertEquals(expectValid, storedVerificationCode.isValid(code, currentTime));
|
||||
}
|
||||
|
||||
private static Stream<Arguments> isValid() {
|
||||
final Instant now = Instant.now();
|
||||
|
||||
return Stream.of(
|
||||
Arguments.of(new StoredVerificationCode("code", now.toEpochMilli(), null, null), "code", now, true),
|
||||
Arguments.of(new StoredVerificationCode("code", now.toEpochMilli(), null, null), "incorrect", now, false),
|
||||
Arguments.of(new StoredVerificationCode("code", now.toEpochMilli(), null, null), "code", now.plus(Duration.ofHours(1)), false),
|
||||
Arguments.of(new StoredVerificationCode("", now.toEpochMilli(), null, null), "", now, false)
|
||||
);
|
||||
}
|
||||
}
|
||||
Loading…
Reference in New Issue