mirror of
https://github.com/aaif-goose/goose.git
synced 2026-07-03 14:10:03 +02:00
Signed-off-by: Bright Zheng <bzqzheng@gmail.com>
This commit is contained in:
@@ -195,7 +195,9 @@ async function verifyOidcToken(token, env) {
|
||||
if (age > parseInt(env.MAX_TOKEN_AGE_SECONDS, 10)) {
|
||||
return { valid: false, reason: "Token too old" };
|
||||
}
|
||||
} else if (!payload.exp || payload.exp < Date.now() / 1000) {
|
||||
}
|
||||
|
||||
if (!payload.exp || payload.exp < Date.now() / 1000) {
|
||||
return { valid: false, reason: "Token expired" };
|
||||
}
|
||||
|
||||
|
||||
@@ -229,7 +229,7 @@ describe("proxies valid requests", () => {
|
||||
expect((await response.json()).id).toBe("msg_123");
|
||||
});
|
||||
|
||||
it("accepts recently-expired token within MAX_TOKEN_AGE_SECONDS", async () => {
|
||||
it("rejects expired token even when within MAX_TOKEN_AGE_SECONDS", async () => {
|
||||
const now = Math.floor(Date.now() / 1000);
|
||||
const token = await createSignedJwt(
|
||||
validPayload({ iat: now - 600, exp: now - 300 }),
|
||||
@@ -245,7 +245,8 @@ describe("proxies valid requests", () => {
|
||||
const response = await worker.fetch(request, testEnv(), ctx);
|
||||
await waitOnExecutionContext(ctx);
|
||||
|
||||
expect(response.status).toBe(200);
|
||||
expect(response.status).toBe(401);
|
||||
expect((await response.json()).error).toBe("Token expired");
|
||||
});
|
||||
});
|
||||
|
||||
|
||||
Reference in New Issue
Block a user