diff --git a/lib/services/api/user_token_service.rb b/lib/services/api/user_token_service.rb index a48eb6a3e6d..9ee6987310e 100644 --- a/lib/services/api/user_token_service.rb +++ b/lib/services/api/user_token_service.rb @@ -15,7 +15,7 @@ def token_mgr(type) when 'api', 'ui' # The default API token and UI token share the same TokenStore @token_mgr['api'] ||= new_token_mgr(base_config[:module], base_config[:name], api_config) when 'ws' - @token_mgr['ws'] ||= TokenManager.new('ws', :token_ttl => ::Settings.session.timeout) + @token_mgr['ws'] ||= TokenManager.new('ws', :token_ttl => -> { ::Settings.session.timeout }) end end @@ -55,7 +55,7 @@ def new_token_mgr(mod, name, api_config) token_ttl = api_config[:token_ttl] options = {} - options[:token_ttl] = token_ttl.to_i_with_method if token_ttl + options[:token_ttl] = -> { token_ttl.to_i_with_method } if token_ttl log_init(mod, name, options) if @svc_options[:log_init] TokenManager.new(mod, options) diff --git a/lib/token_manager.rb b/lib/token_manager.rb index 2ffe456a3b6..8b75ad0e8c6 100644 --- a/lib/token_manager.rb +++ b/lib/token_manager.rb @@ -9,17 +9,17 @@ class TokenManager def initialize(namespace = DEFAULT_NS, options = {}) @namespace = namespace - @options = {:token_ttl => 10.minutes}.merge(options) + @options = {:token_ttl => -> { 10.minutes }}.merge(options) end def gen_token(token_options = {}) token = SecureRandom.hex(16) - token_ttl = token_options.delete(:token_ttl_override) || @options[:token_ttl] - token_data = {:token_ttl => token_ttl, :expires_on => Time.now.utc + token_ttl} + ttl = token_options.delete(:token_ttl_override) || token_ttl + token_data = {:token_ttl => ttl, :expires_on => Time.now.utc + ttl} token_store.write(token, token_data.merge!(prune_token_options(token_options)), - :expires_in => @options[:token_ttl]) + :expires_in => token_ttl) token end @@ -27,11 +27,11 @@ def reset_token(token) token_data = token_store.read(token) return {} if token_data.nil? - token_ttl = token_data[:token_ttl] - token_data[:expires_on] = Time.now.utc + token_ttl + ttl = token_data[:token_ttl] + token_data[:expires_on] = Time.now.utc + ttl token_store.write(token, token_data, - :expires_in => token_ttl) + :expires_in => ttl) end def token_get_info(token, what = nil) @@ -48,10 +48,14 @@ def invalidate_token(token) token_store.delete(token) end + def token_ttl + @options[:token_ttl].call + end + private def token_store - TokenStore.acquire(@namespace, @options[:token_ttl]) + TokenStore.acquire(@namespace, token_ttl) end def prune_token_options(token_options = {}) diff --git a/spec/lib/token_manager_spec.rb b/spec/lib/token_manager_spec.rb new file mode 100644 index 00000000000..32bffba6fed --- /dev/null +++ b/spec/lib/token_manager_spec.rb @@ -0,0 +1,24 @@ +RSpec.describe TokenManager do + describe "#token_ttl" do + it "returns the ttl" do + token_manager = described_class.new(described_class::DEFAULT_NS, :token_ttl => -> { 60 }) + + expect(token_manager.token_ttl).to eq(60) + end + + it "defaults to 10 minutes" do + token_manager = described_class.new + + expect(token_manager.token_ttl).to eq(600) + end + + it "evaluates at call time" do + stub_settings(:session => {:timeout => 60}) + token_manager = described_class.new(described_class::DEFAULT_NS, :token_ttl => -> { Settings.session.timeout }) + + stub_settings(:session => {:timeout => 120}) + + expect(token_manager.token_ttl).to eq(120) + end + end +end