Permalink
Browse files

Fix request loop on non-stale nonce with time_limit parameter.

  • Loading branch information...
1 parent edc8b92 commit 4f81156e25e4d8bc1492fbe0b45295d71d70f320 @dayflower dayflower committed Jul 12, 2012
Showing with 15 additions and 1 deletion.
  1. +1 −1 lib/rack/auth/digest/nonce.rb
  2. +14 −0 test/spec_auth_digest.rb
@@ -38,7 +38,7 @@ def valid?
end
def stale?
- !self.class.time_limit.nil? && (@timestamp - Time.now.to_i) < self.class.time_limit
+ !self.class.time_limit.nil? && (Time.now.to_i - @timestamp) > self.class.time_limit
end
def fresh?
View
@@ -153,6 +153,20 @@ def assert_bad_request(response)
end
end
+ should 'not rechallenge if nonce is not stale' do
+ begin
+ Rack::Auth::Digest::Nonce.time_limit = 10
+
+ request_with_digest_auth 'GET', '/', 'Alice', 'correct-password', :wait => 1 do |response|
+ response.status.should.equal 200
+ response.body.to_s.should.equal 'Hi Alice'
+ response.headers['WWW-Authenticate'].should.not =~ /\bstale=true\b/
+ end
+ ensure
+ Rack::Auth::Digest::Nonce.time_limit = nil
+ end
+ end
+
should 'rechallenge with stale parameter if nonce is stale' do
begin
Rack::Auth::Digest::Nonce.time_limit = 1

0 comments on commit 4f81156

Please sign in to comment.