Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
minor #42302 [Security] Remove time-sensitivity from `LoginLinkHandle…
…rTest` (herndlm) This PR was merged into the 5.3 branch. Discussion ---------- [Security] Remove time-sensitivity from `LoginLinkHandlerTest` | Q | A | ------------- | --- | Branch? | 5.3 | Bug fix? | yes | New feature? | no | Deprecations? | no | Tickets | Fix #41338 | License | MIT | Doc PR | n/a Removes time-sensitivity from `LoginLinkHandlerTest::testCreateLoginLink` by additionally comparing the provided expiration time with the current time by using an allowed drift/leeway. Previously only the provided hash was compared by using the current time as basis which was prone to missmatches. Now it uses the provided expiration time as basis instead. Fixes the problem where the test code is assuming that calling `time()` twice (once in the link generation and once in the test expectation) will return the same value where in realityit might return 5 for the first and 6 for the second call only a split second later. Commits ------- 75addf1 Remove time-sensitivity from LoginLinkHandlerTest
- Loading branch information