From 02c17d875ed0b7e1a9c90353aa58f8375f512bd2 Mon Sep 17 00:00:00 2001 From: Matt Moyer Date: Thu, 30 Jul 2020 16:43:20 -0500 Subject: [PATCH] Update the LoginRequest server to return an expiration timestamp. Signed-off-by: Matt Moyer --- internal/registry/loginrequest/rest.go | 3 ++- internal/registry/loginrequest/rest_test.go | 7 +++++++ 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/internal/registry/loginrequest/rest.go b/internal/registry/loginrequest/rest.go index afa0cb91..c645a640 100644 --- a/internal/registry/loginrequest/rest.go +++ b/internal/registry/loginrequest/rest.go @@ -138,10 +138,11 @@ func (r *REST) Create(ctx context.Context, obj runtime.Object, createValidation return failureResponse(), nil } + expires := metav1.NewTime(time.Now().UTC().Add(clientCertificateTTL)) return &placeholderapi.LoginRequest{ Status: placeholderapi.LoginRequestStatus{ Credential: &placeholderapi.LoginRequestCredential{ - ExpirationTimestamp: nil, + ExpirationTimestamp: &expires, ClientCertificateData: string(certPEM), ClientKeyData: string(keyPEM), }, diff --git a/internal/registry/loginrequest/rest_test.go b/internal/registry/loginrequest/rest_test.go index 15022471..986872fc 100644 --- a/internal/registry/loginrequest/rest_test.go +++ b/internal/registry/loginrequest/rest_test.go @@ -153,6 +153,13 @@ func TestCreateSucceedsWhenGivenATokenAndTheWebhookAuthenticatesTheToken(t *test response, err := callCreate(context.Background(), storage, validLoginRequestWithToken(requestToken)) require.NoError(t, err) + require.IsType(t, &placeholderapi.LoginRequest{}, response) + + expires := response.(*placeholderapi.LoginRequest).Status.Credential.ExpirationTimestamp + require.NotNil(t, expires) + require.InDelta(t, time.Now().Add(1*time.Hour).Unix(), expires.Unix(), 5) + response.(*placeholderapi.LoginRequest).Status.Credential.ExpirationTimestamp = nil + require.Equal(t, response, &placeholderapi.LoginRequest{ Status: placeholderapi.LoginRequestStatus{ User: &placeholderapi.User{