Add test to verify that token from different secret is not accepted
Token is generated by one AuthManager and passed into another for
parsing. As AuthManager have different secrets, parsing should fail.
Change-Id: I5d83cf579690eeafc6745f516c3ccb2702423039
Reviewed-on: https://weave-review.googlesource.com/1945
Reviewed-by: Alex Vakulenko <avakulenko@google.com>
diff --git a/src/privet/auth_manager.cc b/src/privet/auth_manager.cc
index 6a79b93..8e2bfce 100644
--- a/src/privet/auth_manager.cc
+++ b/src/privet/auth_manager.cc
@@ -51,7 +51,8 @@
int64_t timestamp{0};
if (!base::StringToInt64(parts[2], ×tamp))
return kNone;
- *time = base::Time::FromTimeT(timestamp);
+ if (time)
+ *time = base::Time::FromTimeT(timestamp);
return UserInfo{static_cast<AuthScope>(scope), id};
}
diff --git a/src/privet/auth_manager_unittest.cc b/src/privet/auth_manager_unittest.cc
index a7aa621..6a48f11 100644
--- a/src/privet/auth_manager_unittest.cc
+++ b/src/privet/auth_manager_unittest.cc
@@ -108,6 +108,7 @@
auto token = auth.CreateAccessToken(UserInfo{AuthScope::kUser, 5});
base::Time time2;
+ EXPECT_EQ(AuthScope::kNone, auth_.ParseAccessToken(token, nullptr).scope());
EXPECT_EQ(AuthScope::kUser, auth.ParseAccessToken(token, &time2).scope());
EXPECT_EQ(5u, auth.ParseAccessToken(token, &time2).user_id());
// Token timestamp resolution is one second.
