Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(kv): don't set session expiration time to earlier than existing expiration on renew session #17751

Merged
merged 3 commits into from
Apr 15, 2020
Merged

fix(kv): don't set session expiration time to earlier than existing expiration on renew session #17751

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
d043a6b
chore(kv): add failing test for session renewal extension
GeorgeMac Apr 15, 2020
62928d7
fix(kv): ensure renew session only updates expiration if it is newer …
GeorgeMac Apr 15, 2020
545ace2
chore: update changelog to reflect renew session expiration fix
GeorgeMac Apr 15, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@
### Bug Fixes

1. [17618](https://github.com/influxdata/influxdb/pull/17618): Add index for URM by user ID to improve lookup performance
1. [17751](https://github.com/influxdata/influxdb/pull/17751): Existing session expiration time is respected on session renewal

### UI Improvements

Expand Down
24 changes: 22 additions & 2 deletions kv/session.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,13 +28,33 @@ func (s *Service) RenewSession(ctx context.Context, session *influxdb.Session, n
Msg: "session is nil",
}
}

// session already has longer expiration
if newExpiration.Before(session.ExpiresAt) {
return nil
}

return s.kv.Update(ctx, func(tx Tx) error {
session.ExpiresAt = newExpiration
if err := s.putSession(ctx, tx, session); err != nil {
sess, err := s.findSession(ctx, tx, session.Key)
if err != nil {
return err
}

// session already has longer expiration
if newExpiration.Before(session.ExpiresAt) {
return nil
}

sess.ExpiresAt = newExpiration

if err := s.putSession(ctx, tx, sess); err != nil {
return &influxdb.Error{
Err: err,
}
}

*session = *sess

return nil
})
}
Expand Down
68 changes: 53 additions & 15 deletions testing/session.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,19 +18,23 @@ const (
sessionTwoID = "020f755c3c082001"
)

var sessionCmpOptions = cmp.Options{
cmp.Comparer(func(x, y []byte) bool {
return bytes.Equal(x, y)
}),
cmp.Transformer("Sort", func(in []*platform.Session) []*platform.Session {
out := append([]*platform.Session(nil), in...) // Copy input to avoid mutating it
sort.Slice(out, func(i, j int) bool {
return out[i].ID.String() > out[j].ID.String()
})
return out
}),
cmpopts.IgnoreFields(platform.Session{}, "CreatedAt", "ExpiresAt", "Permissions"),
cmpopts.EquateEmpty(),
var sessionCmpOptions = sessionCompareOptions("CreatedAt", "ExpiresAt", "Permissions")

func sessionCompareOptions(ignore ...string) cmp.Options {
return cmp.Options{
cmp.Comparer(func(x, y []byte) bool {
return bytes.Equal(x, y)
}),
cmp.Transformer("Sort", func(in []*platform.Session) []*platform.Session {
out := append([]*platform.Session(nil), in...) // Copy input to avoid mutating it
sort.Slice(out, func(i, j int) bool {
return out[i].ID.String() > out[j].ID.String()
})
return out
}),
cmpopts.IgnoreFields(platform.Session{}, ignore...),
cmpopts.EquateEmpty(),
}
}

// SessionFields will include the IDGenerator, TokenGenerator, Sessions, and Users
Expand Down Expand Up @@ -336,6 +340,39 @@ func RenewSession(
},
},
},
{
name: "renew session with an earlier time than existing expiration",
fields: SessionFields{
IDGenerator: mock.NewIDGenerator(sessionTwoID, t),
TokenGenerator: mock.NewTokenGenerator("abc123xyz", nil),
Sessions: []*platform.Session{
{
ID: MustIDBase16(sessionOneID),
UserID: MustIDBase16(sessionTwoID),
Key: "abc123xyz",
ExpiresAt: time.Date(2031, 9, 26, 0, 0, 0, 0, time.UTC),
},
},
},
args: args{
session: &platform.Session{
ID: MustIDBase16(sessionOneID),
UserID: MustIDBase16(sessionTwoID),
Key: "abc123xyz",
ExpiresAt: time.Date(2031, 9, 26, 0, 0, 0, 0, time.UTC),
},
key: "abc123xyz",
expireAt: time.Date(2030, 9, 26, 0, 0, 0, 0, time.UTC),
},
wants: wants{
session: &platform.Session{
ID: MustIDBase16(sessionOneID),
UserID: MustIDBase16(sessionTwoID),
Key: "abc123xyz",
ExpiresAt: time.Date(2031, 9, 26, 0, 0, 0, 0, time.UTC),
},
},
},
{
name: "renew nil session",
fields: SessionFields{
Expand Down Expand Up @@ -364,7 +401,7 @@ func RenewSession(
ID: MustIDBase16(sessionOneID),
UserID: MustIDBase16(sessionTwoID),
Key: "abc123xyz",
ExpiresAt: time.Date(2031, 9, 26, 0, 0, 10, 0, time.UTC),
ExpiresAt: time.Date(2030, 9, 26, 0, 0, 0, 0, time.UTC),
},
},
},
Expand All @@ -384,7 +421,8 @@ func RenewSession(
t.Errorf("err in find session %v", err)
}

if diff := cmp.Diff(session, tt.wants.session, sessionCmpOptions...); diff != "" {
cmpOptions := sessionCompareOptions("CreatedAt", "Permissions")
if diff := cmp.Diff(session, tt.wants.session, cmpOptions...); diff != "" {
t.Errorf("session is different -got/+want\ndiff %s", diff)
}
})
Expand Down