RSA10k #495
RSA10k #495
Conversation
|
This PR addresses some of the points from the previous PRs about testing time which is good ,, thanks. |
|
Sorry, should I redo something here? |
I should have been clearer, I think this PR is fine. However, given the equivalent Java one that I saw was not actually using the offset, can you think of any way to check that the offset is really being used on subsequent requests? |
|
Ok, let me try to describe one case.
I guess you want us also to check such case for subsequent requests, right? |
Well yes, some coverage that demonstrably shows that the offset is effecting the time. You could inject a fake offset and check it effects token, or if you can think of a better way then that would good too, I just want to be sure the offset is actually used as per the spec. |
|
Please review and merge if everything looks good |
| callback(nil, error); | ||
| } else { | ||
| NSDate *dateNow = [NSDate date]; | ||
| long long nowMillis = [dateNow timeIntervalSince1970]*1000; |
There was a problem hiding this comment.
Why do you convert the NSTimeIntervals to long long and then to NSNumber instead of just storing the time offset as a NSTimeInterval? And why do you multiply by 1000 instead of working with seconds with decimals, which is what NSTimeInterval is?
| XCTFail("tokenRequest is nil"); return | ||
| } | ||
| expect(rest.auth.timeOffset).toNot(beNil()) | ||
| rest.auth.discardTimeOffset() |
There was a problem hiding this comment.
This is not needed. It's saying the it's possible that the "Client" should be able to discard the local clock offset, not the user. Anyway, leave now, but this spec item was simply a statement to make it clear that the client library developer when writing the client could under certain circumstances choose to discard the offset internally.
|
Will change the base to |
ricardopereira
force-pushed
the
RSA10k
branch
from
62780bd to
2af80c5
Compare
|
Squashed. |
|
Not passing. I think some pieces are missing. |
|
|
Thanks @ricardopereira. TBH actually handling the changing timezones is not something we worried about hence why it's deliberately unspecified in the lib, but glad you've done it so worth merging in now. |
ricardopereira
force-pushed
the
RSA10k
branch
2 times, most recently
from
7936ed5 to
7fbbec4
Compare
|
@tcard PTAL |
|
@tcard are you happy for this to be merged? |
| } | ||
| }]; | ||
| } else { | ||
| if (_timeOffset) { |
There was a problem hiding this comment.
This will prevent the server time to be queried even if queryTime is set to true, which is not what I would expect, although RSA10k makes it kind of ambiguous: "If the AuthOption argument’s queryTime attribute is true, it will obtain the server time once and persist the offset from the local clock" contradicts with "All future token requests generated directly or indirectly via a call to authorize will not obtain the server time" if authorize is called with queryTime true (triggering the first condition) a second time (triggering the second condition).
@mattheworiordan can you confirm this is expected?
ricardopereira
force-pushed
the
RSA10k
branch
2 times, most recently
from
3588ff0 to
f8a395e
Compare
|
Can I squash and rebase? |
ricardopereira
force-pushed
the
RSA10k
branch
from
07c2fc5 to
a1548cf
Compare
ricardopereira
force-pushed
the
RSA10k
branch
from
a1548cf to
e68c8b0
Compare
No description provided.