Commit 9c60db07 authored by Steve Abrams's avatar Steve Abrams Committed by Sean McGivern

Extend conan token expiration to 1 day

Change conan token expiration from 1 hour
to 1 day to better suit user usage patterns.

Changelog: changed
parent a749065a
---
title: Change conan token expiration from 1 hour to 24 hours
merge_request: 60763
author:
type: changed
...@@ -8,6 +8,7 @@ ...@@ -8,6 +8,7 @@
module Gitlab module Gitlab
class ConanToken class ConanToken
HMAC_KEY = 'gitlab-conan-packages' HMAC_KEY = 'gitlab-conan-packages'
CONAN_TOKEN_EXPIRE_TIME = 1.day.freeze
attr_reader :access_token_id, :user_id attr_reader :access_token_id, :user_id
...@@ -57,7 +58,7 @@ module Gitlab ...@@ -57,7 +58,7 @@ module Gitlab
JSONWebToken::HMACToken.new(self.class.secret).tap do |token| JSONWebToken::HMACToken.new(self.class.secret).tap do |token|
token['access_token'] = access_token_id token['access_token'] = access_token_id
token['user_id'] = user_id token['user_id'] = user_id
token.expire_time = token.issued_at + 1.hour token.expire_time = token.issued_at + CONAN_TOKEN_EXPIRE_TIME
end end
end end
end end
......
...@@ -20,7 +20,7 @@ RSpec.describe Gitlab::ConanToken do ...@@ -20,7 +20,7 @@ RSpec.describe Gitlab::ConanToken do
JSONWebToken::HMACToken.new(jwt_secret).tap do |jwt| JSONWebToken::HMACToken.new(jwt_secret).tap do |jwt|
jwt['access_token'] = access_token_id jwt['access_token'] = access_token_id
jwt['user_id'] = user_id || user_id jwt['user_id'] = user_id || user_id
jwt.expire_time = expire_time || jwt.issued_at + 1.hour jwt.expire_time = expire_time || jwt.issued_at + ::Gitlab::ConanToken::CONAN_TOKEN_EXPIRE_TIME
end end
end end
...@@ -75,7 +75,7 @@ RSpec.describe Gitlab::ConanToken do ...@@ -75,7 +75,7 @@ RSpec.describe Gitlab::ConanToken do
it 'returns nil for expired JWT' do it 'returns nil for expired JWT' do
jwt = build_jwt(access_token_id: 123, jwt = build_jwt(access_token_id: 123,
user_id: 456, user_id: 456,
expire_time: Time.zone.now - 2.hours) expire_time: Time.zone.now - (::Gitlab::ConanToken::CONAN_TOKEN_EXPIRE_TIME + 1.hour))
expect(described_class.decode(jwt.encoded)).to be_nil expect(described_class.decode(jwt.encoded)).to be_nil
end end
......
...@@ -106,7 +106,7 @@ RSpec.shared_examples 'conan authenticate endpoint' do ...@@ -106,7 +106,7 @@ RSpec.shared_examples 'conan authenticate endpoint' do
expect(payload['user_id']).to eq(personal_access_token.user_id) expect(payload['user_id']).to eq(personal_access_token.user_id)
duration = payload['exp'] - payload['iat'] duration = payload['exp'] - payload['iat']
expect(duration).to eq(1.hour) expect(duration).to eq(::Gitlab::ConanToken::CONAN_TOKEN_EXPIRE_TIME)
end end
end end
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment