From: radhika <radhika@curoverse.com>
Date: Thu, 21 Apr 2016 17:04:59 +0000 (-0400)
Subject: 8936: update go tests to use a blob-signature-ttl different than 1s.
X-Git-Tag: 1.1.0~974^2~1
X-Git-Url: https://git.arvados.org/arvados.git/commitdiff_plain/2b152757ce494145c10971c36754c473d21dfcc7

8936: update go tests to use a blob-signature-ttl different than 1s.
---

diff --git a/sdk/go/keepclient/perms_test.go b/sdk/go/keepclient/perms_test.go
index 8670f2b01a..242b15c0a6 100644
--- a/sdk/go/keepclient/perms_test.go
+++ b/sdk/go/keepclient/perms_test.go
@@ -16,11 +16,11 @@ const (
 		"gokee3eamvjy8qq1fvy238838enjmy5wzy2md7yvsitp5vztft6j4q866efym7e6" +
 		"vu5wm9fpnwjyxfldw3vbo01mgjs75rgo7qioh8z8ij7jpyp8508okhgbbex3ceei" +
 		"786u5rw2a9gx743dj3fgq2irk"
-	knownSignature     = "44362129a92a48d02b2e0789c597f970f3b1faf3"
+	knownSignature     = "89118b78732c33104a4d6231e8b5a5fa1e4301e3"
 	knownTimestamp     = "7fffffff"
 	knownSigHint       = "+A" + knownSignature + "@" + knownTimestamp
 	knownSignedLocator = knownLocator + knownSigHint
-	blobSignatureTTL   = time.Second
+	blobSignatureTTL   = 1209600 * time.Second
 )
 
 func TestSignLocator(t *testing.T) {
diff --git a/services/api/test/unit/blob_test.rb b/services/api/test/unit/blob_test.rb
index 29635e240c..8692a739b9 100644
--- a/services/api/test/unit/blob_test.rb
+++ b/services/api/test/unit/blob_test.rb
@@ -18,10 +18,11 @@ class BlobTest < ActiveSupport::TestCase
     '786u5rw2a9gx743dj3fgq2irk'
   @@known_signed_locator = 'acbd18db4cc2f85cedef654fccc4a4d8+3' +
     '+A89118b78732c33104a4d6231e8b5a5fa1e4301e3@7fffffff'
+  @@known_signature_ttl = 1209600
 
   test 'generate predictable invincible signature' do
     original_ttl = Rails.configuration.blob_signature_ttl
-    Rails.configuration.blob_signature_ttl = 1209600
+    Rails.configuration.blob_signature_ttl = @@known_signature_ttl
     signed = Blob.sign_locator @@known_locator, {
       api_token: @@known_token,
       key: @@known_key,
@@ -33,7 +34,7 @@ class BlobTest < ActiveSupport::TestCase
 
   test 'verify predictable invincible signature' do
     original_ttl = Rails.configuration.blob_signature_ttl
-    Rails.configuration.blob_signature_ttl = 1209600
+    Rails.configuration.blob_signature_ttl = @@known_signature_ttl
     assert_equal true, Blob.verify_signature!(@@known_signed_locator,
                                               api_token: @@known_token,
                                               key: @@known_key)
@@ -133,7 +134,7 @@ class BlobTest < ActiveSupport::TestCase
     }
 
     original_ttl = Rails.configuration.blob_signature_ttl
-    Rails.configuration.blob_signature_ttl = original_ttl*2
+    Rails.configuration.blob_signature_ttl = @@known_signature_ttl*2
     signed2 = Blob.sign_locator @@known_locator, {
       api_token: @@known_token,
       key: @@known_key,
diff --git a/services/keepstore/keepstore.go b/services/keepstore/keepstore.go
index b3cc234539..b17cc79e17 100644
--- a/services/keepstore/keepstore.go
+++ b/services/keepstore/keepstore.go
@@ -189,7 +189,7 @@ func main() {
 		&permissionTTLSec,
 		"blob-signature-ttl",
 		int(time.Duration(2*7*24*time.Hour).Seconds()),
-		"Lifetime of blob permission signatures. Modifying the ttl will invalidate all existing signatures"+
+		"Lifetime of blob permission signatures. Modifying the ttl will invalidate all existing signatures. "+
 			"See services/api/config/application.default.yml.")
 	flag.BoolVar(
 		&flagSerializeIO,
diff --git a/services/keepstore/perms_test.go b/services/keepstore/perms_test.go
index c8289c2565..43717b2372 100644
--- a/services/keepstore/perms_test.go
+++ b/services/keepstore/perms_test.go
@@ -17,7 +17,8 @@ const (
 		"gokee3eamvjy8qq1fvy238838enjmy5wzy2md7yvsitp5vztft6j4q866efym7e6" +
 		"vu5wm9fpnwjyxfldw3vbo01mgjs75rgo7qioh8z8ij7jpyp8508okhgbbex3ceei" +
 		"786u5rw2a9gx743dj3fgq2irk"
-	knownSignature     = "44362129a92a48d02b2e0789c597f970f3b1faf3"
+	knownSignatureTTL  = 1209600 * time.Second
+	knownSignature     = "89118b78732c33104a4d6231e8b5a5fa1e4301e3"
 	knownTimestamp     = "7fffffff"
 	knownSigHint       = "+A" + knownSignature + "@" + knownTimestamp
 	knownSignedLocator = knownLocator + knownSigHint
@@ -34,7 +35,7 @@ func TestSignLocator(t *testing.T) {
 	}
 	t0 := time.Unix(tsInt, 0)
 
-	blobSignatureTTL = time.Second
+	blobSignatureTTL = knownSignatureTTL
 
 	PermissionSecret = []byte(knownKey)
 	if x := SignLocator(knownLocator, knownToken, t0); x != knownSignedLocator {
@@ -52,7 +53,7 @@ func TestVerifyLocator(t *testing.T) {
 		PermissionSecret = b
 	}(PermissionSecret)
 
-	blobSignatureTTL = time.Second
+	blobSignatureTTL = knownSignatureTTL
 
 	PermissionSecret = []byte(knownKey)
 	if err := VerifySignature(knownSignedLocator, knownToken); err != nil {
diff --git a/tools/keep-block-check/keep-block-check.go b/tools/keep-block-check/keep-block-check.go
index f27a4bc4c1..569046b70f 100644
--- a/tools/keep-block-check/keep-block-check.go
+++ b/tools/keep-block-check/keep-block-check.go
@@ -49,7 +49,7 @@ func doMain(args []string) error {
 		"Block hash prefix. When a prefix is specified, only hashes listed in the file with this prefix will be checked.")
 
 	blobSignatureTTL := flags.Duration(
-		"blob-signing-ttl",
+		"blob-signature-ttl",
 		0,
 		"Lifetime of blob permission signatures on the keepservers. If not provided, this will be retrieved from the API server's discovery document.")
 
diff --git a/tools/keep-rsync/keep-rsync.go b/tools/keep-rsync/keep-rsync.go
index 912238c3fb..36f7320435 100644
--- a/tools/keep-rsync/keep-rsync.go
+++ b/tools/keep-rsync/keep-rsync.go
@@ -61,7 +61,7 @@ func doMain() error {
 		"Index prefix")
 
 	srcBlobSignatureTTL := flags.Duration(
-		"blob-signing-ttl",
+		"src-blob-signature-ttl",
 		0,
 		"Lifetime of blob permission signatures on source keepservers. If not provided, this will be retrieved from the API server's discovery document.")