hailey.at / cocoon
An atproto PDS written in Go
fork atom

fix: use float for expiration in service auth request

hailey.at 5f0d713f 4c6db2f1

options
unified split
Changed files
+8 -6
server
handle_server_get_service_auth.go
+8 -6
server/handle_server_get_service_auth.go 
···

       
19

       
19

       
 

       



     

       
20

       
20

       
 

       
type ServerGetServiceAuthRequest struct {


     

       
21

       
21

       
 

       
	Aud string `query:"aud" validate:"required,atproto-did"`


     

       
22

       

       
-

       
	Exp int64  `query:"exp"`


     

       
23

       

       
-

       
	Lxm string `query:"lxm" validate:"required,atproto-nsid"`


     

       

       
22

       
+

       
	// exp should be a float, as some clients will send a non-integer expiration


     

       

       
23

       
+

       
	Exp float64 `query:"exp"`


     

       

       
24

       
+

       
	Lxm string  `query:"lxm" validate:"required,atproto-nsid"`


     

       
24

       
25

       
 

       
}


     

       
25

       
26

       
 

       



     

       
26

       
27

       
 

       
func (s *Server) handleServerGetServiceAuth(e echo.Context) error {


     
···

       
34

       
35

       
 

       
		return helpers.InputError(e, nil)


     

       
35

       
36

       
 

       
	}


     

       
36

       
37

       
 

       



     

       

       
38

       
+

       
	exp := int64(req.Exp)


     

       
37

       
39

       
 

       
	now := time.Now().Unix()


     

       
38

       

       
-

       
	if req.Exp == 0 {


     

       
39

       

       
-

       
		req.Exp = now + 60 // default


     

       

       
40

       
+

       
	if exp == 0 {


     

       

       
41

       
+

       
		exp = now + 60 // default


     

       
40

       
42

       
 

       
	}


     

       
41

       
43

       
 

       



     

       
42

       
44

       
 

       
	if req.Lxm == "com.atproto.server.getServiceAuth" {


     
···

       
44

       
46

       
 

       
	}


     

       
45

       
47

       
 

       



     

       
46

       
48

       
 

       
	maxExp := now + (60 * 30)


     

       
47

       

       
-

       
	if req.Exp > maxExp {


     

       

       
49

       
+

       
	if exp > maxExp {


     

       
48

       
50

       
 

       
		return helpers.InputError(e, to.StringPtr("expiration too big. smoller please"))


     

       
49

       
51

       
 

       
	}


     

       
50

       
52

       
 

       



     
···

       
68

       
70

       
 

       
		"aud": req.Aud,


     

       
69

       
71

       
 

       
		"lxm": req.Lxm,


     

       
70

       
72

       
 

       
		"jti": uuid.NewString(),


     

       
71

       

       
-

       
		"exp": req.Exp,


     

       

       
73

       
+

       
		"exp": exp,


     

       
72

       
74

       
 

       
		"iat": now,


     

       
73

       
75

       
 

       
	}


     

       
74

       
76

       
 

       
	pj, err := json.Marshal(payload)