Skip to content

Commit

Permalink
Revert "[PLT-1263] Add creationTime parameter"
Browse files Browse the repository at this point in the history
This reverts commit 6354e18.
  • Loading branch information
unai-ttxu committed Dec 11, 2024
1 parent 6354e18 commit 284daba
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 6 deletions.
4 changes: 1 addition & 3 deletions pkg/cookies/csrf.go
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,6 @@ type csrf struct {

cookieOpts *options.Cookie
time clock.Clock
creationTime time.Time
}

// csrtStateTrim will indicate the length of the state trimmed for the name of the csrf cookie
Expand All @@ -71,7 +70,6 @@ func NewCSRF(opts *options.Cookie, codeVerifier string) (CSRF, error) {
CodeVerifier: codeVerifier,

cookieOpts: opts,
creationTime: time.Now(),
}, nil
}

Expand Down Expand Up @@ -178,7 +176,7 @@ func ClearExtraCsrfCookies(opts *options.Cookie, rw http.ResponseWriter, req *ht
}

sort.Slice(decodedCookies, func(i, j int) bool {
return decodedCookies[i].creationTime.Before(decodedCookies[j].creationTime)
return decodedCookies[i].time.Now().Before(decodedCookies[j].time.Now())
})

numberToDelete := len(decodedCookies) - opts.CSRFPerRequestLimit
Expand Down
6 changes: 3 additions & 3 deletions pkg/cookies/csrf_per_request_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -200,17 +200,17 @@ var _ = Describe("CSRF Cookie with non-fixed name Tests", func() {
publicCSRF1, err := NewCSRF(cookieOpts, "verifier")
Expect(err).ToNot(HaveOccurred())
privateCSRF1 := publicCSRF1.(*csrf)
privateCSRF1.creationTime.Set(testNow)
privateCSRF1.time.Set(testNow)

publicCSRF2, err := NewCSRF(cookieOpts, "verifier")
Expect(err).ToNot(HaveOccurred())
privateCSRF2 := publicCSRF2.(*csrf)
privateCSRF2.creationTime.Set(testNow.Add(time.Minute))
privateCSRF2.time.Set(testNow.Add(time.Minute))

publicCSRF3, err := NewCSRF(cookieOpts, "verifier")
Expect(err).ToNot(HaveOccurred())
privateCSRF3 := publicCSRF3.(*csrf)
privateCSRF3.creationTime.Set(testNow.Add(time.Minute * 2))
privateCSRF3.time.Set(testNow.Add(time.Minute * 2))

//for the test we set all the cookies on a single request, but in reality this will be multiple requests after another
cookies := []string{}
Expand Down

0 comments on commit 284daba

Please sign in to comment.