diff --git a/web-services-app/src/main/java/edu/unc/lib/boxc/web/services/processing/SingleUseKeyService.java b/web-services-app/src/main/java/edu/unc/lib/boxc/web/services/processing/SingleUseKeyService.java index 0726406dbb..a61768bb27 100644 --- a/web-services-app/src/main/java/edu/unc/lib/boxc/web/services/processing/SingleUseKeyService.java +++ b/web-services-app/src/main/java/edu/unc/lib/boxc/web/services/processing/SingleUseKeyService.java @@ -19,7 +19,7 @@ public class SingleUseKeyService { public static final String ID = "UUID"; public static final String ACCESS_KEY = "Access Key"; - private static final String TIMESTAMP = "Timestamp"; + private static final String TIMESTAMP = "Expiration Timestamp"; public static final String[] CSV_HEADERS = new String[] {ID, ACCESS_KEY, TIMESTAMP}; public static final long DAY_MILLISECONDS = 86400000; private Path csvPath; @@ -29,12 +29,12 @@ public class SingleUseKeyService { * @param id UUID of the record * @return generated access key */ - public String generate(String id) { + public String generate(String id, long expirationInMilliseconds) { var lock = new ReentrantLock(); var key = getKey(); lock.lock(); try (var csvPrinter = createCsvPrinter(CSV_HEADERS, csvPath)) { - csvPrinter.printRecord(id, key, System.currentTimeMillis()); + csvPrinter.printRecord(id, key, expirationInMilliseconds); } catch (Exception e) { throw new RepositoryException("Failed to write new key to Single Use Key CSV", e); } finally { @@ -54,9 +54,8 @@ public boolean keyIsValid(String id, String key, long currentMilliseconds) throw var csvRecords = parseCsv(CSV_HEADERS, csvPath); for (CSVRecord record : csvRecords) { if (accessKeyMatchesUuid(record, id, key)) { - var startTime = Long.parseLong(record.get(TIMESTAMP)); - long endTime = startTime + DAY_MILLISECONDS; - return currentMilliseconds >= startTime && currentMilliseconds <= endTime; + var expirationTimestamp = Long.parseLong(record.get(TIMESTAMP)); + return currentMilliseconds <= expirationTimestamp; } } return false; @@ -105,6 +104,9 @@ private boolean accessKeyMatchesUuid(CSVRecord record,String uuid, String key) { public static String getKey() { return UUID.randomUUID().toString().replace("-", "") + Long.toHexString(System.nanoTime()); } + public static long getExpirationInMilliseconds() { + return System.currentTimeMillis() + DAY_MILLISECONDS; + } public void setCsvPath(Path csvPath) { this.csvPath = csvPath; diff --git a/web-services-app/src/test/java/edu/unc/lib/boxc/web/services/processing/SingleUseKeyServiceTest.java b/web-services-app/src/test/java/edu/unc/lib/boxc/web/services/processing/SingleUseKeyServiceTest.java index 4b140b7387..f30166222b 100644 --- a/web-services-app/src/test/java/edu/unc/lib/boxc/web/services/processing/SingleUseKeyServiceTest.java +++ b/web-services-app/src/test/java/edu/unc/lib/boxc/web/services/processing/SingleUseKeyServiceTest.java @@ -11,6 +11,7 @@ import static edu.unc.lib.boxc.web.services.processing.SingleUseKeyService.CSV_HEADERS; import static edu.unc.lib.boxc.web.services.processing.SingleUseKeyService.DAY_MILLISECONDS; +import static edu.unc.lib.boxc.web.services.processing.SingleUseKeyService.getExpirationInMilliseconds; import static edu.unc.lib.boxc.web.services.utils.CsvUtil.createCsvPrinter; import static edu.unc.lib.boxc.web.services.utils.CsvUtil.parseCsv; import static org.junit.jupiter.api.Assertions.assertEquals; @@ -46,7 +47,8 @@ public void testGenerate() throws IOException { var oldRecords = parseCsv(CSV_HEADERS, csvPath); assertDoesNotContainValue(oldRecords, SingleUseKeyService.ID, UUID_TEST); - var key = singleUseKeyService.generate(UUID_TEST); + var expirationTime = getExpirationInMilliseconds(); + var key = singleUseKeyService.generate(UUID_TEST, expirationTime); var newRecords = parseCsv(CSV_HEADERS, csvPath); assertContainsAccessKeyPair(newRecords, UUID_TEST, key); } @@ -80,7 +82,7 @@ public void testKeyIsNotValidWrongUUID() throws IOException { public void testKeyIsNotValidCurrentTimeIsMoreThan24hLater() throws IOException { var key = SingleUseKeyService.getKey(); generateDefaultCsv(key); - var currentMilliseconds = System.currentTimeMillis() + (2 * DAY_MILLISECONDS); + var currentMilliseconds = System.currentTimeMillis() + (3 * DAY_MILLISECONDS); assertFalse(singleUseKeyService.keyIsValid(UUID_TEST, key, currentMilliseconds)); } @@ -114,12 +116,13 @@ private void assertContainsAccessKeyPair(List csvRecords, String id, } private void generateDefaultCsv(String key) throws IOException { + var expiration = getExpirationInMilliseconds(); try (var csvPrinter = createCsvPrinter(CSV_HEADERS, csvPath)) { for (String id : ids) { - csvPrinter.printRecord(id, SingleUseKeyService.getKey(), System.currentTimeMillis()); + csvPrinter.printRecord(id, SingleUseKeyService.getKey(), expiration); } if (key != null) { - csvPrinter.printRecord(UUID_TEST, key, System.currentTimeMillis()); + csvPrinter.printRecord(UUID_TEST, key, expiration); } } }