From 295775898f992d8e731fb75c85b4e684d60b09cf Mon Sep 17 00:00:00 2001
From: Sharon Luong <snluong@email.lib.unc.edu>
Date: Wed, 20 Dec 2023 17:14:44 -0500
Subject: [PATCH] BXC-4358 adjusting timestamp in CSV to be expiration
 timestamp

---
 .../services/processing/SingleUseKeyService.java   | 14 ++++++++------
 .../processing/SingleUseKeyServiceTest.java        | 11 +++++++----
 2 files changed, 15 insertions(+), 10 deletions(-)

diff --git a/web-services-app/src/main/java/edu/unc/lib/boxc/web/services/processing/SingleUseKeyService.java b/web-services-app/src/main/java/edu/unc/lib/boxc/web/services/processing/SingleUseKeyService.java
index 0726406dbb..a61768bb27 100644
--- a/web-services-app/src/main/java/edu/unc/lib/boxc/web/services/processing/SingleUseKeyService.java
+++ b/web-services-app/src/main/java/edu/unc/lib/boxc/web/services/processing/SingleUseKeyService.java
@@ -19,7 +19,7 @@
 public class SingleUseKeyService {
     public static final String ID = "UUID";
     public static final String ACCESS_KEY = "Access Key";
-    private static final String TIMESTAMP = "Timestamp";
+    private static final String TIMESTAMP = "Expiration Timestamp";
     public static final String[] CSV_HEADERS = new String[] {ID, ACCESS_KEY, TIMESTAMP};
     public static final long DAY_MILLISECONDS = 86400000;
     private Path csvPath;
@@ -29,12 +29,12 @@ public class SingleUseKeyService {
      * @param id UUID of the record
      * @return generated access key
      */
-    public String generate(String id) {
+    public String generate(String id, long expirationInMilliseconds) {
         var lock = new ReentrantLock();
         var key = getKey();
         lock.lock();
         try (var csvPrinter = createCsvPrinter(CSV_HEADERS, csvPath)) {
-            csvPrinter.printRecord(id, key, System.currentTimeMillis());
+            csvPrinter.printRecord(id, key, expirationInMilliseconds);
         } catch (Exception e) {
             throw new RepositoryException("Failed to write new key to Single Use Key CSV", e);
         } finally {
@@ -54,9 +54,8 @@ public boolean keyIsValid(String id, String key, long currentMilliseconds) throw
         var csvRecords = parseCsv(CSV_HEADERS, csvPath);
         for (CSVRecord record : csvRecords) {
             if (accessKeyMatchesUuid(record, id, key)) {
-                var startTime = Long.parseLong(record.get(TIMESTAMP));
-                long endTime = startTime + DAY_MILLISECONDS;
-                return currentMilliseconds >= startTime && currentMilliseconds <= endTime;
+                var expirationTimestamp = Long.parseLong(record.get(TIMESTAMP));
+                return currentMilliseconds <= expirationTimestamp;
             }
         }
         return false;
@@ -105,6 +104,9 @@ private boolean accessKeyMatchesUuid(CSVRecord record,String uuid, String key) {
     public static String getKey() {
         return UUID.randomUUID().toString().replace("-", "") + Long.toHexString(System.nanoTime());
     }
+    public static long getExpirationInMilliseconds() {
+        return System.currentTimeMillis() + DAY_MILLISECONDS;
+    }
 
     public void setCsvPath(Path csvPath) {
         this.csvPath = csvPath;
diff --git a/web-services-app/src/test/java/edu/unc/lib/boxc/web/services/processing/SingleUseKeyServiceTest.java b/web-services-app/src/test/java/edu/unc/lib/boxc/web/services/processing/SingleUseKeyServiceTest.java
index 4b140b7387..f30166222b 100644
--- a/web-services-app/src/test/java/edu/unc/lib/boxc/web/services/processing/SingleUseKeyServiceTest.java
+++ b/web-services-app/src/test/java/edu/unc/lib/boxc/web/services/processing/SingleUseKeyServiceTest.java
@@ -11,6 +11,7 @@
 
 import static edu.unc.lib.boxc.web.services.processing.SingleUseKeyService.CSV_HEADERS;
 import static edu.unc.lib.boxc.web.services.processing.SingleUseKeyService.DAY_MILLISECONDS;
+import static edu.unc.lib.boxc.web.services.processing.SingleUseKeyService.getExpirationInMilliseconds;
 import static edu.unc.lib.boxc.web.services.utils.CsvUtil.createCsvPrinter;
 import static edu.unc.lib.boxc.web.services.utils.CsvUtil.parseCsv;
 import static org.junit.jupiter.api.Assertions.assertEquals;
@@ -46,7 +47,8 @@ public void testGenerate() throws IOException {
         var oldRecords = parseCsv(CSV_HEADERS, csvPath);
         assertDoesNotContainValue(oldRecords, SingleUseKeyService.ID, UUID_TEST);
 
-        var key = singleUseKeyService.generate(UUID_TEST);
+        var expirationTime = getExpirationInMilliseconds();
+        var key = singleUseKeyService.generate(UUID_TEST, expirationTime);
         var newRecords = parseCsv(CSV_HEADERS, csvPath);
         assertContainsAccessKeyPair(newRecords, UUID_TEST, key);
     }
@@ -80,7 +82,7 @@ public void testKeyIsNotValidWrongUUID() throws IOException {
     public void testKeyIsNotValidCurrentTimeIsMoreThan24hLater() throws IOException {
         var key = SingleUseKeyService.getKey();
         generateDefaultCsv(key);
-        var currentMilliseconds = System.currentTimeMillis() + (2 * DAY_MILLISECONDS);
+        var currentMilliseconds = System.currentTimeMillis() + (3 * DAY_MILLISECONDS);
         assertFalse(singleUseKeyService.keyIsValid(UUID_TEST, key, currentMilliseconds));
     }
 
@@ -114,12 +116,13 @@ private void assertContainsAccessKeyPair(List<CSVRecord> csvRecords, String id,
     }
 
     private void generateDefaultCsv(String key) throws IOException {
+        var expiration = getExpirationInMilliseconds();
         try (var csvPrinter = createCsvPrinter(CSV_HEADERS, csvPath)) {
              for (String id : ids) {
-                 csvPrinter.printRecord(id, SingleUseKeyService.getKey(), System.currentTimeMillis());
+                 csvPrinter.printRecord(id, SingleUseKeyService.getKey(), expiration);
              }
              if (key != null) {
-                 csvPrinter.printRecord(UUID_TEST, key, System.currentTimeMillis());
+                 csvPrinter.printRecord(UUID_TEST, key, expiration);
              }
         }
     }