appPassword: add expiry

2026-02-12 12:58:50 +01:00
parent 93a0063941
commit e9c3e42aa6
16 changed files with 226 additions and 62 deletions
@@ -21,12 +21,12 @@ describe('App passwords', function () {

    let id, password;
    it('cannot add bad app password', async function () {
-        const [error] = await safe(appPasswords.add(admin.id, 'appid', 'x'.repeat(201)));
+        const [error] = await safe(appPasswords.add(admin.id, 'appid', 'x'.repeat(201), null));
        expect(error.reason).to.be(BoxError.BAD_FIELD);
    });

    it('can add app password', async function () {
-        const result = await appPasswords.add(admin.id, 'appid', 'spark');
+        const result = await appPasswords.add(admin.id, 'appid', 'spark', null);
        expect(result.id).to.be.a('string');
        expect(result.password).to.be.a('string');
        id = result.id;
@@ -90,4 +90,38 @@ describe('App passwords', function () {
        const [error] = await safe(appPasswords.del('random'));
        expect(error.reason).to.be(BoxError.NOT_FOUND);
    });
+
+    // expiry tests
+    let expiredPassword;
+    it('can add app password with expiry', async function () {
+        const result = await appPasswords.add(admin.id, 'appid', 'expiring', new Date(Date.now() + 60000).toISOString());
+        expect(result.id).to.be.a('string');
+        expect(result.password).to.be.a('string');
+        expiredPassword = result.password;
+    });
+
+    it('can verify non-expired app password', async function () {
+        const result = await users.verifyWithId(admin.id, expiredPassword, 'appid', {});
+        expect(result).to.be.ok();
+        expect(result.appPassword).to.be(true);
+    });
+
+    let pastId, pastPassword;
+    it('can add app password with past expiry', async function () {
+        const result = await appPasswords.add(admin.id, 'appid', 'expired', new Date(Date.now() - 60000).toISOString());
+        expect(result.id).to.be.a('string');
+        expect(result.password).to.be.a('string');
+        pastId = result.id;
+        pastPassword = result.password;
+    });
+
+    it('cannot verify expired app password', async function () {
+        const [error, result] = await safe(users.verifyWithId(admin.id, pastPassword, 'appid', {}));
+        expect(result).to.not.be.ok();
+        expect(error.reason).to.be(BoxError.INVALID_CREDENTIALS);
+    });
+
+    it('can del expired app password', async function () {
+        await appPasswords.del(pastId);
+    });
 });