willdot.net / cocoon
forked from hailey.at/cocoon
An atproto PDS written in Go
fork atom

fix: use float for expiration in service auth request

hailey.at 5f0d713f 4c6db2f1

options
unified split
Changed files
+8 -6
server
handle_server_get_service_auth.go
+8 -6
server/handle_server_get_service_auth.go
··· 19 19 20 20 type ServerGetServiceAuthRequest struct { 21 21 Aud string `query:"aud" validate:"required,atproto-did"` 22 - Exp int64 `query:"exp"` 23 - Lxm string `query:"lxm" validate:"required,atproto-nsid"` 22 + // exp should be a float, as some clients will send a non-integer expiration 23 + Exp float64 `query:"exp"` 24 + Lxm string `query:"lxm" validate:"required,atproto-nsid"` 24 25 } 25 26 26 27 func (s *Server) handleServerGetServiceAuth(e echo.Context) error { ··· 34 35 return helpers.InputError(e, nil) 35 36 } 36 37 38 + exp := int64(req.Exp) 37 39 now := time.Now().Unix() 38 - if req.Exp == 0 { 39 - req.Exp = now + 60 // default 40 + if exp == 0 { 41 + exp = now + 60 // default 40 42 } 41 43 42 44 if req.Lxm == "com.atproto.server.getServiceAuth" { ··· 44 46 } 45 47 46 48 maxExp := now + (60 * 30) 47 - if req.Exp > maxExp { 49 + if exp > maxExp { 48 50 return helpers.InputError(e, to.StringPtr("expiration too big. smoller please")) 49 51 } 50 52 ··· 68 70 "aud": req.Aud, 69 71 "lxm": req.Lxm, 70 72 "jti": uuid.NewString(), 71 - "exp": req.Exp, 73 + "exp": exp, 72 74 "iat": now, 73 75 } 74 76 pj, err := json.Marshal(payload)