From 25e0884f65ef0d4f39f3543d4e37736eef790dfb Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Daniel=20Mart=C3=AD?= <mvdan@mvdan.cc>
Date: Tue, 1 Oct 2024 11:26:15 +0200
Subject: [PATCH] cmd/cue: test storing access token expiry in login
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

`cue login` did this correctly, but our test oauth2 server provided
an "expiry" JSON field rather than the "expires_in" field which
the oauth2 spec mandates for the wire format.

Left another TODO as we don't store the timestamp in UTC at rest.

Signed-off-by: Daniel Martí <mvdan@mvdan.cc>
Change-Id: I453a2690cdf742162510a7b571092f3a853524a5
Reviewed-on: https://review.gerrithub.io/c/cue-lang/cue/+/1202035
Reviewed-by: Roger Peppe <rogpeppe@gmail.com>
TryBot-Result: CUEcueckoo <cueckoo@cuelang.org>
Unity-Result: CUE porcuepine <cue.porcuepine@gmail.com>
---
 cmd/cue/cmd/script_test.go                        | 2 +-
 cmd/cue/cmd/testdata/script/login_immediate.txtar | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/cmd/cue/cmd/script_test.go b/cmd/cue/cmd/script_test.go
index 97dff769d96..45b99f7bd81 100644
--- a/cmd/cue/cmd/script_test.go
+++ b/cmd/cue/cmd/script_test.go
@@ -518,7 +518,7 @@ func newMockRegistryOauth(mode string) *httptest.Server {
 			writeJSON(w, http.StatusOK, oauth2.Token{
 				AccessToken: staticAccessToken,
 				TokenType:   "Bearer",
-				Expiry:      time.Now().Add(time.Hour),
+				ExpiresIn:   int64(time.Hour / time.Second), // 1h in seconds
 			})
 		default:
 			panic(fmt.Sprintf("unknown mode: %q", mode))
diff --git a/cmd/cue/cmd/testdata/script/login_immediate.txtar b/cmd/cue/cmd/testdata/script/login_immediate.txtar
index be276c112d4..1d383bf258a 100644
--- a/cmd/cue/cmd/testdata/script/login_immediate.txtar
+++ b/cmd/cue/cmd/testdata/script/login_immediate.txtar
@@ -14,7 +14,7 @@ grep -count=1 '"access_token"' cueconfig/logins.json
 # Ensure the contents of the token look correct.
 grep -count=1 '"access_token": "secret-access-token"' cueconfig/logins.json
 grep -count=1 '"token_type": "Bearer"' cueconfig/logins.json
-# TODO(mvdan): oauthregistry does not provide expires_in correctly.
-! grep '"expiry": ' cueconfig/logins.json
+# TODO(mvdan): store expiry timestamps in UTC for consistency.
+grep '"expiry": "20..-..-..T' cueconfig/logins.json
 # oauthregistry does not give a refresh token, and we use encoding/json's omitempty.
 ! grep '"refresh_token"' cueconfig/logins.json