Commit ac8262d
authored
fix: defense in depth -- fail-closed expiry enforcement in credential verification (#262)
* fix: fail-closed expiry enforcement in credential verification
Previously, credentials with no expires field were silently accepted
because the check used `if (expires && ...)` which skips when
expires is undefined.
Now the handler rejects credentials missing expires with an
InvalidChallengeError before checking the timestamp. Method-specific
verify functions (Stripe, Tempo) also enforce fail-closed.
Adds test for missing-expires rejection.
MPP-F4
* test: add malformed expires guard and test
- Reject credentials with unparseable expires (NaN date) as InvalidChallengeError
- Guards added to core handler, Stripe verify, and Tempo verify
- Test: 'returns 402 when credential challenge has malformed expires'
* style: fix formatter nit in Stripe Charge.ts
* refactor: unify expiry checks into Expires.assert helper
* fix: align Expires.assert types with InvalidChallengeError.Options1 parent bef374b commit ac8262d
File tree
5 files changed
+121
-14
lines changed- src
- server
- stripe/server
- tempo/server
5 files changed
+121
-14
lines changed| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
| 1 | + | |
| 2 | + | |
| 3 | + | |
| 4 | + | |
| 5 | + | |
| 6 | + | |
| 7 | + | |
| 8 | + | |
| 9 | + | |
| 10 | + | |
| 11 | + | |
| 12 | + | |
| 13 | + | |
| 14 | + | |
| 15 | + | |
| 16 | + | |
| 17 | + | |
| 18 | + | |
| 19 | + | |
| 20 | + | |
| 21 | + | |
| 22 | + | |
| 23 | + | |
| 24 | + | |
| 25 | + | |
1 | 26 | | |
2 | 27 | | |
3 | 28 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
422 | 422 | | |
423 | 423 | | |
424 | 424 | | |
| 425 | + | |
| 426 | + | |
| 427 | + | |
| 428 | + | |
| 429 | + | |
| 430 | + | |
| 431 | + | |
| 432 | + | |
| 433 | + | |
| 434 | + | |
| 435 | + | |
| 436 | + | |
| 437 | + | |
| 438 | + | |
| 439 | + | |
| 440 | + | |
| 441 | + | |
| 442 | + | |
| 443 | + | |
| 444 | + | |
| 445 | + | |
| 446 | + | |
| 447 | + | |
| 448 | + | |
| 449 | + | |
| 450 | + | |
| 451 | + | |
| 452 | + | |
| 453 | + | |
| 454 | + | |
| 455 | + | |
| 456 | + | |
| 457 | + | |
| 458 | + | |
| 459 | + | |
| 460 | + | |
| 461 | + | |
| 462 | + | |
| 463 | + | |
| 464 | + | |
| 465 | + | |
| 466 | + | |
| 467 | + | |
| 468 | + | |
| 469 | + | |
| 470 | + | |
| 471 | + | |
| 472 | + | |
| 473 | + | |
| 474 | + | |
| 475 | + | |
| 476 | + | |
| 477 | + | |
| 478 | + | |
| 479 | + | |
| 480 | + | |
| 481 | + | |
| 482 | + | |
| 483 | + | |
| 484 | + | |
| 485 | + | |
| 486 | + | |
| 487 | + | |
| 488 | + | |
| 489 | + | |
| 490 | + | |
| 491 | + | |
| 492 | + | |
| 493 | + | |
| 494 | + | |
| 495 | + | |
| 496 | + | |
| 497 | + | |
| 498 | + | |
| 499 | + | |
| 500 | + | |
| 501 | + | |
| 502 | + | |
| 503 | + | |
| 504 | + | |
| 505 | + | |
| 506 | + | |
| 507 | + | |
| 508 | + | |
| 509 | + | |
| 510 | + | |
425 | 511 | | |
426 | 512 | | |
427 | 513 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
418 | 418 | | |
419 | 419 | | |
420 | 420 | | |
421 | | - | |
422 | | - | |
| 421 | + | |
| 422 | + | |
| 423 | + | |
| 424 | + | |
423 | 425 | | |
424 | 426 | | |
425 | 427 | | |
426 | | - | |
427 | | - | |
428 | | - | |
| 428 | + | |
429 | 429 | | |
430 | 430 | | |
431 | 431 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
1 | 1 | | |
2 | | - | |
3 | | - | |
4 | | - | |
5 | | - | |
6 | | - | |
| 2 | + | |
| 3 | + | |
7 | 4 | | |
8 | 5 | | |
9 | 6 | | |
| |||
66 | 63 | | |
67 | 64 | | |
68 | 65 | | |
69 | | - | |
70 | | - | |
| 66 | + | |
71 | 67 | | |
72 | 68 | | |
73 | 69 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
9 | 9 | | |
10 | 10 | | |
11 | 11 | | |
12 | | - | |
| 12 | + | |
13 | 13 | | |
14 | 14 | | |
15 | 15 | | |
| |||
118 | 118 | | |
119 | 119 | | |
120 | 120 | | |
121 | | - | |
| 121 | + | |
122 | 122 | | |
123 | 123 | | |
124 | 124 | | |
| |||
0 commit comments