X-Git-Url: https://git.openstreetmap.org/rails.git/blobdiff_plain/eab2eeaa47b2aa8c7f52371f9bfdd60711a41fb6..df6469c76b4d1f069a0831335a68e23ea1ebe0b1:/test/models/oauth_nonce_test.rb?ds=sidebyside

diff --git a/test/models/oauth_nonce_test.rb b/test/models/oauth_nonce_test.rb
index ffbad0af6..341019cca 100644
--- a/test/models/oauth_nonce_test.rb
+++ b/test/models/oauth_nonce_test.rb
@@ -1,4 +1,4 @@
-require 'test_helper'
+require "test_helper"
 
 class OauthNonceTest < ActiveSupport::TestCase
   api_fixtures
@@ -8,8 +8,8 @@ class OauthNonceTest < ActiveSupport::TestCase
   # string and timestamp.
   def test_nonce_uniqueness
     string = "0123456789ABCDEF"
-    timestamp = Time.now
-    
+    timestamp = Time.now.to_i
+
     nonce1 = OauthNonce.remember(string, timestamp)
     assert_not_equal false, nonce1, "First nonce should be unique. Check your test database is empty."
 
@@ -17,4 +17,15 @@ class OauthNonceTest < ActiveSupport::TestCase
     assert_equal false, nonce2, "Shouldn't be able to remember the same nonce twice."
   end
 
+  ##
+  # nonces that are not current should be rejected
+  def test_nonce_not_current
+    string = "0123456789ABCDEF"
+
+    nonce1 = OauthNonce.remember(string, Time.now.to_i - 86430)
+    assert_equal false, nonce1, "Nonces over a day in the past should be rejected"
+
+    nonce2 = OauthNonce.remember(string, Time.now.to_i - 86370)
+    assert_not_equal false, nonce2, "Nonces under a day in the past should be rejected"
+  end
 end