add auth token test

cli/controller/node.go

@@ -103,7 +103,9 @@ func NodeLogin(a NodeLoginArgs) error {
 		return err
 	}
 	w := fs.Workspace()
-	w.AddNodeToken(t)
+	if err := w.AddNodeToken(t); err != nil {
+		return err
+	}
 	return fs.Store()
 }
 

cli/controller/setup.go

@@ -138,7 +138,9 @@ func (c *Setup) create(n *domain.Node) error {
 	infrastructureDuration := tmr()
 
 	if n.GithubAuthEnabled() {
-		c.store.Workspace().AddNodeToken(rsp.Token)
+		if err := c.store.Workspace().AddNodeToken(rsp.Token); err != nil {
+			return err
+		}
 	}
 
 	log.Event(domain.Event{NodeCreate: &domain.NodeEvent{

domain/node.go

@@ -108,11 +108,11 @@ func (n *Node) AuthToken() (string, error) {
 	if t == "" {
 		return "", &TokenExpiredError{}
 	}
-	exp, err := token.ExpiresAt(t)
+	exp, err := token.ExpiresIn(t)
 	if err != nil {
 		return "", err
 	}
-	if exp.Before(time.Now()) {
+	if exp < 0 {
 		return "", &TokenExpiredError{}
 	}
 	return t, nil

domain/node_test.go

@@ -1,19 +1,19 @@
-package domain_test
+package domain
 
 import (
 	"testing"
 	"time"
 
-	"github.com/mantil-io/mantil/domain"
+	"github.com/kataras/jwt"
 	"github.com/mantil-io/mantil/kit/token"
 	"github.com/stretchr/testify/require"
 )
 
 func TestNodeStore(t *testing.T) {
-	ns := &domain.NodeStore{}
+	ns := &NodeStore{}
 	_, privateKey, _ := token.KeyPair()
 
-	tk := nodeToken(&domain.Node{
+	tk := nodeToken(&Node{
 		Name:    "node1",
 		Version: "1",
 	}, privateKey)
@@ -44,7 +44,7 @@ func TestNodeStore(t *testing.T) {
 	tkn := ns.Token("node1")
 	require.Equal(t, tk, tkn)
 
-	err = ns.UpsertNodeToken(nodeToken(&domain.Node{
+	err = ns.UpsertNodeToken(nodeToken(&Node{
 		Name:    "node1",
 		Version: "2",
 	}, privateKey))
@@ -66,8 +66,47 @@ func TestNodeStore(t *testing.T) {
 	require.Nil(t, n)
 }
 
-func nodeToken(n *domain.Node, privateKey string) string {
-	c := domain.AccessTokenClaims{
+func TestAuthToken(t *testing.T) {
+	// single developer auth
+	publicKey, privateKey, _ := token.KeyPair()
+	n := &Node{
+		Name: "node-sd",
+		Keys: NodeKeys{
+			Public:  publicKey,
+			Private: privateKey,
+		},
+		workspace: &Workspace{
+			ID: "workspace",
+		},
+	}
+	token, err := n.AuthToken()
+	require.NoError(t, err)
+	require.NotEmpty(t, token)
+
+	// github auth
+	w := &Workspace{}
+	n = &Node{
+		Name:       "node-gh",
+		GithubUser: "gh-user",
+		workspace:  w,
+	}
+	token = nodeToken(n, privateKey)
+	err = w.AddNodeToken(token)
+	require.NoError(t, err)
+
+	tk, err := n.AuthToken()
+	require.NoError(t, err)
+	require.Equal(t, token, tk)
+
+	jwt.Clock = func() time.Time {
+		return time.Now().Add(2 * time.Hour)
+	}
+	_, err = n.AuthToken()
+	require.Error(t, err)
+}
+
+func nodeToken(n *Node, privateKey string) string {
+	c := AccessTokenClaims{
 		Node: n,
 	}
 	t, _ := token.JWT(privateKey, &c, time.Hour)

domain/workspace.go

@@ -63,8 +63,8 @@ func newWorkspace() *Workspace {
 	}
 }
 
-func (w *Workspace) AddNodeToken(token string) {
-	w.NodeStore.UpsertNodeToken(token)
+func (w *Workspace) AddNodeToken(token string) error {
+	return w.NodeStore.UpsertNodeToken(token)
 }
 
 func (w *Workspace) AddNode(n *Node) {

kit/token/token.go

@@ -43,13 +43,12 @@ func Verify(token string, publicKey string, claims interface{}) error {
 	return verifiedToken.Claims(&claims)
 }
 
-func ExpiresAt(token string) (*time.Time, error) {
+func ExpiresIn(token string) (time.Duration, error) {
 	var claims jwt.Claims
 	if err := Decode(token, &claims); err != nil {
-		return nil, err
+		return -1, err
 	}
-	e := claims.ExpiresAt()
-	return &e, nil
+	return claims.Timeleft(), nil
 }
 
 func Decode(token string, claims interface{}) error {