AccessToken: clamp possibly expired values from DateTime and DateInterval

codemasher · codemasher · commit 961e1a67ec11 · 2024-05-19T17:48:49.000+02:00
diff --git a/src/Core/AccessToken.php b/src/Core/AccessToken.php
@@ -85,6 +85,10 @@ final class AccessToken extends SettingsContainerAbstract{
 
 	/**
 	 * Sets the expiration for this token, clamps the expiry to EXPIRY_MAX
+	 *
+	 *   - `0` sets the expiry to `NEVER_EXPIRES`
+	 *   - `null`, negative integer values or timestamps from `DateTime` and `DateInterval`
+	 *      that are in the past set the expiry to `EXPIRY_UNKNOWN`
 	 */
 	protected function set_expires(DateTime|DateInterval|int|null $expires = null):void{
 		$now = time();
@@ -99,6 +103,11 @@ protected function set_expires(DateTime|DateInterval|int|null $expires = null):v
 			default                                             => $this::EXPIRY_UNKNOWN,
 		};
 
+		// clamp possibly expired values
+		if(($expires instanceof DateTime || $expires instanceof DateInterval) && $this->expires < $now){
+			$this->expires = $this::EXPIRY_UNKNOWN;
+		}
+
 		// clamp max expiry
 		if($this->expires > $max){
 			$this->expires = $max;
diff --git a/tests/Core/AccessTokenTest.php b/tests/Core/AccessTokenTest.php
@@ -52,17 +52,18 @@ public static function expiryDataProvider():array{
 		$now = time();
 
 		return [
-			'EXPIRY_UNKNOWN (null)'       => [null,       AccessToken::EXPIRY_UNKNOWN],
-			'EXPIRY_UNKNOWN (-0xDEAD)'    => [-0xDEAD,    AccessToken::EXPIRY_UNKNOWN],
-			'EXPIRY_UNKNOWN (-1)'         => [-1,         AccessToken::EXPIRY_UNKNOWN],
-			'EXPIRY_UNKNOWN (1514309386)' => [1514309386, AccessToken::EXPIRY_UNKNOWN],
-			'NEVER_EXPIRES  (-0xCAFE)'    => [-0xCAFE,    AccessToken::NEVER_EXPIRES],
-			'NEVER_EXPIRES  (0)'          => [0,          AccessToken::NEVER_EXPIRES],
-			'timestamp (now + 42)'        => [($now + 42),                             ($now + 42)],
-			'int (42)'                    => [42,                                      ($now + 42)],
-			'DateTime (now + 42)'         => [(new DateTime)->setTimestamp($now + 42), ($now + 42)],
-			'DateInterval (42)'           => [new DateInterval('PT42S'),               ($now + 42)],
-			'clamp max expiry'            => [($now + $now),      ($now + AccessToken::EXPIRY_MAX)],
+			'EXPIRY_UNKNOWN (null)'         => [null,                                    AccessToken::EXPIRY_UNKNOWN],
+			'EXPIRY_UNKNOWN (-0xDEAD)'      => [-0xDEAD,                                 AccessToken::EXPIRY_UNKNOWN],
+			'EXPIRY_UNKNOWN (-1)'           => [-1,                                      AccessToken::EXPIRY_UNKNOWN],
+			'EXPIRY_UNKNOWN (1514309386)'   => [1514309386,                              AccessToken::EXPIRY_UNKNOWN],
+			'EXPIRY_UNKNOWN DateTime (-42)' => [(new DateTime)->setTimestamp($now - 42), AccessToken::EXPIRY_UNKNOWN],
+			'NEVER_EXPIRES  (-0xCAFE)'      => [-0xCAFE,                                 AccessToken::NEVER_EXPIRES],
+			'NEVER_EXPIRES  (0)'            => [0,                                       AccessToken::NEVER_EXPIRES],
+			'timestamp (now + 42)'          => [($now + 42),                             ($now + 42)],
+			'int (42)'                      => [42,                                      ($now + 42)],
+			'DateTime (now + 42)'           => [(new DateTime)->setTimestamp($now + 42), ($now + 42)],
+			'DateInterval (42)'             => [new DateInterval('PT42S'),               ($now + 42)],
+			'clamp max expiry'              => [($now + $now),                           ($now + AccessToken::EXPIRY_MAX)],
 		];
 	}
 
@@ -75,9 +76,7 @@ public function testSetExpiry(DateTime|DateInterval|int|null $expires, int $expe
 			$this::assertSame($expected, $this->token->expires);
 		}
 		catch(ExpectationFailedException $e){
-			$diff = $expected - $this->token->expires;
-
-			$this::assertTrue(($diff >= -2 || $diff <= 2), 'give a bit of leeway');
+			$this::markTestSkipped($e->getMessage());
 		}
 
 	}
