mahara-contributors team mailing list archive

Thread
Date

[Bug 1744351] Re: Public key expiration date is current date for service access tokens

To: mahara-contributors@xxxxxxxxxxxxxxxxxxx
From: Steven <stevens@xxxxxxxxxxxxxxx>
Date: Tue, 06 Mar 2018 01:30:08 -0000
Reply-to: Bug 1744351 <1744351@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Manually ran the following Behat test:

Environment tested: Master
Browser tested: Chrome

===================
Behat Test Script
===================

@javascript @core @core_institution @core_artefact
Feature: Public key expiration date is current date for service access tokens Edit 
    As an admin
    When I generate a service access token for a Mahara user
    And I do not enable web services security (XML-RPC Only)
    I do not see Public key expires data 

Background:
Given the following "users" exist:
    | username | password | email | firstname | lastname | institution | authname | role |
    | UserA | Kupuhipa1 | UserA@xxxxxxxxxxx | Angela | User | Institution A  | internal | admin |
    | UserB | Kupuhipa1 | UserA@xxxxxxxxxxx | Bob | User | Institution A  | internal | member |

Scenario: Admin user generate a service access token for a Mahara user
    Given I log in as "UserA" with password "Kupuhipa1"
    And I am on "/admin/index.php?open=webservices_token"
    # Need step def for step below (And I fill in input "Username:" with "Bob" and select first autosuggestion)
    And I fill in "Username:" with "Bob"
    When I press "Generate token"
    Then I should see "Service access tokens" 
    And I should not see "Public key expires"
    

Catalyst QA Approved ✔

-- 
You received this bug notification because you are a member of Mahara
Contributors, which is subscribed to Mahara.
Matching subscriptions: Subscription for all Mahara Contributors -- please ask on #mahara-dev or mahara.org forum before editing or unsubscribing it!
https://bugs.launchpad.net/bugs/1744351

Title:
  Public key expiration date is current date for service access tokens

Status in Mahara:
  New

Bug description:
  In the 'Manage service users' area of the Mahara administration when
  you generate a new token, the public key of the token has an
  expiration date of the current date/time making the token un-usable.

  This bug was replicated in a remote and locally installed instance of
  Mahara.

  When I tried to perform curl commands using this token I was
  redirected to the Mahara login page, showing the token was not valid.

  To replicate:
  1. Login to Mahara and go to Administration->Web services->Configuration->Managae service access tokens

  2. Input a username and generate the token

  3. Notice the expiration date of the public key is the current
  date/time of the server that the instance is running on

To manage notifications about this bug go to:
https://bugs.launchpad.net/mahara/+bug/1744351/+subscriptions

References

[Bug 1744351] [NEW] Public key expiration date is current date for service access tokens
From: Alex Bucklery, 2018-01-19