Allow RubySaml::Utils.is_cert_expired and is_cert_active to accept an…

… optional time argument
SAML-Toolkits · Jan 11, 2025 · 2f0d6d3 · 2f0d6d3
1 parent 2caea57
commit 2f0d6d3
Show file tree

Hide file tree

Showing 2 changed files with 32 additions and 2 deletions.
diff --git a/lib/ruby_saml/utils.rb b/lib/ruby_saml/utils.rb
@@ -38,6 +38,7 @@ module Utils
     # @param now [Time|Integer] The time to compare.
     # @return [true|false] Whether the certificate is expired.
     def is_cert_expired(cert, now = Time.now)
+      now = Time.at(now) if now.is_a?(Integer)
       cert = build_cert_object(cert) if cert.is_a?(String)
       cert.not_after < now
     end
@@ -48,6 +49,7 @@ def is_cert_expired(cert, now = Time.now)
     # @param now [Time|Integer] The time to compare.
     # @return [true|false] Whether the certificate is currently active.
     def is_cert_active(cert, now = Time.now)
+      now = Time.at(now) if now.is_a?(Integer)
       cert = build_cert_object(cert) if cert.is_a?(String)
       cert.not_before <= now && cert.not_after >= now
     end

diff --git a/test/utils_test.rb b/test/utils_test.rb
@@ -441,7 +441,7 @@ def result(duration, reference = 0)
       end
     end
 
-    describe 'time argument specified' do
+    describe 'time argument specified as Time' do
       let(:now) { Time.at(10000) }
 
       it 'returns true for expired certificate' do
@@ -474,6 +474,20 @@ def result(duration, reference = 0)
         refute RubySaml::Utils.is_cert_expired(valid_cert_string, now)
       end
     end
+
+    describe 'time argument specified as Integer' do
+      let(:int) { 10000 }
+
+      it 'returns true for expired certificate' do
+        expired_cert = CertificateHelper.generate_cert(not_after: Time.at(int) - 60)
+        assert RubySaml::Utils.is_cert_expired(expired_cert, int)
+      end
+
+      it 'returns false for not-started certificate' do
+        not_started_cert = CertificateHelper.generate_cert(not_before: Time.at(int) + 60)
+        refute RubySaml::Utils.is_cert_active(not_started_cert, int)
+      end
+    end
   end
 
   describe '.is_cert_active' do
@@ -510,7 +524,7 @@ def result(duration, reference = 0)
       end
     end
 
-    describe 'time argument specified' do
+    describe 'time argument specified as Time' do
       let(:now) { Time.at(10000) }
 
       it 'returns true for active certificate' do
@@ -543,5 +557,19 @@ def result(duration, reference = 0)
         refute RubySaml::Utils.is_cert_active(expired_cert_string, now)
       end
     end
+
+    describe 'time argument specified as Integer' do
+      let(:int) { 10000 }
+
+      it 'returns true for active certificate' do
+        valid_cert = CertificateHelper.generate_cert(not_before: Time.at(int) - 60, not_after: Time.at(int) + 60)
+        assert RubySaml::Utils.is_cert_active(valid_cert, int)
+      end
+
+      it 'returns false for expired certificate' do
+        expired_cert = CertificateHelper.generate_cert(not_after: Time.at(int) - 60)
+        refute RubySaml::Utils.is_cert_active(expired_cert, int)
+      end
+    end
   end
 end