fix cache TTL

Author: felixheck

README.md

@@ -135,7 +135,7 @@ Optional. Default: `0`.
 - `userInfo {Array.<?string>}` — List of properties which should be included in the `request.auth.credentials` object besides `scope` and `sub`.<br/>
 Optional. Default: `[]`.<br/>
 
-- `cache {Object|boolean}` — The configuration of the [hapi.js cache](https://hapijs.com/api#servercacheoptions) powered by [catbox][catbox]. If the property `iat` (issued at) or `exp` (expiresAt) is undefined, the plugin uses 60 seconds as default TTL.<br/>
+- `cache {Object|boolean}` — The configuration of the [hapi.js cache](https://hapijs.com/api#servercacheoptions) powered by [catbox][catbox]. If the property `exp` (expiresAt) is undefined, the plugin uses 60 seconds as default TTL. Otherwise the cache entry expires as soon as the token itself expires.<br/>
 If `false` the cache is disabled. Use `true` or an empty object (`{}`) to use the built-in default cache.<br/>
 Optional. Default: `false`.
 

src/token.js

@@ -62,15 +62,13 @@ function getRoles (clientId, {
  * @private
  *
  * Get expiration out of token content.
- * If `exp` or `iat` is undefined just 60
- * seconds as default expiration time.
+ * If `exp` is undefined just use 60 seconds as default.
  *
  * @param {number} exp The `expiration` timestamp in seconds
- * @param {number} iat The `issued at` timestamp in seconds
  * @returns {number} The expiration delta in milliseconds
  */
-function getExpiration ({ exp, iat }) {
-  return [exp, iat].includes(undefined) ? 60 * 1000 : (exp - iat) * 1000
+function getExpiration ({ exp }) {
+  return exp ? (exp * 1000) - Date.now() : 60 * 1000
 }
 
 /**

test/fixtures/index.js

@@ -127,8 +127,7 @@ const content = {
   noExp: composeContent(true, false),
   noScope: composeContent(false, true),
   current: composeContent(true, false, {
-    exp: parseInt(Date.now() / 1000) + 60 * 60,
-    iat: parseInt(Date.now() / 1000) + 60 * 15
+    exp: parseInt(Date.now() / 1000) + 60 * 60
   }),
   rpt: composeContent(true, true, {
     authorization: {

test/token.spec.js

@@ -1,4 +1,5 @@
 const test = require('ava')
+const _ = require('lodash')
 const fixtures = require('./fixtures')
 const token = require('../src/token')
 
@@ -54,7 +55,7 @@ test('get user data of token', (t) => {
   const data = token.getData(tkn, { clientId: fixtures.common.clientId })
 
   t.truthy(tkn)
-  t.is(data.expiresIn, 2700000)
+  t.truthy(_.inRange(data.expiresIn, 3590000, 3600000))
   t.is(data.credentials.sub, fixtures.content.current.sub)
   t.falsy(data.credentials.name)
   t.deepEqual(data.credentials.scope.sort(), fixtures.targetScope)
@@ -65,7 +66,7 @@ test('get user data of token – rpt', (t) => {
   const data = token.getData(tkn, { clientId: fixtures.common.clientId })
 
   t.truthy(tkn)
-  t.is(data.expiresIn, 4000)
+  t.truthy(_.inRange(-1 * data.expiresIn, Date.now()))
   t.is(data.credentials.sub, fixtures.content.rpt.sub)
   t.falsy(data.credentials.name)
   t.deepEqual(data.credentials.scope.sort(), [...fixtures.targetScope, 'scope:foo.READ', 'scope:foo.WRITE'])
@@ -79,7 +80,7 @@ test('get user data of token – additional fields', (t) => {
   })
 
   t.truthy(tkn)
-  t.is(data.expiresIn, 2700000)
+  t.truthy(_.inRange(data.expiresIn, 3590000, 3600000))
   t.is(data.credentials.sub, fixtures.content.current.sub)
   t.is(data.credentials.name, fixtures.content.current.name)
   t.deepEqual(data.credentials.scope.sort(), fixtures.targetScope)
@@ -101,7 +102,7 @@ test('get user data of token – default scopes', (t) => {
   const data = token.getData(tkn, { clientId: fixtures.common.clientId })
 
   t.truthy(tkn)
-  t.is(data.expiresIn, 4000)
+  t.truthy(_.inRange(-1 * data.expiresIn, Date.now()))
   t.is(data.credentials.sub, fixtures.content.expired.sub)
   t.falsy(data.credentials.name)
   t.deepEqual(data.credentials.scope, [])