From 02e80b7aab9af21c201ad77a1cc0a3b703b5636e Mon Sep 17 00:00:00 2001
From: Joel Speed <Joel.speed@hotmail.co.uk>
Date: Tue, 7 May 2019 13:55:49 +0100
Subject: [PATCH] Check all information is encoded when cookie-secret set

---
 pkg/sessions/session_store_test.go | 27 ++++++++++++++++++++++++++-
 1 file changed, 26 insertions(+), 1 deletion(-)

diff --git a/pkg/sessions/session_store_test.go b/pkg/sessions/session_store_test.go
index eb8ad2f3..f9a93643 100644
--- a/pkg/sessions/session_store_test.go
+++ b/pkg/sessions/session_store_test.go
@@ -1,6 +1,8 @@
 package sessions_test
 
 import (
+	"crypto/rand"
+	"encoding/base64"
 	"net/http"
 	"net/http/httptest"
 	"testing"
@@ -133,7 +135,16 @@ var _ = Describe("NewSessionStore", func() {
 					Expect(loadedSession.User).To(Equal(session.User))
 				} else {
 					// All fields stored in session if encrypted
-					Expect(loadedSession).To(Equal(session))
+
+					// Can't compare time.Time using Equal() so remove ExpiresOn from sessions
+					l := *loadedSession
+					l.ExpiresOn = time.Time{}
+					s := *session
+					s.ExpiresOn = time.Time{}
+					Expect(l).To(Equal(s))
+
+					// Compare time.Time separately
+					Expect(loadedSession.ExpiresOn.Equal(session.ExpiresOn)).To(BeTrue())
 				}
 			})
 		})
@@ -169,6 +180,20 @@ var _ = Describe("NewSessionStore", func() {
 
 			SessionStoreInterfaceTests()
 		})
+
+		Context("with a cookie-secret set", func() {
+			BeforeEach(func() {
+				secret := make([]byte, 32)
+				_, err := rand.Read(secret)
+				Expect(err).ToNot(HaveOccurred())
+				cookieOpts.CookieSecret = base64.URLEncoding.EncodeToString(secret)
+
+				ss, err = sessions.NewSessionStore(opts, cookieOpts)
+				Expect(err).ToNot(HaveOccurred())
+			})
+
+			SessionStoreInterfaceTests()
+		})
 	}
 
 	BeforeEach(func() {