1144: Access token expires after 30 minutes since creation

Owned by Paulina Borowa (Unlicensed)
Nov 22, 2016
1 min read
Test Case #:1144

Test Case Name:Access token expires after 30 minutes since creation

System: OpenLMIS

Subsystem: blue

Test case designed by: Paulina Borowa

Design Date:22.11.2016

Short description

The access token should expire after the given period of inactivity (by default 30 minutes). What happens in the system at the moment is that the token expires exactly after 30 minutes since it was generated.

Repro steps:
1. Generate a token
2. Keep playing with the system for 30 minutes
3. Your token becomes invalid and you need to re-authenticate

Acceptance criteria:

  • Access token only expires when I manually destroy it (log out) or I've not been using it for 30 minutes.

                                                                                                                                                   

Pre – conditions:

                                                                                                                                                                                                                                                       

Step

Action

Expected system response

Comment

1

    Generate a token

                                                                                                                            

                                                 

2

Wait a few minutes and check time of token expires

In URL 10.222.17.205/auth/oauth/token?grant_type=password&username=administrator&password=password

Method POST

 


3

Do something by restclient  and check again time of token expires

In URL 10.222.17.205/auth/oauth/token?grant_type=password&username=administrator&password=password

Method POST

 Timer should be restarted to 1800 sec 


4

Check if 
after 30 minutes of inactivity token becomes invalid



OpenLMIS: the global initiative for powerful LMIS software