- python 3.6.3
- passlib 1.7.1
This is a rather special use case: I want to generate tokens which are valid over a number of calendar days with respect to UTC. I set up the token factory accordingly
allowed_duration_d = 1 allowed_duration_s = 86400 * allowed_duration_d token_base = TOTP(key = key_string_enc, alg = 'sha256', \ period = allowed_duration_s, digits = num_digits)
I then set up the base for
generate as such:
yy = 2017 mm = 12 dd = 5 allowed_date_z = datetime.datetime(yy, mm, dd, 0, 0, 0, 0, \ tzinfo = datetime.timezone.utc) allowed_date_s = int(allowed_date_z.strftime("%s")) token_raw = token_base.generate(time = allowed_date_s)
Considering RFC 6238, chapter 4.2 my expectation is that this would generate a token which would be valid from 2017/12/5, 0000 UTC to 2017/12/6, 0000 UTC.
token_raw.expire_time though gives me validity from the 4th to the 5th.
I checked the settings for
allowed_date_z with +1s, +min and +1h and only with the +1h, the
expire_time switched to the expected behaviour.
As I am on UTC+1 I made certain to use UTC, as seen above.
Is this a bug or am I doing something wrong?