Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

oauth2: inaccurate expires_in time #72

Closed
jmwong opened this issue Aug 8, 2016 · 3 comments
Closed

oauth2: inaccurate expires_in time #72

jmwong opened this issue Aug 8, 2016 · 3 comments
Labels
bug Something is not working.

Comments

@jmwong
Copy link

jmwong commented Aug 8, 2016

Looking at https://github.com/ory-am/fosite/blob/master/handler/oauth2/flow_authorize_code_token.go#L106, it always uses c.AccessTokenLifeSpan, even when it's been overridden in a custom HMACSession (as suggested here): https://github.com/ory-am/fosite/blob/master/fosite-example/main.go#L199
@aeneasr aeneasr added the bug Something is not working. label Aug 9, 2016
@aeneasr
Copy link
Member

aeneasr commented Aug 9, 2016
edited

nice find, thanks

@aeneasr
Copy link
Member

aeneasr commented Aug 9, 2016
edited

on a side note: this shouldn't be uber critical as the exp in the token response is a suggestion. that's also the reason why the timestamp isn't absolute but relative. oauth2 clients should be able to deal with expired token without having to rely on the exp value. nevertheless I will fix this ;)

@aeneasr
Copy link
Member

aeneasr commented Oct 14, 2016

One issue here is that we don't know what session type we are encountering here, this is therefore a bit tricky to solve, if we don't want to couple the oauth2 handler logic with the session logic.

@aeneasr aeneasr changed the title AuthorizeExplicitGrandHandler#PopulateTokenEndpointResponse inaccurate expires_in time oauth2: inaccurate expires_in time Oct 14, 2016
aeneasr pushed a commit that referenced this issue Oct 17, 2016
all: resolve regression issues introduced by 0.6.0 - closes #118
3c11df5 
* oauth2: introspection handler excess calls - closes #117
* oauth2: inaccurate expires_in time - closes #72
aeneasr pushed a commit that referenced this issue Oct 17, 2016
all: resolve regression issues introduced by 0.6.0 - closes #118
7957b1f 
* oauth2: introspection handler excess calls - closes #117
* oauth2: inaccurate expires_in time - closes #72
aeneasr pushed a commit that referenced this issue Oct 17, 2016
all: resolve regression issues introduced by 0.6.0 - closes #118
0b64877 
* oauth2: introspection handler excess calls - closes #117
* oauth2: inaccurate expires_in time - closes #72
aeneasr pushed a commit that referenced this issue Oct 17, 2016
all: resolve regression issues introduced by 0.6.0 - closes #118
3dbdccc 
* oauth2: introspection handler excess calls - closes #117
* oauth2: inaccurate expires_in time - closes #72
aeneasr pushed a commit that referenced this issue Oct 17, 2016
all: resolve regression issues introduced by 0.6.0 - closes #118
a404a14 
* oauth2: introspection handler excess calls - closes #117
* oauth2: inaccurate expires_in time - closes #72
aeneasr pushed a commit that referenced this issue Oct 17, 2016
all: resolve regression issues introduced by 0.6.0 - closes #118
b8ce779 
* oauth2: introspection handler excess calls - closes #117
* oauth2: inaccurate expires_in time - closes #72
budougumi0617 added a commit to budougumi0617/fosite that referenced this issue May 10, 2019
@budougumi0617
0.5.0 (ory#119)
1a73ad6 
* all: resolve regression issues introduced by 0.4.0 - closes ory#118
* oauth2: introspection handler excess calls - closes ory#117
* oauth2: inaccurate expires_in time - closes ory#72
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something is not working.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jmwong @aeneasr