New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
oauth2: inaccurate expires_in time #72
Comments
nice find, thanks |
on a side note: this shouldn't be uber critical as the |
One issue here is that we don't know what session type we are encountering here, this is therefore a bit tricky to solve, if we don't want to couple the oauth2 handler logic with the session logic. |
Looking at https://github.com/ory-am/fosite/blob/master/handler/oauth2/flow_authorize_code_token.go#L106, it always uses
c.AccessTokenLifeSpan
, even when it's been overridden in a custom HMACSession (as suggested here): https://github.com/ory-am/fosite/blob/master/fosite-example/main.go#L199The text was updated successfully, but these errors were encountered: