Take min validity into consideration

Author: klippx

.rubocop_todo.yml

@@ -14,8 +14,5 @@ Style/EachWithObject:
 Style/ExpandPathArguments:
   Enabled: false
 
-Metrics/CyclomaticComplexity:
-  Max: 7
-
 Metrics/ClassLength:
-  Max: 104
+  Max: 105

CHANGELOG.md

@@ -15,6 +15,7 @@ All notable changes to this project will be documented in this file.
 - Fix logging to `$stdout` of request and response bodies via Faraday's logger and `ENV["OAUTH_DEBUG"] == 'true'`
 - Read issued_at and expires_at from the token instead of using Time.now [#391]
 - Take clock skew into consideration when checking expired? [#391]
+- Take minimum validity into consideration when checking expired? [#391]
 
 ## [1.4.0] - 2017-06-09
 

lib/oauth2/access_token.rb

@@ -1,5 +1,7 @@
 module OAuth2
   class AccessToken
+    MIN_VALIDITY = 30
+
     attr_reader :client, :token, :expires_in, :issued_at, :expires_at, :params, :time_skew
     attr_accessor :options, :refresh_token, :response
 
@@ -81,7 +83,7 @@ def expires?
     #
     # @return [Boolean]
     def expired?
-      expires? && (expires_at + time_skew <= Time.now.to_i)
+      expires? && (expires_at + time_skew - MIN_VALIDITY <= Time.now.to_i)
     end
 
     # Refreshes the current Access Token

spec/oauth2/access_token_spec.rb

@@ -152,25 +152,23 @@ def assert_initialized_token(target) # rubocop:disable Metrics/AbcSize
       expect(access).to be_expired
     end
 
-    describe 'time skew' do
-      let(:time_skew) { 10 }
+    describe 'min validity' do
+      let(:old_now) { 1_528_454_438 }
       let(:expires_in) { 300 }
-      let(:expires_at) { Time.now.to_i - 10 + expires_in }
+      let(:expires_at) { 1_528_454_438 + expires_in }
       let!(:access) { described_class.new(client, token, :refresh_token => 'abaca', :expires_at => expires_at, :expires_in => expires_in) }
+      let(:now) { Time.at(expires_at) - AccessToken::MIN_VALIDITY }
 
-      context 'when not within time skew correction' do
-        let(:now) { Time.at(expires_at) + time_skew + 1 }
-
+      context 'when not within min validity correction' do
         it 'access is expired' do
           allow(Time).to receive(:now).and_return(now)
           expect(access).to be_expired
         end
       end
 
-      context 'when within time skew correction' do
-        let(:now) { Time.at(expires_at) + time_skew - 1 }
-
+      context 'when within min validity correction' do
         it 'access is not expired' do
+          allow(Time).to receive(:now).and_return(now - 1)
           expect(access).not_to be_expired
         end
       end
@@ -256,7 +254,7 @@ def assert_initialized_token(target) # rubocop:disable Metrics/AbcSize
       end
 
       context 'when not within time skew correction' do
-        let(:local_now) { Time.at(exp) + time_skew + 1 }
+        let(:local_now) { Time.at(exp) + time_skew - AccessToken::MIN_VALIDITY }
 
         it 'access is expired' do
           allow(Time).to receive(:now).and_return(local_now)
@@ -265,7 +263,7 @@ def assert_initialized_token(target) # rubocop:disable Metrics/AbcSize
       end
 
       context 'when within time skew correction' do
-        let(:local_now) { Time.at(exp) + time_skew - 1 }
+        let(:local_now) { Time.at(exp) + time_skew - AccessToken::MIN_VALIDITY - 1 }
 
         it 'access is not expired' do
           allow(Time).to receive(:now).and_return(local_now)