Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP

Loading…

Fixing an issue with token expiration timestamp on persist/restore. #6

Closed
wants to merge 1 commit into from

2 participants

@nparry

I ran into an issue when restoring an access token created during a previous run of my app. Basically whenever the token was restored it thought it would expire 'one hour from now' instead of 'one hour from my initial creation date' - if the app was shut down for over an hour the token would expire but the app still thought it was good. This commit fixes this by storing the absolute expiration time.

(For reference, http://code.google.com/p/qsb-mac-plugins/issues/detail?id=5#c12 is the related ticket for the app (actually plugin for an app) in question)

@nparry nparry Persist token expirations with absolute times instead of relative.
When storing a request or access token, persist the token expiration
time with an absolute timestamp. By doing so an application can
accurately determine if a token is still valid even if it is shutdown
and restarted after the token expires.  Previously a relative timestamp
was used, which meant a token restored from the persistent store always
claimed to be valid even if it wasn't.
62d2b86
@michaelchum
Owner

Nice catch there! We just revamped our SDK with a whole new OAuth1.0a authentication flow using a UIWebview. Thank you for your contribution, we really appreciate it.

@michaelchum michaelchum closed this
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Commits on Sep 22, 2010
  1. @nparry

    Persist token expirations with absolute times instead of relative.

    nparry authored
    When storing a request or access token, persist the token expiration
    time with an absolute timestamp. By doing so an application can
    accurately determine if a token is still valid even if it is shutdown
    and restarted after the token expires.  Previously a relative timestamp
    was used, which meant a token restored from the persistent store always
    claimed to be valid even if it wasn't.
This page is out of date. Refresh to see the latest.
View
12 Source/YOSSocial/YOSAccessToken.h
@@ -40,16 +40,6 @@
* Returns a NSDate representing the application authorization expiry date.
*/
NSDate *authExpiresDate;
-
- /**
- * Returns an integer of the UNIX time that the token will expire.
- */
- NSInteger tokenExpires;
-
- /**
- * Returns an integer of the UNIX time that application authorization will expire.
- */
- NSInteger authExpires;
}
@property (nonatomic, readwrite, retain) NSString *guid;
@@ -57,8 +47,6 @@
@property (nonatomic, readwrite, retain) NSString *consumer;
@property (nonatomic, readwrite, retain) NSDate *tokenExpiresDate;
@property (nonatomic, readwrite, retain) NSDate *authExpiresDate;
-@property (nonatomic, readwrite) NSInteger tokenExpires;
-@property (nonatomic, readwrite) NSInteger authExpires;
/**
* Returns an access token for the specified dictionary containing token variables.
View
17 Source/YOSSocial/YOSAccessToken.m
@@ -17,8 +17,6 @@ @implementation YOSAccessToken
@synthesize guid;
@synthesize sessionHandle;
@synthesize consumer;
-@synthesize tokenExpires;
-@synthesize authExpires;
@synthesize tokenExpiresDate;
@synthesize authExpiresDate;
@@ -41,8 +39,6 @@ + (YOSAccessToken *)tokenFromResponse:(NSData *)responseData
[theToken autorelease];
[theToken setGuid:[tokenDictionary valueForKey:@"xoauth_yahoo_guid"]];
[theToken setSessionHandle:[tokenDictionary valueForKey:@"oauth_session_handle"]];
- [theToken setTokenExpires:tokenExpires];
- [theToken setAuthExpires:authExpires];
[theToken setTokenExpiresDate:[NSDate dateWithTimeIntervalSinceNow:tokenExpires]];
[theToken setAuthExpiresDate:[NSDate dateWithTimeIntervalSinceNow:authExpires]];
@@ -59,10 +55,8 @@ + (YOSAccessToken *)tokenFromStoredDictionary:(NSDictionary *)tokenDictionary
[theToken autorelease];
[theToken setGuid:[tokenDictionary valueForKey:@"guid"]];
[theToken setSessionHandle:[tokenDictionary valueForKey:@"sessionHandle"]];
- [theToken setTokenExpires:tokenExpires];
- [theToken setAuthExpires:authExpires];
- [theToken setTokenExpiresDate:[NSDate dateWithTimeIntervalSinceNow:tokenExpires]];
- [theToken setAuthExpiresDate:[NSDate dateWithTimeIntervalSinceNow:authExpires]];
+ [theToken setTokenExpiresDate:[NSDate dateWithTimeIntervalSinceReferenceDate:tokenExpires]];
+ [theToken setAuthExpiresDate:[NSDate dateWithTimeIntervalSinceReferenceDate:authExpires]];
if([tokenDictionary valueForKey:@"consumer"]) {
[theToken setConsumer:[tokenDictionary valueForKey:@"consumer"]];
@@ -76,14 +70,17 @@ + (YOSAccessToken *)tokenFromStoredDictionary:(NSDictionary *)tokenDictionary
- (NSMutableDictionary *)tokenAsDictionary
{
+ NSInteger tokenExpires = [[self tokenExpiresDate] timeIntervalSinceReferenceDate];
+ NSInteger authExpires = [[self authExpiresDate] timeIntervalSinceReferenceDate];
+
NSMutableDictionary *tokenDictionary = [[NSMutableDictionary alloc] init];
[tokenDictionary autorelease];
[tokenDictionary setObject:self.key forKey:@"key"];
[tokenDictionary setObject:self.secret forKey:@"secret"];
[tokenDictionary setObject:self.guid forKey:@"guid"];
[tokenDictionary setObject:self.sessionHandle forKey:@"sessionHandle"];
- [tokenDictionary setObject:[NSNumber numberWithInt:self.tokenExpires] forKey:@"tokenExpires"];
- [tokenDictionary setObject:[NSNumber numberWithInt:self.authExpires] forKey:@"authExpires"];
+ [tokenDictionary setObject:[NSNumber numberWithDouble:tokenExpires] forKey:@"tokenExpires"];
+ [tokenDictionary setObject:[NSNumber numberWithDouble:authExpires] forKey:@"authExpires"];
if(self.consumer) [tokenDictionary setObject:self.consumer forKey:@"consumer"];
View
6 Source/YOSSocial/YOSRequestToken.h
@@ -22,11 +22,6 @@
NSString *requestAuthUrl;
/**
- * Returns an integer of the UNIX time that the token will expire.
- */
- NSInteger tokenExpires;
-
- /**
* Returns a NSDate representing the expiry date of this token.
*/
NSDate *tokenExpiresDate;
@@ -38,7 +33,6 @@
}
@property (nonatomic, readwrite, retain) NSString *requestAuthUrl;
-@property (nonatomic, readwrite) NSInteger tokenExpires;
@property (nonatomic, readwrite, retain) NSDate *tokenExpiresDate;
@property (nonatomic, readwrite) BOOL callbackConfirmed;
View
9 Source/YOSSocial/YOSRequestToken.m
@@ -15,7 +15,6 @@
@implementation YOSRequestToken
@synthesize requestAuthUrl;
-@synthesize tokenExpires;
@synthesize tokenExpiresDate;
@synthesize callbackConfirmed;
@@ -38,7 +37,6 @@ + (YOSRequestToken *)tokenFromResponse:(NSData *)responseData
[theToken autorelease];
[theToken setRequestAuthUrl:[tokenDictionary valueForKey:@"xoauth_request_auth_url"]];
- [theToken setTokenExpires:tokenExpires];
[theToken setTokenExpiresDate:[NSDate dateWithTimeIntervalSinceNow:tokenExpires]];
[theToken setCallbackConfirmed:isCallbackConfirmed];
@@ -53,8 +51,7 @@ + (YOSRequestToken *)tokenFromStoredDictionary:(NSDictionary *)tokenDictionary;
andSecret:[tokenDictionary valueForKey:@"secret"]];
[theToken autorelease];
[theToken setRequestAuthUrl:[tokenDictionary valueForKey:@"requestAuthUrl"]];
- [theToken setTokenExpires:tokenExpires];
- [theToken setTokenExpiresDate:[NSDate dateWithTimeIntervalSinceNow:tokenExpires]];
+ [theToken setTokenExpiresDate:[NSDate dateWithTimeIntervalSinceReferenceDate:tokenExpires]];
return theToken;
}
@@ -64,11 +61,13 @@ + (YOSRequestToken *)tokenFromStoredDictionary:(NSDictionary *)tokenDictionary;
- (NSMutableDictionary *)tokenAsDictionary
{
+ NSInteger tokenExpires = [[self tokenExpiresDate] timeIntervalSinceReferenceDate];
+
NSMutableDictionary *tokenDictionary = [[NSMutableDictionary alloc] init];
[tokenDictionary autorelease];
[tokenDictionary setObject:self.key forKey:@"key"];
[tokenDictionary setObject:self.secret forKey:@"secret"];
- [tokenDictionary setObject:[NSNumber numberWithInt:self.tokenExpires] forKey:@"tokenExpires"];
+ [tokenDictionary setObject:[NSNumber numberWithDouble:tokenExpires] forKey:@"tokenExpires"];
[tokenDictionary setObject:self.requestAuthUrl forKey:@"requestAuthUrl"];
return tokenDictionary;
Something went wrong with that request. Please try again.