From 17427606a4247d72136f0218bd5e7c57be7dafc2 Mon Sep 17 00:00:00 2001 From: Christian Banse Date: Mon, 7 Mar 2022 19:14:26 +0100 Subject: [PATCH] Fixed expire_in (#36) --- server.go | 27 ++++++++++++++++++++++++--- 1 file changed, 24 insertions(+), 3 deletions(-) diff --git a/server.go b/server.go index a48feb1..a4142b4 100644 --- a/server.go +++ b/server.go @@ -27,6 +27,8 @@ const ( ErrorInvalidRequest = "invalid_request" ErrorInvalidClient = "invalid_client" ErrorInvalidGrant = "invalid_grant" + + DefaultExpireIn = time.Hour * 24 ) type codeInfo struct { @@ -162,7 +164,7 @@ func (srv *AuthorizationServer) doClientCredentialsFlow(w http.ResponseWriter, r return } - writeJSON(w, token) + writeToken(w, token) } // doAuthorizationCodeFlow implements the Authorization Code Grant @@ -206,7 +208,7 @@ func (srv *AuthorizationServer) doAuthorizationCodeFlow(w http.ResponseWriter, r return } - writeJSON(w, token) + writeToken(w, token) } func (srv *AuthorizationServer) handleJWKS(w http.ResponseWriter, r *http.Request) { @@ -326,7 +328,7 @@ func (srv *AuthorizationServer) ValidateCode(verifier string, code string) bool // Optionally, if a refreshKey is specified, that key is used to also create a refresh token. func (srv *AuthorizationServer) GenerateToken(clientID string, signingKeyID int, refreshKeyID int) (token *Token, err error) { var ( - expiry = time.Now().Add(24 * time.Hour) + expiry = time.Now().Add(DefaultExpireIn) signingKey *ecdsa.PrivateKey refreshKey *ecdsa.PrivateKey ok bool @@ -392,6 +394,25 @@ func RedirectError(w http.ResponseWriter, http.Redirect(w, r, fmt.Sprintf("%s?%s", redirectURI, params.Encode()), http.StatusFound) } +func writeToken(w http.ResponseWriter, token *oauth2.Token) { + // We need to transform this into our own struct, otherwise + // the expiry will be translated into a string representation, + // while it should be represented as seconds. + s := struct { + AccessToken string `json:"access_token"` + RefreshToken string `json:"refresh_token"` + TokenType string `json:"token_type"` + Expiry int `json:"expires_in"` + }{ + AccessToken: token.AccessToken, + RefreshToken: token.RefreshToken, + TokenType: token.TokenType, + Expiry: int(time.Until(token.Expiry).Seconds()), + } + + writeJSON(w, s) +} + func writeJSON(w http.ResponseWriter, value interface{}) { w.Header().Set("Content-Type", "application/json")