Login   Register  
PHP Classes
elePHPant
Icontem

Bug with handling "expires" information

Recommend this page to a friend!
Stumble It! Stumble It! Bookmark in del.icio.us Bookmark in del.icio.us

      PHP OAuth API  >  All threads  >  Bug with handling "expires" information  >  (Un) Subscribe thread alerts  
Subject:Bug with handling "expires" information
Summary:Incorrect working with "expires"
Messages:5
Author:Vitaly Dyatlov
Date:2013-03-26 09:45:50
Update:2013-03-27 08:10:22
 

  1. Bug with handling "expires" information   Reply   Report abuse  
Picture of Vitaly Dyatlov
Vitaly Dyatlov
2013-03-26 09:45:50
Server can return 2 types of expiries:

"expires" and "expires_in"

expires - absolute expiration date, like token will expire at 10 Dec 2014
expires_in - relative expiration time, like token will expire in 3 days.

But you work with both types in the same way:

$this->access_token_expiry = gmstrftime('%Y-%m-%d %H:%M:%S', time() + $expires);

Below is my fix for this:

//FIXED expires issue
if( IsSet($response['expires']) )
{
$this->access_token_expiry = gmstrftime('%Y-%m-%d %H:%M:%S', $expires);
}
else
{
$this->access_token_expiry = gmstrftime('%Y-%m-%d %H:%M:%S', time() + $expires);
}

  2. Re: Bug with handling "expires" information   Reply   Report abuse  
Picture of Manuel Lemos
Manuel Lemos
2013-03-26 10:32:02 - In reply to message 1 from Vitaly Dyatlov
Unfortunately there inconsistencies in the implementation of different servers.

What server did you see that problem?

  3. Re: Bug with handling "expires" information   Reply   Report abuse  
Picture of Vitaly Dyatlov
Vitaly Dyatlov
2013-03-26 11:25:27 - In reply to message 2 from Manuel Lemos
This one: https://github.com/lncd/OAuth2

Server is listed on this page: http://oauth.net/2/ so I think it uses standards.. although who knows

  4. Re: Bug with handling "expires" information   Reply   Report abuse  
Picture of Manuel Lemos
Manuel Lemos
2013-03-27 07:41:38 - In reply to message 3 from Vitaly Dyatlov
The only standard I found that defines token expiry is OAuth 2. It says servers should use expires_in values. So any other value is not standard.

I could add support to non-standard values if they were widely used in well known servers.

That server is just server implementation that uses a non-standard value but it is not widely used. Therefore, I think it is better to tell the developer of that server to make it use standard values.

  5. Re: Bug with handling "expires" information   Reply   Report abuse  
Picture of Vitaly Dyatlov
Vitaly Dyatlov
2013-03-27 08:10:22 - In reply to message 4 from Manuel Lemos
I agree, although standard value is sent in response too. And it should be correctly handled.