server: fix auth request expiry
This commit is contained in:
parent
558059ee58
commit
3e20a080fe
1 changed files with 3 additions and 2 deletions
|
@ -143,6 +143,7 @@ func (s *Server) handleAuthorization(w http.ResponseWriter, r *http.Request) {
|
|||
s.renderError(w, http.StatusInternalServerError, err.Type, err.Description)
|
||||
return
|
||||
}
|
||||
authReq.Expiry = s.now().Add(time.Minute * 30)
|
||||
if err := s.storage.CreateAuthRequest(authReq); err != nil {
|
||||
log.Printf("Failed to create authorization request: %v", err)
|
||||
s.renderError(w, http.StatusInternalServerError, errServerError, "")
|
||||
|
@ -342,7 +343,7 @@ func (s *Server) handleApproval(w http.ResponseWriter, r *http.Request) {
|
|||
}
|
||||
|
||||
func (s *Server) sendCodeResponse(w http.ResponseWriter, r *http.Request, authReq storage.AuthRequest) {
|
||||
if authReq.Expiry.After(s.now()) {
|
||||
if s.now().After(authReq.Expiry) {
|
||||
s.renderError(w, http.StatusBadRequest, errInvalidRequest, "Authorization request period has expired.")
|
||||
return
|
||||
}
|
||||
|
@ -373,7 +374,7 @@ func (s *Server) sendCodeResponse(w http.ResponseWriter, r *http.Request, authRe
|
|||
Nonce: authReq.Nonce,
|
||||
Scopes: authReq.Scopes,
|
||||
Claims: authReq.Claims,
|
||||
Expiry: s.now().Add(time.Minute * 5),
|
||||
Expiry: s.now().Add(time.Minute * 30),
|
||||
RedirectURI: authReq.RedirectURI,
|
||||
}
|
||||
if err := s.storage.CreateAuthCode(code); err != nil {
|
||||
|
|
Reference in a new issue