server: fix auth request expiry

This commit is contained in:
Eric Chiang 2016-10-12 18:50:48 -07:00
parent 558059ee58
commit 3e20a080fe

View file

@ -143,6 +143,7 @@ func (s *Server) handleAuthorization(w http.ResponseWriter, r *http.Request) {
s.renderError(w, http.StatusInternalServerError, err.Type, err.Description) s.renderError(w, http.StatusInternalServerError, err.Type, err.Description)
return return
} }
authReq.Expiry = s.now().Add(time.Minute * 30)
if err := s.storage.CreateAuthRequest(authReq); err != nil { if err := s.storage.CreateAuthRequest(authReq); err != nil {
log.Printf("Failed to create authorization request: %v", err) log.Printf("Failed to create authorization request: %v", err)
s.renderError(w, http.StatusInternalServerError, errServerError, "") s.renderError(w, http.StatusInternalServerError, errServerError, "")
@ -342,7 +343,7 @@ func (s *Server) handleApproval(w http.ResponseWriter, r *http.Request) {
} }
func (s *Server) sendCodeResponse(w http.ResponseWriter, r *http.Request, authReq storage.AuthRequest) { func (s *Server) sendCodeResponse(w http.ResponseWriter, r *http.Request, authReq storage.AuthRequest) {
if authReq.Expiry.After(s.now()) { if s.now().After(authReq.Expiry) {
s.renderError(w, http.StatusBadRequest, errInvalidRequest, "Authorization request period has expired.") s.renderError(w, http.StatusBadRequest, errInvalidRequest, "Authorization request period has expired.")
return return
} }
@ -373,7 +374,7 @@ func (s *Server) sendCodeResponse(w http.ResponseWriter, r *http.Request, authRe
Nonce: authReq.Nonce, Nonce: authReq.Nonce,
Scopes: authReq.Scopes, Scopes: authReq.Scopes,
Claims: authReq.Claims, Claims: authReq.Claims,
Expiry: s.now().Add(time.Minute * 5), Expiry: s.now().Add(time.Minute * 30),
RedirectURI: authReq.RedirectURI, RedirectURI: authReq.RedirectURI,
} }
if err := s.storage.CreateAuthCode(code); err != nil { if err := s.storage.CreateAuthCode(code); err != nil {