Uploaded image for project: 'Nuxeo Platform'
  1. Nuxeo Platform
  2. NXP-26875

Use a whole number of seconds for the OAuth 2 access token lifetime

    Details

      Description

      The RFC stipulates that the expires_in entity-body parameter of the token response is "The lifetime in seconds of the access token."

      More precisely, it is defined by expires-in = 1*DIGIT, so it must be a whole number of seconds.

      Yet, we are currently using a double value when serializing the "expires_in" field in JSON and this causes some clients to fail reading the token response.

      This was discovered while implementing account linking with OAuth 2 for the Nuxeo Google Assistant, see INNOV-21.

        Attachments

          Activity

            People

            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Time Tracking

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - 0 minutes
                0m
                Logged:
                Time Spent - 3 hours
                3h

                  PagerDuty

                  Error rendering 'com.pagerduty.jira-server-plugin:PagerDuty'. Please contact your Jira administrators.