Skip to content

Commit

Permalink
set oauth expirations & refresh token fix
Browse files Browse the repository at this point in the history
  • Loading branch information
driesvanspauwen committed Aug 24, 2024
1 parent 7d49bc9 commit 9dfcea8
Show file tree
Hide file tree
Showing 3 changed files with 9 additions and 8 deletions.
13 changes: 7 additions & 6 deletions module/ApiBundle/Controller/OAuthController.php
Original file line number Diff line number Diff line change
Expand Up @@ -305,28 +305,29 @@ public function tokenAction()
return $this->error(401, 'Unknown client_id');
}

$accessToken = new AccessToken(
$newAccessToken = new AccessToken(
$refreshToken->getPerson(),
$refreshToken->getAuthorizationCode()
);
$this->getEntityManager()->persist($accessToken);
$this->getEntityManager()->persist($newAccessToken);

$refreshToken = new RefreshToken(
$newRefreshToken = new RefreshToken(
$refreshToken->getPerson(),
$refreshToken->getAuthorizationCode(),
$key
);
$this->getEntityManager()->persist($refreshToken);

$refreshToken->exchange();

$this->getEntityManager()->persist($refreshToken);
$this->getEntityManager()->persist($newRefreshToken);
$this->getEntityManager()->flush();

$result = array(
'access_token' => $accessToken->getCode(),
'access_token' => $newAccessToken->getCode(),
'expires_in' => AccessToken::DEFAULT_EXPIRATION_TIME,
'token_type' => 'Bearer',
'refresh_token' => $refreshToken->getCode(),
'refresh_token' => $newRefreshToken->getCode(),
);

return new ViewModel(
Expand Down
2 changes: 1 addition & 1 deletion module/ApiBundle/Entity/Token.php
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@
*/
abstract class Token
{
const DEFAULT_EXPIRATION_TIME = 604800;
const DEFAULT_EXPIRATION_TIME = 3600; // 1 hour

/**
* @var string The ID of this authorization code
Expand Down
2 changes: 1 addition & 1 deletion module/ApiBundle/Entity/Token/Refresh.php
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@
*/
class Refresh extends \ApiBundle\Entity\Token
{
const DEFAULT_EXPIRATION_TIME = 1209600;
const DEFAULT_EXPIRATION_TIME = 604800; // 1 week

/**
* @var Key The API key that can refresh the access token
Expand Down

0 comments on commit 9dfcea8

Please sign in to comment.