|
|
|
|
@ -143,6 +143,7 @@ func (s *Server) handleAuthorization(w http.ResponseWriter, r *http.Request) {
|
|
|
|
|
s.renderError(w, http.StatusInternalServerError, err.Type, err.Description) |
|
|
|
|
return |
|
|
|
|
} |
|
|
|
|
authReq.Expiry = s.now().Add(time.Minute * 30) |
|
|
|
|
if err := s.storage.CreateAuthRequest(authReq); err != nil { |
|
|
|
|
log.Printf("Failed to create authorization request: %v", err) |
|
|
|
|
s.renderError(w, http.StatusInternalServerError, errServerError, "") |
|
|
|
|
@ -342,7 +343,7 @@ func (s *Server) handleApproval(w http.ResponseWriter, r *http.Request) {
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
func (s *Server) sendCodeResponse(w http.ResponseWriter, r *http.Request, authReq storage.AuthRequest) { |
|
|
|
|
if authReq.Expiry.After(s.now()) { |
|
|
|
|
if s.now().After(authReq.Expiry) { |
|
|
|
|
s.renderError(w, http.StatusBadRequest, errInvalidRequest, "Authorization request period has expired.") |
|
|
|
|
return |
|
|
|
|
} |
|
|
|
|
@ -373,7 +374,7 @@ func (s *Server) sendCodeResponse(w http.ResponseWriter, r *http.Request, authRe
|
|
|
|
|
Nonce: authReq.Nonce, |
|
|
|
|
Scopes: authReq.Scopes, |
|
|
|
|
Claims: authReq.Claims, |
|
|
|
|
Expiry: s.now().Add(time.Minute * 5), |
|
|
|
|
Expiry: s.now().Add(time.Minute * 30), |
|
|
|
|
RedirectURI: authReq.RedirectURI, |
|
|
|
|
} |
|
|
|
|
if err := s.storage.CreateAuthCode(code); err != nil { |
|
|
|
|
|
Eric Chiang
10 years ago