Schema defines cached_at, expires_on, ext_expires_on as string

rayluo · rayluo · commit 31bc31e7c731 · 2019-03-01T11:58:53.000-08:00
diff --git a/msal/application.py b/msal/application.py
@@ -292,12 +292,14 @@ def acquire_token_silent(
                     })
             now = time.time()
             for entry in matches:
-                if entry["expires_on"] - now < 5*60:
+                expires_in = int(entry["expires_on"]) - now
+                if expires_in < 5*60:
                     continue  # Removal is not necessary, it will be overwritten
+                logger.debug("Cache hit an AT")
                 return {  # Mimic a real response
                     "access_token": entry["secret"],
                     "token_type": "Bearer",
-                    "expires_in": entry["expires_on"] - now,
+                    "expires_in": int(expires_in),  # OAuth2 specs defines it as int
                     }
 
         matches = self.token_cache.find(
@@ -311,6 +313,7 @@ def acquire_token_silent(
                 })
         client = self._build_client(self.client_credential, the_authority)
         for entry in matches:
+            logger.debug("Cache hit an RT")
             response = client.obtain_token_by_refresh_token(
                 entry, rt_getter=lambda token_item: token_item["secret"],
                 scope=decorate_scope(scopes, self.client_id))
diff --git a/msal/token_cache.py b/msal/token_cache.py
@@ -87,6 +87,7 @@ def add(self, event, now=None):
 		    target,
                     ]).lower()
                 now = time.time() if now is None else now
+                expires_in = response.get("expires_in", 3599)
                 self._cache.setdefault(self.CredentialType.ACCESS_TOKEN, {})[key] = {
                     "credential_type": self.CredentialType.ACCESS_TOKEN,
                     "secret": access_token,
@@ -95,9 +96,10 @@ def add(self, event, now=None):
                     "client_id": event.get("client_id"),
                     "target": target,
                     "realm": realm,
-                    "cached_at": now,
-                    "expires_on": now + response.get("expires_in", 3599),
-                    "extended_expires_on": now + response.get("ext_expires_in", 0),
+                    "cached_at": str(int(now)),  # Schema defines it as a string
+                    "expires_on": str(int(now + expires_in)),  # Same here
+                    "extended_expires_on": str(int(  # Same here
+                        now + response.get("ext_expires_in", expires_in))),
                     }
 
             if client_info:
diff --git a/tests/test_token_cache.py b/tests/test_token_cache.py
@@ -39,12 +39,12 @@ def testAdd(self):
             }, now=1000)
         self.assertEqual(
             {
-                'cached_at': 1000,
+                'cached_at': "1000",
                 'client_id': 'my_client_id',
                 'credential_type': 'AccessToken',
                 'environment': 'login.example.com',
-                'expires_on': 4600,
-                'extended_expires_on': 1000,
+                'expires_on': "4600",
+                'extended_expires_on': "4600",
                 'home_account_id': "uid.utid",
                 'realm': 'contoso',
                 'secret': 'an access token',
