allow zero expiration on access tokens

dmcinnes · dmcinnes · commit 856c77b97382 · 2019-09-24T13:58:52.000-07:00
diff --git a/manage/manage_test.go b/manage/manage_test.go
@@ -43,7 +43,11 @@ func TestManager(t *testing.T) {
 			testManager(tgr, manager)
 		})
 
-		Convey("Token zero expire refresh test", func() {
+		Convey("zero expiration access token test", func() {
+			testZeroAccessExpirationManager(tgr, manager)
+		})
+
+		Convey("zero expiration refresh token test", func() {
 			testZeroRefreshExpirationManager(tgr, manager)
 		})
 	})
@@ -113,6 +117,41 @@ func testManager(tgr *oauth2.TokenGenerateRequest, manager oauth2.Manager) {
 	So(err, ShouldNotBeNil)
 }
 
+func testZeroAccessExpirationManager(tgr *oauth2.TokenGenerateRequest, manager oauth2.Manager) {
+	config := manage.Config{
+		AccessTokenExp:    0, // Set explicitly as we're testing 0 (no) expiration
+		IsGenerateRefresh: true,
+	}
+	m, ok := manager.(*manage.Manager)
+	So(ok, ShouldBeTrue)
+	m.SetAuthorizeCodeTokenCfg(&config)
+
+	cti, err := manager.GenerateAuthToken(oauth2.Code, tgr)
+	So(err, ShouldBeNil)
+
+	code := cti.GetCode()
+	So(code, ShouldNotBeEmpty)
+
+	atParams := &oauth2.TokenGenerateRequest{
+		ClientID:     tgr.ClientID,
+		ClientSecret: "11",
+		RedirectURI:  tgr.RedirectURI,
+		Code:         code,
+	}
+	ati, err := manager.GenerateAccessToken(oauth2.AuthorizationCode, atParams)
+	So(err, ShouldBeNil)
+
+	accessToken, refreshToken := ati.GetAccess(), ati.GetRefresh()
+	So(accessToken, ShouldNotBeEmpty)
+	So(refreshToken, ShouldNotBeEmpty)
+
+	tokenInfo, err := manager.LoadAccessToken(accessToken)
+	So(err, ShouldBeNil)
+	So(tokenInfo, ShouldNotBeNil)
+	So(tokenInfo.GetAccess(), ShouldEqual, accessToken)
+	So(tokenInfo.GetAccessExpiresIn(), ShouldEqual, 0)
+}
+
 func testZeroRefreshExpirationManager(tgr *oauth2.TokenGenerateRequest, manager oauth2.Manager) {
 	config := manage.Config{
 		RefreshTokenExp:   0, // Set explicitly as we're testing 0 (no) expiration
diff --git a/manage/manager.go b/manage/manager.go
@@ -468,7 +468,8 @@ func (m *Manager) LoadAccessToken(access string) (info oauth2.TokenInfo, err err
 		ti.GetRefreshCreateAt().Add(ti.GetRefreshExpiresIn()).Before(ct) {
 		err = errors.ErrExpiredRefreshToken
 		return
-	} else if ti.GetAccessCreateAt().Add(ti.GetAccessExpiresIn()).Before(ct) {
+	} else if ti.GetAccessExpiresIn() != 0 &&
+		ti.GetAccessCreateAt().Add(ti.GetAccessExpiresIn()).Before(ct) {
 		err = errors.ErrExpiredAccessToken
 		return
 	}
