Allow refresh tokens that never expire

If the expiration duration is set to zero, the refresh tokens never
expire.

Author: dmcinnes

manage/manage_test.go

@@ -41,6 +41,10 @@ func TestManager(t *testing.T) {
 		Convey("Token test", func() {
 			testManager(tgr, manager)
 		})
+
+		Convey("Token zero expire refresh test", func() {
+			testZeroRefreshExpirationManager(tgr, manager)
+		})
 	})
 }
 
@@ -107,3 +111,38 @@ func testManager(tgr *oauth2.TokenGenerateRequest, manager oauth2.Manager) {
 	_, err = manager.LoadRefreshToken(refreshToken)
 	So(err, ShouldNotBeNil)
 }
+
+func testZeroRefreshExpirationManager(tgr *oauth2.TokenGenerateRequest, manager oauth2.Manager) {
+	config := manage.Config{
+		RefreshTokenExp:   0, // Set explicitly as we're testing 0 (no) expiration
+		IsGenerateRefresh: true,
+	}
+	m, ok := manager.(*manage.Manager)
+	So(ok, ShouldBeTrue)
+	m.SetAuthorizeCodeTokenCfg(&config)
+
+	cti, err := manager.GenerateAuthToken(oauth2.Code, tgr)
+	So(err, ShouldBeNil)
+
+	code := cti.GetCode()
+	So(code, ShouldNotBeEmpty)
+
+	atParams := &oauth2.TokenGenerateRequest{
+		ClientID:     tgr.ClientID,
+		ClientSecret: "11",
+		RedirectURI:  tgr.RedirectURI,
+		Code:         code,
+	}
+	ati, err := manager.GenerateAccessToken(oauth2.AuthorizationCode, atParams)
+	So(err, ShouldBeNil)
+
+	accessToken, refreshToken := ati.GetAccess(), ati.GetRefresh()
+	So(accessToken, ShouldNotBeEmpty)
+	So(refreshToken, ShouldNotBeEmpty)
+
+	tokenInfo, err := manager.LoadRefreshToken(refreshToken)
+	So(err, ShouldBeNil)
+	So(tokenInfo, ShouldNotBeNil)
+	So(tokenInfo.GetRefresh(), ShouldEqual, refreshToken)
+	So(tokenInfo.GetRefreshExpiresIn(), ShouldEqual, 0)
+}

manage/manager.go

@@ -489,7 +489,8 @@ func (m *Manager) LoadRefreshToken(refresh string) (info oauth2.TokenInfo, err e
 	} else if ti == nil || ti.GetRefresh() != refresh {
 		err = errors.ErrInvalidRefreshToken
 		return
-	} else if ti.GetRefreshCreateAt().Add(ti.GetRefreshExpiresIn()).Before(time.Now()) {
+	} else if ti.GetRefreshExpiresIn() != 0 && // refresh token set to not expire
+		ti.GetRefreshCreateAt().Add(ti.GetRefreshExpiresIn()).Before(time.Now()) {
 		err = errors.ErrExpiredRefreshToken
 		return
 	}

store/token.go

@@ -47,17 +47,19 @@ func (ts *TokenStore) Create(info oauth2.TokenInfo) (err error) {
 		basicID := uuid.Must(uuid.NewRandom()).String()
 		aexp := info.GetAccessExpiresIn()
 		rexp := aexp
+		expires := true
 		if refresh := info.GetRefresh(); refresh != "" {
 			rexp = info.GetRefreshCreateAt().Add(info.GetRefreshExpiresIn()).Sub(ct)
 			if aexp.Seconds() > rexp.Seconds() {
 				aexp = rexp
 			}
-			_, _, err = tx.Set(refresh, basicID, &buntdb.SetOptions{Expires: true, TTL: rexp})
+			expires = info.GetRefreshExpiresIn() != 0
+			_, _, err = tx.Set(refresh, basicID, &buntdb.SetOptions{Expires: expires, TTL: rexp})
 			if err != nil {
 				return
 			}
 		}
-		_, _, err = tx.Set(basicID, string(jv), &buntdb.SetOptions{Expires: true, TTL: rexp})
+		_, _, err = tx.Set(basicID, string(jv), &buntdb.SetOptions{Expires: expires, TTL: rexp})
 		if err != nil {
 			return
 		}