From 57ff570348065d4b2880c45c6d037893ca7bb0cb Mon Sep 17 00:00:00 2001
From: Naoto Kobayashi <naoto.kobayashi4c@gmail.com>
Date: Thu, 11 Aug 2022 15:05:31 +0900
Subject: [PATCH] Fix expires_in in OAuth2 Token is too huge

According to RFC6749, expires_in in OAuth2 Token is the lifetime in
seconds of the access token.

- https://www.rfc-editor.org/rfc/rfc6749#section-4.2.2

But mockoidc set MockOIDC.AccessTTL directly to expires_in, making
expires_in huge; e.g. if AccessTTL = 10 * time.Seconds (1000000000),
expires_in becomes 10000000000 in seconds.

Fix it.

Signed-off-by: Naoto Kobayashi <naoto.kobayashi4c@gmail.com>
---
 handlers.go | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/handlers.go b/handlers.go
index 1cd7b72..6fc6fb1 100644
--- a/handlers.go
+++ b/handlers.go
@@ -180,7 +180,8 @@ func (m *MockOIDC) Token(rw http.ResponseWriter, req *http.Request) {
 	tr := &tokenResponse{
 		RefreshToken: req.Form.Get("refresh_token"),
 		TokenType:    "bearer",
-		ExpiresIn:    m.AccessTTL,
+		// expires_in in OAuth2 Token is the lifetime in seconds of the access token
+		ExpiresIn: m.AccessTTL / time.Second,
 	}
 	err = m.setTokens(tr, session, grantType)
 	if err != nil {