From fc81e6443a175c184f76b54b8a00758d095fe402 Mon Sep 17 00:00:00 2001
From: tobi <31960611+tsmethurst@users.noreply.github.com>
Date: Thu, 28 Jul 2022 16:43:42 +0200
Subject: [PATCH] [bugfix] remove <= 0 `expires_in` from oauth token response
 (#731)

* remove <= 0 expired_in from oauth token response

* go fmt
---
 internal/oauth/server.go | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/internal/oauth/server.go b/internal/oauth/server.go
index d520b19ec..bb863b740 100644
--- a/internal/oauth/server.go
+++ b/internal/oauth/server.go
@@ -133,6 +133,23 @@ func (s *s) HandleTokenRequest(r *http.Request) (map[string]interface{}, gtserro
 	}
 
 	data := s.server.GetTokenData(ti)
+
+	if expiresInI, ok := data["expires_in"]; ok {
+		switch expiresIn := expiresInI.(type) {
+		case int64:
+			// remove this key from the returned map
+			// if the value is 0 or less, so that clients
+			// don't interpret the token as already expired
+			if expiresIn <= 0 {
+				delete(data, "expires_in")
+			}
+		default:
+			err := errors.New("expires_in was set on token response, but was not an int64")
+			return nil, gtserror.NewErrorInternalError(err)
+		}
+	}
+
+	// add this for mastodon api compatibility
 	data["created_at"] = ti.GetAccessCreateAt().Unix()
 
 	return data, nil