From 53865ae8305f7c9c3bd6343ef769f499d425cdb5 Mon Sep 17 00:00:00 2001
From: Patrick Bender <Patrick.Bender@softgarden.de>
Date: Fri, 1 Dec 2023 14:50:10 +0100
Subject: [PATCH] Fixes #1318 by multiplying decreaseExpirationBySec with 1000.
 Also fixes wrong subtraction of getClockSkewInMsec

Signed-off-by: Patrick Bender <Patrick.Bender@softgarden.de>
---
 projects/lib/src/oauth-service.ts | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/projects/lib/src/oauth-service.ts b/projects/lib/src/oauth-service.ts
index b241adc5..26edec9e 100644
--- a/projects/lib/src/oauth-service.ts
+++ b/projects/lib/src/oauth-service.ts
@@ -2268,7 +2268,7 @@ export class OAuthService extends AuthConfig implements OnDestroy {
 
     if (
       issuedAtMSec - clockSkewInMSec >= now ||
-      expiresAtMSec + clockSkewInMSec - this.decreaseExpirationBySec <= now
+      expiresAtMSec + clockSkewInMSec - this.decreaseExpirationBySec * 1000 <= now
     ) {
       const err = 'Token has expired';
       console.error(err);
@@ -2424,8 +2424,7 @@ export class OAuthService extends AuthConfig implements OnDestroy {
       const now = this.dateTimeService.new();
       if (
         expiresAt &&
-        parseInt(expiresAt, 10) - this.decreaseExpirationBySec <
-          now.getTime() - this.getClockSkewInMsec()
+        parseInt(expiresAt, 10) - this.decreaseExpirationBySec * 1000 < now.getTime()
       ) {
         return false;
       }