From 8cee80a295a66c6542159596ae0391a557afa7a2 Mon Sep 17 00:00:00 2001 From: Adam Rodriguez Date: Tue, 10 Dec 2024 21:36:05 -0600 Subject: [PATCH] fix for invalid expires value Cherry-picked from https://github.com/thephpleague/oauth2-client/pull/929 --- src/Token/AccessToken.php | 2 +- test/src/Token/AccessTokenTest.php | 26 ++++++++++++++++++++++++++ 2 files changed, 27 insertions(+), 1 deletion(-) diff --git a/src/Token/AccessToken.php b/src/Token/AccessToken.php index 92f94ff4..331b0ace 100644 --- a/src/Token/AccessToken.php +++ b/src/Token/AccessToken.php @@ -118,7 +118,7 @@ public function __construct(array $options = []) } elseif (!empty($options['expires'])) { // Some providers supply the seconds until expiration rather than // the exact timestamp. Take a best guess at which we received. - $expires = $options['expires']; + $expires = (int) $options['expires']; if (!$this->isExpirationTimestamp($expires)) { $expires += $this->getTimeNow(); diff --git a/test/src/Token/AccessTokenTest.php b/test/src/Token/AccessTokenTest.php index 4f08d3e1..e135fcc4 100644 --- a/test/src/Token/AccessTokenTest.php +++ b/test/src/Token/AccessTokenTest.php @@ -222,6 +222,32 @@ public function testInvalidExpiresIn() self::tearDownForBackwardsCompatibility(); } + public function testInvalidExpiresWhenExpiresDoesNotCastToInteger() + { + $options = [ + 'access_token' => 'access_token', + 'expires' => 'TEXT', + ]; + + $token = $this->getAccessToken($options); + + $this->assertSame($token->getTimeNow(), $token->getExpires()); + } + + public function testInvalidExpiresWhenExpiresCastsToInteger() + { + $options = [ + 'access_token' => 'access_token', + 'expires' => '3TEXT', + ]; + + $token = $this->getAccessToken($options); + + $this->assertSame($token->getTimeNow() + 3, $token->getExpires()); + $this->assertFalse($token->hasExpired()); + + self::tearDownForBackwardsCompatibility(); + } public function testJsonSerializable() {