Zoho Access Token has invalid expires

[tm1000]

Zoho sends back it's access token with a non standard expires_in_sec in typical zoho form this is not valid according to any specifications. Nor does the Asad library account for this (they probably never had a cache like we do)

The solution for this is to just extend \Asad\OAuth2\Client\AccessToken\ZohoAccessToken and set expires_in from the value of expires_in_sec or wait for this PR: https://github.com/asadku34/oauth2-zoho/pull/1

[Skullbock]

Confirmed, let's what a couple of days, and otherwise we'll extend to fix

[tm1000]

Wanted to give more details here on the issue:

The returned response Zoho gives us is as follows:

Array
(
    [access_token] => <token>
    [expires_in_sec] => 3600
    [api_domain] => https://www.zohoapis.com
    [token_type] => Bearer
    [expires_in] => 3600000
)

As we can see Zoho sets expires_in to be 3600000. I guess this is milliseconds. This violates RFC 6749 section 4.2.2 (https://tools.ietf.org/html/rfc6749#section-4.2.2) and section 5.1 (https://tools.ietf.org/html/rfc6749#section-4.2.2) and section 5.1 (https://tools.ietf.org/html/rfc6749#section-5.1) where it states that this should be:

The lifetime in seconds of the access token

Therefore the Asad library assumes expires_in is in seconds and what you get is a token that expires in a month instead of a day. Using expires_in_sec to replace expires_in is the solution