Expect the remote exp to be defined in time zone UTC conform rfc (Fix…

jazzband / django-oauth-toolkit

OAuth2 goodies for the Djangonauts!

https://django-oauth-toolkit.readthedocs.io

Other

3.13k stars 792 forks source link

Expect the remote exp to be defined in time zone UTC conform rfc (Fix… #1292

Closed wkleinheerenbrink closed 4 months ago

wkleinheerenbrink commented 1 year ago

Fixes #1291

Description of the Change

Interpret the EXP in access tokens as being UTC. Introduces an extra setting AUTHENTICATION_SERVER_EXP_TIME_ZONE to allow for the workaround in case of a remote authentication server that, wrongly, does not server the EXP in UTC.

Checklist

[x] PR only contains one change (considered splitting up PR)
[x] unit-test added
[x] documentation updated
[x] CHANGELOG.md updated (only for user relevant changes)
[x] author name in AUTHORS

dopry commented 12 months ago

@wkleinheerenbrink could you rebase this PR to resolve the conflicts? I'll prioritize reviewing it in the next few days.

makeevolution commented 5 months ago

I have this issue too; can I continue this?

n2ygk commented 4 months ago

https://docs.python.org/3/library/zoneinfo.html was added in Python 3.9 so the 3.8 tests fail because functools.lru_cache fails to cache the Import exception.