wqy / oauth2-php

Automatically exported from code.google.com/p/oauth2-php
MIT License
0 stars 0 forks source link

Problem with If clause in grant_access_token that checks the expiry of the authcode #4

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago
Hello and thanks for the great library!
In the Jul 19  version, in the file oauth.php line 452 and line 485 in the 
function grant_access_token():

if ($stored["expires"] > time())
$this->error(ERROR_BAD_REQUEST, ERROR_INVALID_GRANT);

I cannot understand why this isn't the other way around, 
if ($stored["expires"] < time()) 
Shouldn't the access token be denied if the current timestamp is greater than 
the auth code expiry timestamp?

Original issue reported on code.google.com by christop...@gmail.com on 18 Aug 2010 at 7:34

GoogleCodeExporter commented 8 years ago
Thanks for reporting this. It was fixed in the August 3rd commit, but the 
libraries in the example folders were not updated correspondingly. They are now 
all up to date in revision 969fd139d1.

Original comment by aaron.parecki on 4 Sep 2010 at 6:45