Problem with If clause in grant_access_token that checks the expiry of the authcode

Question

Problem with If clause in grant_access_token that checks the expiry of the authcode

Closed this issue 9 years ago · 1 comments

GoogleCodeExporter commented 9 years ago

Hello and thanks for the great library!
In the Jul 19  version, in the file oauth.php line 452 and line 485 in the 
function grant_access_token():

if ($stored["expires"] > time())
$this->error(ERROR_BAD_REQUEST, ERROR_INVALID_GRANT);

I cannot understand why this isn't the other way around, 
if ($stored["expires"] < time()) 
Shouldn't the access token be denied if the current timestamp is greater than 
the auth code expiry timestamp?

Original issue reported on code.google.com by christop...@gmail.com on 18 Aug 2010 at 7:34

Answer 1 · 2015-10-28T11:12:12.000Z

Thanks for reporting this. It was fixed in the August 3rd commit, but the 
libraries in the example folders were not updated correspondingly. They are now 
all up to date in revision 969fd139d1.

Original comment by aaron.parecki on 4 Sep 2010 at 6:45

Changed state: Fixed