Uploaded image for project: 'Spring Security OAuth'
  1. Spring Security OAuth
  2. SECOAUTH-79

Incompatible with Facebook which uses 'expires' instead of 'expires_in'

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Minor
    • Resolution: Complete
    • Affects Version/s: 1.0.0.M3
    • Fix Version/s: 1.0.0.M4
    • Component/s: OAuth 2
    • Labels:
      None

      Description

      Facebook transmits 'expires' with an absolute unix timestamp, instead of 'expires_in' with a relative timestamp.

        Activity

        Hide
        fhackenberger Florian Hackenberger added a comment -

        ? I'm a bit puzzled, so you think the heuristic I implemented in the attached file is acceptable, but you still would resolve the bug as won't fix?

        Show
        fhackenberger Florian Hackenberger added a comment - ? I'm a bit puzzled, so you think the heuristic I implemented in the attached file is acceptable, but you still would resolve the bug as won't fix?
        Hide
        david_syer Dave Syer added a comment -

        How would you expect it to be "fixed"? Are you proposing the FacebookFixedOAuth2SerializationService as an addition to the framework? Or should we just add it to the sample? I'm not sure we want to start implementing workarounds in the framework itself for random incorrect specific implementations of the spec - it's hard enough keeping up with changes in the spec itself, never mind all the individual implementations. But your opinion is valuable, so if you disagree, or I just misunderstood something, please say.

        Show
        david_syer Dave Syer added a comment - How would you expect it to be "fixed"? Are you proposing the FacebookFixedOAuth2SerializationService as an addition to the framework? Or should we just add it to the sample? I'm not sure we want to start implementing workarounds in the framework itself for random incorrect specific implementations of the spec - it's hard enough keeping up with changes in the spec itself, never mind all the individual implementations. But your opinion is valuable, so if you disagree, or I just misunderstood something, please say.
        Hide
        rheaton Ryan Heaton added a comment -

        I think the "fix" would be to clearly document the issue and perhaps apply the workaround to the tonr2 sample.

        Show
        rheaton Ryan Heaton added a comment - I think the "fix" would be to clearly document the issue and perhaps apply the workaround to the tonr2 sample.
        Hide
        david_syer Dave Syer added a comment -

        SECOAUTH-51 should allow this idiosyncracy to be worked around easily. I have also added a paragraph to the docs (now in GH wiki pages).

        Show
        david_syer Dave Syer added a comment - SECOAUTH-51 should allow this idiosyncracy to be worked around easily. I have also added a paragraph to the docs (now in GH wiki pages).
        Hide
        rheaton Ryan Heaton added a comment -

        Closed with 1.0.0.M4.

        Show
        rheaton Ryan Heaton added a comment - Closed with 1.0.0.M4.

          People

          • Assignee:
            david_syer Dave Syer
            Reporter:
            fhackenberger Florian Hackenberger
          • Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development