Bug with handling "expires" information

Server can return 2 types of expiries:

"expires" and "expires_in"

expires - absolute expiration date, like token will expire at 10 Dec 2014
expires_in - relative expiration time, like token will expire in 3 days.

But you work with both types in the same way:

$this->access_token_expiry = gmstrftime('%Y-%m-%d %H:%M:%S', time() + $expires);

Below is my fix for this:

//FIXED expires issue
if( IsSet($response['expires']) )
{
$this->access_token_expiry = gmstrftime('%Y-%m-%d %H:%M:%S', $expires);
}
else
{
$this->access_token_expiry = gmstrftime('%Y-%m-%d %H:%M:%S', time() + $expires);
}

Unfortunately there inconsistencies in the implementation of different servers.

What server did you see that problem?

This one: https://github.com/lncd/OAuth2

Server is listed on this page: http://oauth.net/2/ so I think it uses standards.. although who knows

The only standard I found that defines token expiry is OAuth 2. It says servers should use expires_in values. So any other value is not standard.

I could add support to non-standard values if they were widely used in well known servers.

That server is just server implementation that uses a non-standard value but it is not widely used. Therefore, I think it is better to tell the developer of that server to make it use standard values.

I agree, although standard value is sent in response too. And it should be correctly handled.