From 40eca5b8b64783c1d19516bb1b20661d7d295a33 Mon Sep 17 00:00:00 2001
From: ErickSkrauch <erickskrauch@yandex.ru>
Date: Fri, 13 Dec 2019 16:00:51 +0300
Subject: [PATCH] Remove expires_in field when the access_token isn't expiring

---
 api/modules/oauth/models/OauthProcess.php          | 14 +++++++++-----
 api/tests/functional/oauth/AccessTokenCest.php     |  2 +-
 .../functional/oauth/ClientCredentialsCest.php     |  2 +-
 3 files changed, 11 insertions(+), 7 deletions(-)

diff --git a/api/modules/oauth/models/OauthProcess.php b/api/modules/oauth/models/OauthProcess.php
index 8da56f7..8e087a7 100644
--- a/api/modules/oauth/models/OauthProcess.php
+++ b/api/modules/oauth/models/OauthProcess.php
@@ -176,11 +176,15 @@ class OauthProcess {
             }
 
             if (($result['expires_in'] ?? 0) <= 0) {
-                // Since some of our clients use this field to understand how long the token will live,
-                // we have to give it some value. The tokens with zero lifetime don't expire
-                // but in order not to break the clients storing the value as integer on 32-bit systems,
-                // let's calculate the value based on the unsigned maximum for this type
-                $result['expires_in'] = 2 ** 31 - time();
+                if ($shouldIssueRefreshToken || $grantType === 'refresh_token') {
+                    // Since some of our clients use this field to understand how long the token will live,
+                    // we have to give it some value. The tokens with zero lifetime don't expire
+                    // but in order not to break the clients storing the value as integer on 32-bit systems,
+                    // let's calculate the value based on the unsigned maximum for this type
+                    $result['expires_in'] = 2 ** 31 - time();
+                } else {
+                    unset($result['expires_in']);
+                }
             }
 
             Yii::$app->statsd->inc("oauth.issueToken_client.{$clientId}");
diff --git a/api/tests/functional/oauth/AccessTokenCest.php b/api/tests/functional/oauth/AccessTokenCest.php
index c6ede99..d3b2132 100644
--- a/api/tests/functional/oauth/AccessTokenCest.php
+++ b/api/tests/functional/oauth/AccessTokenCest.php
@@ -22,7 +22,7 @@ class AccessTokenCest {
             'token_type' => 'Bearer',
         ]);
         $I->canSeeResponseJsonMatchesJsonPath('$.access_token');
-        $I->canSeeResponseJsonMatchesJsonPath('$.expires_in');
+        $I->cantSeeResponseJsonMatchesJsonPath('$.expires_in');
         $I->cantSeeResponseJsonMatchesJsonPath('$.refresh_token');
     }
 
diff --git a/api/tests/functional/oauth/ClientCredentialsCest.php b/api/tests/functional/oauth/ClientCredentialsCest.php
index 8712803..a7df96b 100644
--- a/api/tests/functional/oauth/ClientCredentialsCest.php
+++ b/api/tests/functional/oauth/ClientCredentialsCest.php
@@ -79,7 +79,7 @@ class ClientCredentialsCest {
             'token_type' => 'Bearer',
         ]);
         $I->canSeeResponseJsonMatchesJsonPath('$.access_token');
-        $I->canSeeResponseJsonMatchesJsonPath('$.expires_in');
+        $I->cantSeeResponseJsonMatchesJsonPath('$.expires_in');
         $I->cantSeeResponseJsonMatchesJsonPath('$.refresh_token');
     }