You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When a token passes a String date field for expires_at, an exception is thrown, making it impossible to parse the token.
My team encountered this attempting to do an OAuth flow with Square (https://squareup.com), so this is certainly happening in out in the wild. Square passes a string date, something like '2021-JUN-12 13:42:36'.
In addition, it looks as though this same issue would happen if a string were passed on exipires_in, though that seems much less likely. Still, a check on the data type wouldn't hurt.
How to reproduce
Attempt to parse a token with a String expires_at. An exception will be thrown.
Expected behavior
One of two things should happen. Either we should just ignore the expires_at field, or we should try to parse it as a datetime.
Personally, I'd go with the option of just ignoring any non-Integers in this field.
Describe the bug
When a token passes a String date field for
expires_at
, an exception is thrown, making it impossible to parse the token.My team encountered this attempting to do an OAuth flow with Square (https://squareup.com), so this is certainly happening in out in the wild. Square passes a string date, something like '2021-JUN-12 13:42:36'.
In addition, it looks as though this same issue would happen if a string were passed on
exipires_in
, though that seems much less likely. Still, a check on the data type wouldn't hurt.How to reproduce
Attempt to parse a token with a String
expires_at
. An exception will be thrown.Expected behavior
One of two things should happen. Either we should just ignore the
expires_at
field, or we should try to parse it as a datetime.Personally, I'd go with the option of just ignoring any non-Integers in this field.
Additional context
The line this is happening on is here:
oauthlib/oauthlib/oauth2/rfc6749/clients/base.py
Line 515 in b69fa53
Either catch the exception or just checking that the
expires_at
field is valid before casting it as an int.The text was updated successfully, but these errors were encountered: