internal: cap expires_in to MaxInt32

Fixes golang/oauth2#279 Change-Id: I29914e7995ec334a7474390a0ba96fe61deba6bb Reviewed-on: https://go-review.googlesource.com/c/161962 Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Ross Light <light@google.com>
2019-02-12 00:20:02 +00:00 · 2019-02-12 00:20:02 +00:00 · e64efc72b4
parent 529b322ea3
commit e64efc72b4
2 changed files with 17 additions and 0 deletions
--- a/internal/token.go
+++ b/internal/token.go
@ -11,6 +11,7 @@ import (
 	"fmt"
 	"io"
 	"io/ioutil"
+	"math"
 	"mime"
 	"net/http"
 	"net/url"
@ -90,6 +91,9 @@ func (e *expirationTime) UnmarshalJSON(b []byte) error {
 	if err != nil {
 		return err
 	}
+	if i > math.MaxInt32 {
+		i = math.MaxInt32
+	}
 	*e = expirationTime(i)
 	return nil
 }
--- a/internal/token_test.go
+++ b/internal/token_test.go
@ -6,7 +6,9 @@ package internal

 import (
 	"context"
+	"fmt"
 	"io"
+	"math"
 	"net/http"
 	"net/http/httptest"
 	"net/url"
@ -62,3 +64,14 @@ func TestRetrieveTokenWithContexts(t *testing.T) {
 		t.Errorf("RetrieveToken (with cancelled context) = nil; want error")
 	}
 }
+
+func TestExpiresInUpperBound(t *testing.T) {
+	var e expirationTime
+	if err := e.UnmarshalJSON([]byte(fmt.Sprint(int64(math.MaxInt32) + 1))); err != nil {
+		t.Fatal(err)
+	}
+	const want = math.MaxInt32
+	if e != want {
+		t.Errorf("expiration time = %v; want %v", e, want)
+	}
+}