From f0f42e2e3a7c1690377072ea8b57c4deaed56f2f Mon Sep 17 00:00:00 2001
From: Peter Sanchez <peter@netlandish.com>
Date: Thu, 15 Feb 2024 19:04:00 -0600
Subject: [PATCH] Correcting OAuth2 token expiration time to account for
 renewal windows

---
 routes.go | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/routes.go b/routes.go
index bf0be9f..15ab43d 100644
--- a/routes.go
+++ b/routes.go
@@ -720,6 +720,13 @@ func (s *Service) AccessTokenPOST(c echo.Context) error {
 		}
 	}
 
+	// OAuth 2.0 specifies that the expiration in the response only affects the
+	// access token, and clients should use the refresh token after the access
+	// token has expired. Return an expiration before the actual one, to give
+	// clients a chance to refresh their access token.
+	// Ref: https://lists.sr.ht/~sircmpwn/sr.ht-dev/patches/47900
+	expires = expires.AddDate(0, -1, 0) // Subtract 1 month
+
 	ret := struct {
 		Token        string `json:"access_token"`
 		Type         string `json:"token_type"`
-- 
2.43.0