Skip to content

fix(auths): accept float JWT exp in TokenStore._is_expired#10

Open
CV-GPhL wants to merge 1 commit into
wwPDB:developfrom
CV-GPhL:fix/token-is-expired-float-exp
Open

fix(auths): accept float JWT exp in TokenStore._is_expired#10
CV-GPhL wants to merge 1 commit into
wwPDB:developfrom
CV-GPhL:fix/token-is-expired-float-exp

Conversation

@CV-GPhL

@CV-GPhL CV-GPhL commented Jun 22, 2026

Copy link
Copy Markdown

Problem

A JWT exp is a NumericDate and is commonly decoded as a float.
TokenStore._is_expired (src/onedep_lib/auths/token.py) used
not isinstance(exp, int), so any float exp was treated as expired - which
forces an access-token refresh on every call.

Fix

Accept both int and float, and treat only a missing exp as expired:

return exp is None or not isinstance(exp, (int, float)) or exp < time.time() + 60

Test

Adds cases to tests/auths/test_token.py: a future float exp is not expired,
a past float exp is expired, and a missing exp is expired. Full suite green
(146 passed).

A JWT exp is a NumericDate and is commonly decoded as a float. The previous
"not isinstance(exp, int)" treated any float exp as expired, forcing a token
refresh on every call. Accept both int and float; treat only a missing exp as
expired.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant