Always regenerate a new token on valid client credentials #2
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
So we got this scenario where a client calls our API every 24hrs and calls the token endpoint first every time. Now this token endpoint will just return the currently valid token. But seeing as this token is valid for exactly 24hrs he now sometimes ends up with an invalid token for his request.
I changed the behavior to have the endpoint
only return a currently valid access token when it does not expire within the next 5 minutes.always generate a new token on valid client credentials.