# HG changeset patch
# User Kim Alvefur <zash@zash.se>
# Date 1606066795 -3600
# Node ID 143515d0b212d6cd8d8b3b133798128420244542
# Parent  871d140d61bbd3ec68bf00b73c5af14814470e66
mod_http_oauth2: Factor out authorization code validity decision

I intend to use it for a couple of more things, so having a single
definition helps keep things tidy

diff -r 871d140d61bb -r 143515d0b212 mod_http_oauth2/mod_http_oauth2.lua
--- a/mod_http_oauth2/mod_http_oauth2.lua	Sun Nov 22 17:00:26 2020 +0100
+++ b/mod_http_oauth2/mod_http_oauth2.lua	Sun Nov 22 18:39:55 2020 +0100
@@ -14,6 +14,10 @@
 local clients = module:open_store("oauth2_clients", "map");
 local codes = module:open_store("oauth2_codes", "map");
 
+local function code_expired(code)
+	return os.difftime(os.time(), code.issued) > 900;
+end
+
 local function oauth_error(err_name, err_desc)
 	return errors.new({
 		type = "modify";
@@ -118,7 +122,7 @@
 	end
 	local code, err = codes:get(client_owner, client_id .. "#" .. params.code);
 	if err then error(err); end
-	if not code or type(code) ~= "table" or os.difftime(os.time(), code.issued) > 900 then
+	if not code or type(code) ~= "table" or code_expired(code) then
 		module:log("debug", "authorization_code invalid or expired: %q", code);
 		return oauth_error("invalid_client", "incorrect credentials");
 	end