From 6e26bd204a1ee130b5144e98a4bcd0edadcdddc4 Mon Sep 17 00:00:00 2001
From: Caleb Doxsey <cdoxsey@pomerium.com>
Date: Wed, 5 Aug 2020 14:04:04 -0600
Subject: [PATCH] set session state expiry (#1215)

---
 authenticate/handlers.go | 9 +++------
 1 file changed, 3 insertions(+), 6 deletions(-)

diff --git a/authenticate/handlers.go b/authenticate/handlers.go
index 61546ea7a..3cb84f004 100644
--- a/authenticate/handlers.go
+++ b/authenticate/handlers.go
@@ -17,7 +17,7 @@ import (
 	"github.com/pomerium/csrf"
 	"github.com/rs/cors"
 	"golang.org/x/oauth2"
-	"google.golang.org/protobuf/types/known/timestamppb"
+	"gopkg.in/square/go-jose.v2/jwt"
 
 	"github.com/pomerium/pomerium/internal/httputil"
 	"github.com/pomerium/pomerium/internal/identity/manager"
@@ -533,10 +533,7 @@ func (a *Authenticate) saveSessionToDataBroker(ctx context.Context, sessionState
 	}
 
 	sessionExpiry, _ := ptypes.TimestampProto(time.Now().Add(a.cookieOptions.Expire))
-	var idTokenExpiry *timestamppb.Timestamp
-	if sessionState.Expiry != nil {
-		idTokenExpiry, _ = ptypes.TimestampProto(sessionState.Expiry.Time())
-	}
+	sessionState.Expiry = jwt.NewNumericDate(sessionExpiry.AsTime())
 	idTokenIssuedAt, _ := ptypes.TimestampProto(sessionState.IssuedAt.Time())
 
 	s := &session.Session{
@@ -546,7 +543,7 @@ func (a *Authenticate) saveSessionToDataBroker(ctx context.Context, sessionState
 		IdToken: &session.IDToken{
 			Issuer:    sessionState.Issuer,
 			Subject:   sessionState.Subject,
-			ExpiresAt: idTokenExpiry,
+			ExpiresAt: sessionExpiry,
 			IssuedAt:  idTokenIssuedAt,
 		},
 		OauthToken: manager.ToOAuthToken(accessToken),