Page MenuHomePhabricator
Create Task
Maniphest T269510

OAuth uses various magic numbers
Open, Needs TriagePublic
Actions

Description

P292277000000Y is used in ClientEntity. No idea what it means, minimal to no documentation

A little more information is found in AuthorizationProvider...

	private function parseExpiration( $expiration ) {
		if ( $expiration === false || $expiration === 'infinity' ) {
			// Effectively non-expiring tokens
			$expiration = 'P292277000000Y';
		}

		return $expiration;
	}

But why is P292277000000Y effectively "non-expiring"/infinite?

More in AuthorizationProviderTest..

	public function provideExpirationInterval() {
		return [
			[ 'P30D', 2592000 ],
			[ false, 9223371259704000000 ],
			[ 'infinity', 9223371259704000000 ],
		];
	}

2592000 is 60*60*24*30... Fine. The other two? no idea...

PT1M and PT1H are also used... Presumably 1H and 1M?

A bit of digging shows it's https://en.wikipedia.org/wiki/ISO_8601#Durations based on https://www.php.net/manual/en/dateinterval.construct.php#112675

In AccessTokenRepository

		if ( $expiry > 9223371197536780800 ) {
			$expiry = 'infinity';
		}

Why does that mean infinity?

Related Objects

Event Timeline

Reedy created this task.Dec 6 2020, 12:26 AM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptDec 6 2020, 12:26 AM
Reedy updated the task description. (Show Details)Dec 6 2020, 12:29 AM
DannyS712 subscribed.Dec 6 2020, 12:57 AM
Base subscribed.Dec 6 2020, 2:25 AM
Base added a comment.Dec 6 2020, 2:30 AM

P292277000000Y seems to be close to the equivalent of Year 2038 problem but for 64 bit systems.

Reedy updated the task description. (Show Details)Dec 6 2020, 2:33 AM
Base added a comment.EditedDec 6 2020, 2:34 AM

9223371259704000000/31536000 = 292471184034.2466, so roughly the same as above. Where 31536000 is number of seconds in 365 days.

Base added a comment.Dec 6 2020, 2:38 AM

9223371259704000000/31557600 = 292270998418.8912, which is closer. (by average number of seconds in one year now). I wonder how to get the original number though (consider leap seconds? xD)

Reedy added a comment.Dec 11 2020, 4:15 AM

I note this is a *little* better with the fix for T269502: Invalid timestamp/Failed asserting that $timestamp1 is identical to $timestamp2 merged

Base added a comment.Dec 11 2020, 6:46 AM

Though 1000 years does not look as fancy as the number over 10 times greater than the age of the universe :)

Reedy mentioned this in T192448: Add PHP Magic Number Detector.Oct 16 2024, 3:24 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits