[evolution-data-server] ESoupAuthBearer: Shorten the token expiry time by 4 more seconds

[Milan Crha <mcrha src gnome org>]

commit 4aaf2d0bb00839924b25e51d47be9b9bde282f1f
Author: Milan Crha <mcrha redhat com>
Date:   Wed Feb 17 16:08:47 2021 +0100

    ESoupAuthBearer: Shorten the token expiry time by 4 more seconds
    
    Consider the token expired 5 seconds before the server reported it to be expired,
    instead of only one second before it, to avoid timing race, which can send
    a request with no Bearer Authorization header when the token expires just
    between starting the request and sending it. Also pass at least the outdated
    token instead of no token at all.

 src/libedataserver/e-soup-auth-bearer.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)
---
diff --git a/src/libedataserver/e-soup-auth-bearer.c b/src/libedataserver/e-soup-auth-bearer.c
index ba3e210fa..78fd1313b 100644
--- a/src/libedataserver/e-soup-auth-bearer.c
+++ b/src/libedataserver/e-soup-auth-bearer.c
@@ -120,8 +120,7 @@ e_soup_auth_bearer_is_authenticated (SoupAuth *auth)
 
        g_mutex_lock (&bearer->priv->property_lock);
 
-       if (!e_soup_auth_bearer_is_expired_locked (bearer))
-               authenticated = (bearer->priv->access_token != NULL);
+       authenticated = (bearer->priv->access_token != NULL);
 
        g_mutex_unlock (&bearer->priv->property_lock);
 
@@ -214,7 +213,7 @@ e_soup_auth_bearer_set_access_token (ESoupAuthBearer *bearer,
        bearer->priv->access_token = g_strdup (access_token);
 
        if (expires_in_seconds > 0)
-               bearer->priv->expiry = time (NULL) + expires_in_seconds - 1;
+               bearer->priv->expiry = time (NULL) + expires_in_seconds - 5;
        else
                bearer->priv->expiry = EXPIRY_INVALID;