From 944a8651eadd5db6feabae53faa289a911b8ef6e Mon Sep 17 00:00:00 2001
From: kjagosz <63209438+kjagosz@users.noreply.github.com>
Date: Tue, 21 Oct 2025 11:59:31 +0200
Subject: [PATCH] Update src/mod/auth/sso/oauth2/oauth2.go

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
---
 src/mod/auth/sso/oauth2/oauth2.go | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/mod/auth/sso/oauth2/oauth2.go b/src/mod/auth/sso/oauth2/oauth2.go
index 8ec9e4c..1dbde61 100644
--- a/src/mod/auth/sso/oauth2/oauth2.go
+++ b/src/mod/auth/sso/oauth2/oauth2.go
@@ -320,7 +320,11 @@ func (ar *OAuth2Router) HandleOAuth2Auth(w http.ResponseWriter, r *http.Request)
 			return errors.New("unauthorized")
 		}
 
-		cookie := http.Cookie{Name: tokenCookie, Value: token.AccessToken, Path: "/", Expires: token.Expiry}
+		cookieExpiry := token.Expiry
+		if cookieExpiry.IsZero() || cookieExpiry.Before(time.Now()) {
+			cookieExpiry = time.Now().Add(time.Hour)
+		}
+		cookie := http.Cookie{Name: tokenCookie, Value: token.AccessToken, Path: "/", Expires: cookieExpiry}
 		if scheme == "https" {
 			cookie.Secure = true
 			cookie.SameSite = http.SameSiteLaxMode