API V8 Token Expiration DateTime isn't stored in UTC #4603

New issue

Open

opened 2026-02-20 16:20:26 -05:00 by deekerman · 3 comments

deekerman commented 2026-02-20 16:20:26 -05:00

Owner

Copy link

Originally created by @deuks on GitHub (Aug 23, 2021).

When creating an Access or Refresh Token using API V8, the expiration datetime isn't stored in UTC in the database.

Instead, the time zone it is stored in is based on the server's php.ini time zone. While I haven't experienced any issues regarding authentication, it does mean it appears wrong in the view.

Possible Fix

This is easily fixable by changing 1 singular line of code in 2 different files:

github.com/salesagility/SuiteCRM@f463031bee/Api/V8/OAuth2/Repository/AccessTokenRepository.php (L83)

github.com/salesagility/SuiteCRM@f463031bee/Api/V8/OAuth2/Repository/RefreshTokenRepository.php (L50)

Either of these format() functions needs to be changed to a getTimestamp(). We can then use gmdate() to properly format the token expiration datetime into UTC Y-m-d H:i:s. I have tested this and it fixed the issue. I can issue a pull request, but I haven't done one before so it will take some time.

To Reproduce:

1. Set php.ini timezone to anything but GMT/UTC.
2. Use API V8 to generate access or refresh token
3. Check Database to see stored datetime of token expiration

Originally created by @deuks on GitHub (Aug 23, 2021). When creating an Access or Refresh Token using API V8, the expiration datetime isn't stored in UTC in the database. Instead, the time zone it is stored in is based on the server's php.ini time zone. While I haven't experienced any issues regarding authentication, it does mean it appears wrong in the view.  #### Possible Fix This is easily fixable by changing 1 singular line of code in 2 different files: https://github.com/salesagility/SuiteCRM/blob/f463031bee59676d7d5be53bb32d551cd70a5648/Api/V8/OAuth2/Repository/AccessTokenRepository.php#L83 https://github.com/salesagility/SuiteCRM/blob/f463031bee59676d7d5be53bb32d551cd70a5648/Api/V8/OAuth2/Repository/RefreshTokenRepository.php#L50 Either of these format() functions needs to be changed to a getTimestamp(). We can then use gmdate() to properly format the token expiration datetime into UTC Y-m-d H:i:s. I have tested this and it fixed the issue. I can issue a pull request, but I haven't done one before so it will take some time. To Reproduce: 1. Set php.ini timezone to anything but GMT/UTC. 2. Use API V8 to generate access or refresh token 3. Check Database to see stored datetime of token expiration

deekerman added the

Type: Bug

Priority:Moderate

Area: API

Severity: Moderate

labels 2026-02-20 16:20:26 -05:00

deekerman commented 2026-02-20 16:20:27 -05:00

Author

Owner

Copy link

@tsmgeek commented on GitHub (Aug 25, 2021):

https://github.com/bshaffer/oauth2-server-php/issues/570

As its a \DateTime object you should be able to do the following. Note that this changes the timezone of the DateTime object itself.
$accessTokenEntity->getExpiryDateTime()->setTimezone(new DateTimeZone('UTC'))->format('Y-m-d H:i:s')

@tsmgeek commented on GitHub (Aug 25, 2021): https://github.com/bshaffer/oauth2-server-php/issues/570 As its a \DateTime object you should be able to do the following. Note that this changes the timezone of the DateTime object itself. `$accessTokenEntity->getExpiryDateTime()->setTimezone(new DateTimeZone('UTC'))->format('Y-m-d H:i:s')`

deekerman commented 2026-02-20 16:20:27 -05:00

Author

Owner

Copy link

@deuks commented on GitHub (Aug 25, 2021):

Yeah that's works just as well. Might switch my fix to that, keeping everything within the DateTime object makes more sense than converting to a timestamp just to use gmdate. Thanks!

@deuks commented on GitHub (Aug 25, 2021): Yeah that's works just as well. Might switch my fix to that, keeping everything within the DateTime object makes more sense than converting to a timestamp just to use gmdate. Thanks!

deekerman commented 2026-02-20 16:20:29 -05:00

Author

Owner

Copy link

@J-Wick4 commented on GitHub (Nov 11, 2023):

I solved this problem by changing the PHP time server value to UTC in php.ini. In personal preferences in SuiteCRM, you can set your timezone.

date.timezone = "UTC"

This method is upgrade safe.

@J-Wick4 commented on GitHub (Nov 11, 2023): I solved this problem by changing the PHP time server value to UTC in php.ini. In personal preferences in SuiteCRM, you can set your timezone. `date.timezone = "UTC"` This method is upgrade safe.

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

hotfix

develop

master

feature/php-8.4-compatibility

hotfix-7.14.x

next

feature/campaigns_revert

v7.15.0

v7.14.8

v7.14.7

v7.14.6

v7.14.5

v7.14.4

v7.14.3

v7.12.14

v7.14.2

v7.14.1

v7.12.13

v7.14.0

v7.14.0-beta

v7.13.4

v7.12.12

v7.12.11

v7.13.3

v7.12.10

v7.13.2

v7.12.9

v7.13.1

v7.13.0

v7.13.0-beta

v7.12.8

v7.12.7

v7.12.6

v7.12.5

v7.12.4

v7.12.3

v7.10.36

v7.12.2

v7.10.35

v7.12.1

v7.10.34

v7.11.23

v7.12.0

v7.12-rc

v7.11.22

v7.10.33

v7.11.21

v7.10.32

v7.11.20

v7.10.31

v7.11.19

v7.10.30

v8.0.0-beta.1

v7.10.29

v7.11.18

v7.11.17

v7.11.16

v7.10.28

v7.11.15

v7.10.27

v7.11.14

v7.10.26

v7.11.13

v7.10.25

v7.11.12

v7.10.24

v7.10.23

v7.11.11

v7.10.22

v7.11.10

v7.10.21

v7.11.9

v7.11.8

v7.10.20

v7.11.7

v7.10.19

v7.8.31

v7.10.18

v7.11.6

v7.11.5

v7.10.17

v7.8.30

v7.11.4

v7.10.16

v7.8.29

v7.11.3

v7.10.15

v7.8.28

v7.11.2

v7.10.14

v7.8.27

v7.11.1

v7.8.26

v7.10.13

v7.11.0

v7.10.12

v7.8.25

v7.11-rc-2

v7.11-rc

v7.10.11

v7.8.24

v7.11-beta

v7.10.10

v7.8.23

v7.10.9

v7.8.22

v7.10.8

v7.8.21

v7.10.7

v7.10.6

v7.8.20

v7.10.5

v7.8.19

v7.10.4

v7.10.3

v7.9.17

v7.8.18

v7.8.17

v7.10.2

v7.9.16

v7.8.16

7.9.15

v7.10.1

v7.10.0

v7.9.14

v7.8.15

v7.8.14

v7.9.13

v7.10-RC-2

v7.8.13

v7.9.12

v.7.9.11

v7.9.11

v7.8.12

v7.9.10

v7.8.11

v7.10-RC

v7.9.9

v7.8.10

v7.10-beta-3

v7.9.8

v7.8.9

v7.10-beta-2

v7.10-beta

v7.9.7

v7.8.8

v7.8.7

7.9.6

v7.9.5

v7.8.6

v7.9.4

v7.9.3

v7.9.2

v7.9.1

v7.8.5

v7.9.0

v7.8.4

v7.9.0-rc

v7.9.0-beta

v7.8.3

v7.8.2

v7.8.1

v7.8.0

v7.8.0-rc

v7.8.0-beta.2

v7.7.9

v7.8.0-beta

v7.7.8

v7.6.10

v7.7.7

v7.6.9

v7.7.6

v7.6.8

v7.7.5

v7.6.7

v7.7.4

v7.7.3

v7.7.2

v7.7.1

v7.7

v7.7-rc2

v7.7-rc

v7.6.6

v7.5.5

v7.6.5

v7.5.4

v7.7-beta2

v7.7-beta1

v7.6.4

v7.6.3

v7.6.2

v7.6.1

v7.6

v7.6-rc

v7.6-beta.2

v7.6-beta-1

v7.5.3

v7.5.2

v7.5.1

v7.5

v7.5-rc

v7.5-beta.2

v7.5-beta

v7.4.3

v7.4.2

v7.4.1

v7.4

v7.3.2

v7.4-rc

v7.4-beta.2

v7.4-beta

v7.3.1

v7.2.4

v7.3

v7.1.8

v7.3beta3

v7.2.3

v7.3-beta

v7.2.2

7.2.2

v7.1.7

7.1.7

v7.1.6

v7.2.1

v7.2

v7.2beta3

v7.1.5

v7.2beta2

v7.2beta

v7.1.4

v7.1.3

v7.1.2

v7.1.1

v7.1

v7.1RC2

v7.1RC

v7.1beta2

v7.1beta

v7.0.2

v7.0.1

Labels

Clear labels   

Area: API

  

Area: Campaigns

  

Area: Cases

  

Area: Clean Up

  

Area: Clean Up: Performance

  

Area: Dashlets

  

Area: Databases

  

Area: Developer Tools

  

Area: Elasticsearch

  

Area: Elasticsearch

  

Area: Emails

  

Area: Emails:Campaigns

  

Area: Emails:Cases

  

Area: Emails:Compose

  

Area: Emails:Config

  

Area: Emails:Templates

  

Area: Environment

  

Area: Installation

  

Area: Language

  

Area: Mobile

  

Area: Module

  

Area: PDFs

  

Area: PHP8

  

Area: Reports

  

Area: Studio

  

Area: Styling

  

Area: Upgrading

  

Area: Workflow

  

Area:Activity Stream

  

Area:Calls

  

Area:Import

  

Area:Projects

  

Area:Search

  

Area:Surveys

  

Area:Themes

  

Area:Users

  

Branch:Hotfix

  

Good First Issue

  

Hacktoberfest

  

Help Wanted

  

PR:Community Contribution

  

PR:Type:Enhancement

  

Priority:Critical

  

Priority:Important

  

Priority:Moderate

  

Severity: Major

  

Severity: Minor

  

Severity: Moderate

  

Status: Requires Code Review

  

Status: Requires Updates

  

Status: Stale

  

Status: Team Investigating

  

Status:Assessed

  

Status:Fix Proposed

  

Status:Needs Assessed

  

Status:Requires Automated Tests

  

Type: Bug

  

Type:Deprecated

  

Type:Discussion

  

Type:Duplicate

  

Type:Invalid

  

Type:Question

  

Type:Suggestion

  

Type:Suggestion

No labels

Area: API

Area: Campaigns

Area: Cases

Area: Clean Up

Area: Clean Up: Performance

Area: Dashlets

Area: Databases

Area: Developer Tools

Area: Elasticsearch

Area: Elasticsearch

Area: Emails

Area: Emails:Campaigns

Area: Emails:Cases

Area: Emails:Compose

Area: Emails:Config

Area: Emails:Templates

Area: Environment

Area: Installation

Area: Language

Area: Mobile

Area: Module

Area: PDFs

Area: PHP8

Area: Reports

Area: Studio

Area: Styling

Area: Upgrading

Area: Workflow

Area:Activity Stream

Area:Calls

Area:Import

Area:Projects

Area:Search

Area:Surveys

Area:Themes

Area:Users

Branch:Hotfix

Good First Issue

Hacktoberfest

Help Wanted

PR:Community Contribution

PR:Type:Enhancement

Priority:Critical

Priority:Important

Priority:Moderate

Severity: Major

Severity: Minor

Severity: Moderate

Status: Requires Code Review

Status: Requires Updates

Status: Stale

Status: Team Investigating

Status:Assessed

Status:Fix Proposed

Status:Needs Assessed

Status:Requires Automated Tests

Type: Bug

Type:Deprecated

Type:Discussion

Type:Duplicate

Type:Invalid

Type:Question

Type:Suggestion

Type:Suggestion

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/SuiteCRM-SuiteCRM#4603

No description provided.