fix(apps/web): enhance JWT response with token type and expiration details (calcom#24841)

zhyd1997 · anikdhabal · Udit-takkar · web-flow · commit e24e1d87698f · 2025-11-10T02:15:56.000+05:30
* fix: enhance JWT response with token type and expiration details

* fix: update email generation in createUsersFixture to use v4 UUID without dashes

* revert: update email generation in createUsersFixture to use short-uuid for unique email identifiers

---------

Co-authored-by: Anik Dhabal Babu &lt;81948346+anikdhabal@users.noreply.github.com&gt;
Co-authored-by: Udit Takkar &lt;53316345+Udit-takkar@users.noreply.github.com&gt;
Co-authored-by: Volnei Munhoz &lt;volnei@cal.com&gt;
Co-authored-by: Dhairyashil Shinde &lt;93669429+dhairyashiil@users.noreply.github.com&gt;
diff --git a/apps/web/app/api/auth/oauth/token/route.ts b/apps/web/app/api/auth/oauth/token/route.ts
@@ -79,15 +79,28 @@ async function handler(req: NextRequest) {
     clientId: client_id,
   };
 
+  const accessTokenExpiresIn = 1800; // 30 minutes
+
   const access_token = jwt.sign(payloadAuthToken, secretKey, {
-    expiresIn: 1800, // 30 min
+    expiresIn: accessTokenExpiresIn,
   });
 
   const refresh_token = jwt.sign(payloadRefreshToken, secretKey, {
     expiresIn: 30 * 24 * 60 * 60, // 30 days
   });
 
-  return NextResponse.json({ access_token, refresh_token }, { status: 200 });
+  // @see https://datatracker.ietf.org/doc/html/rfc6749#section-5.1
+  return NextResponse.json(
+    { access_token, token_type: "bearer", refresh_token, expires_in: accessTokenExpiresIn },
+    {
+      status: 200,
+      headers: {
+        "Content-Type": "application/json;charset=UTF-8",
+        "Cache-Control": "no-store",
+        Pragma: "no-cache",
+      },
+    }
+  );
 }
 
 export const POST = defaultResponderForAppDir(handler);
