From 02bc86748f803656461f1d311f2dbe97849579b7 Mon Sep 17 00:00:00 2001
From: Jadiel <teofilojadiel@gmail.com>
Date: Sat, 13 Mar 2021 18:02:49 -0300
Subject: [PATCH 1/6] Add breaking tests

---
 tests/test_introspection_auth.py | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/tests/test_introspection_auth.py b/tests/test_introspection_auth.py
index 9f871cdea..d48f9d9f1 100644
--- a/tests/test_introspection_auth.py
+++ b/tests/test_introspection_auth.py
@@ -2,6 +2,7 @@
 import datetime
 
 import pytest
+from django.conf import settings
 from django.conf.urls import include
 from django.contrib.auth import get_user_model
 from django.http import HttpResponse
@@ -154,6 +155,25 @@ def test_get_token_from_authentication_server_existing_token(self, mock_get):
         self.assertEqual(token.user.username, "foo_user")
         self.assertEqual(token.scope, "read write dolphin")
 
+    @mock.patch("requests.post", side_effect=mocked_requests_post)
+    def test_get_token_from_authentication_server_expires_timezone(self, mock_get):
+        """
+        Test method _get_token_from_authentication_server for projects with USE_TZ False
+        """
+        settings_use_tz_backup = settings.USE_TZ
+        settings.USE_TZ = False
+        try:
+            self.validator._get_token_from_authentication_server(
+                "foo",
+                oauth2_settings.RESOURCE_SERVER_INTROSPECTION_URL,
+                oauth2_settings.RESOURCE_SERVER_AUTH_TOKEN,
+                oauth2_settings.RESOURCE_SERVER_INTROSPECTION_CREDENTIALS,
+            )
+        except ValueError as exception:
+            self.fail(str(exception))
+        finally:
+            settings.USE_TZ = settings_use_tz_backup
+
     @mock.patch("requests.post", side_effect=mocked_requests_post)
     def test_validate_bearer_token(self, mock_get):
         """

From 50f0e826f100ca607d9d8678d5d5bb25292a8671 Mon Sep 17 00:00:00 2001
From: Jadiel <teofilojadiel@gmail.com>
Date: Sat, 13 Mar 2021 18:03:57 -0300
Subject: [PATCH 2/6] Add fix for breaking tests

Restrict usage of timezone aware expire dates to Django projects with USE_TZ set to True.
---
 oauth2_provider/oauth2_validators.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/oauth2_provider/oauth2_validators.py b/oauth2_provider/oauth2_validators.py
index f91c06011..25266d04d 100644
--- a/oauth2_provider/oauth2_validators.py
+++ b/oauth2_provider/oauth2_validators.py
@@ -357,7 +357,7 @@ def _get_token_from_authentication_server(
                 expires = max_caching_time
 
             scope = content.get("scope", "")
-            expires = make_aware(expires)
+            expires = make_aware(expires) if settings.USE_TZ else expires
 
             access_token, _created = AccessToken.objects.update_or_create(
                 token=token,

From 8cfa09ff159b17e4d4fca5e596893ae43a3b7687 Mon Sep 17 00:00:00 2001
From: Jadiel <teofilojadiel@gmail.com>
Date: Sat, 13 Mar 2021 18:24:14 -0300
Subject: [PATCH 3/6] Update authors file

---
 AUTHORS | 1 +
 1 file changed, 1 insertion(+)

diff --git a/AUTHORS b/AUTHORS
index 71c8f9b89..eba44d58d 100644
--- a/AUTHORS
+++ b/AUTHORS
@@ -43,3 +43,4 @@ Spencer Carroll
 Dulmandakh Sukhbaatar
 Will Beaufoy
 Rustem Saiargaliev
+Jadiel Teófilo

From 34356ddc10991d4a687efe3e9d763d81a641d294 Mon Sep 17 00:00:00 2001
From: Jadiel <teofilojadiel@gmail.com>
Date: Sat, 13 Mar 2021 18:24:49 -0300
Subject: [PATCH 4/6] Update changelog file

---
 CHANGELOG.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 58f279398..46315222e 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -18,6 +18,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ### Added
 * #915 Add optional OpenID Connect support.
+### Fixed
+* #524 Restrict usage of timezone aware expire dates to Django projects with USE_TZ set to True.
 
 ## [1.4.1]
 

From 005df3d0679b7bdf7d80ef6cecc1c65307eefd10 Mon Sep 17 00:00:00 2001
From: Jadiel <teofilojadiel@gmail.com>
Date: Sat, 20 Mar 2021 18:17:08 -0300
Subject: [PATCH 5/6] Update the docs

---
 docs/settings.rst | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/docs/settings.rst b/docs/settings.rst
index afca76e01..67ea7b37a 100644
--- a/docs/settings.rst
+++ b/docs/settings.rst
@@ -310,3 +310,12 @@ OIDC_TOKEN_ENDPOINT_AUTH_METHODS_SUPPORTED
 Default: ``["client_secret_post", "client_secret_basic"]``
 
 The authentication methods that are advertised to be supported by this server.
+
+
+Settings imported from Django project
+--------------------------
+
+USE_TZ
+~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Used to determine whether or not to make token expire dates timezone aware.

From 39937a7a7f0ad63abc45887ecf05e887f173cb28 Mon Sep 17 00:00:00 2001
From: Jadiel <teofilojadiel@gmail.com>
Date: Sun, 21 Mar 2021 13:30:00 -0300
Subject: [PATCH 6/6] Fix broken tests (missing import)

---
 tests/test_introspection_auth.py | 1 +
 1 file changed, 1 insertion(+)

diff --git a/tests/test_introspection_auth.py b/tests/test_introspection_auth.py
index d48f9d9f1..8b2a6daf0 100644
--- a/tests/test_introspection_auth.py
+++ b/tests/test_introspection_auth.py
@@ -13,6 +13,7 @@
 
 from oauth2_provider.models import get_access_token_model, get_application_model
 from oauth2_provider.oauth2_validators import OAuth2Validator
+from oauth2_provider.settings import oauth2_settings
 from oauth2_provider.views import ScopedProtectedResourceView
 
 from . import presets