anusii · gjwgit · Jun 10, 2026 · Jun 10, 2026 · Jun 10, 2026 · Jun 10, 2026
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -11,6 +11,8 @@ utilised by the flutter version_widget package.
 
 ## 1.0 Migrate to using OIDC OpenID certified
 
++ Fix access token expiry calculation so background 
+  refresh works [1.0.1 20260609 anushkavidanage]
 + WebID issuer discovery use OpenID certified [1.0.0 20260521 anushkavidanage]
 + Implementing Authorization Code + PKCE
 + DPoP key binding (RFC 9449)

diff --git a/lib/src/auth/solid_auth_manager.dart b/lib/src/auth/solid_auth_manager.dart
@@ -450,8 +450,19 @@ class SolidAuthManager {
     final refreshToken = token.refreshToken;
     final webId = _extractWebId(claims) ?? user.uid ?? '';
 
-    // Derive expiry: prefer explicit expiresAt, fall back to now + expires_in.
-    final expiresAt = DateTime.now().add(token.expiresIn!);
+    // Derive expiry from the token's creation time, NOT from "now".
+    //
+    // `token.expiresIn` is the original lifetime of the access token (the
+    // constant `expires_in` from the token response, e.g. 1 hour), not the
+    // remaining time. Adding it to `DateTime.now()` would recompute expiry as
+    // "now + lifetime" on every read, making `SolidAuthData.isExpired`
+    // perpetually false and defeating any expiry-based refresh logic.
+    //
+    // `token.calculateExpiresAt()` returns `creationTime + expiresIn`, the
+    // true expiry instant. Fall back to now + expiresIn only if the token
+    // carries no lifetime information at all.
+    final expiresAt = token.calculateExpiresAt() ??
+        DateTime.now().add(token.expiresIn ?? Duration.zero);
 
     return SolidAuthData(
       accessToken: accessToken ?? '',

diff --git a/pubspec.yaml b/pubspec.yaml
@@ -1,6 +1,6 @@
 name: solid_auth
 description: Authenticate to a Solid POD server using Solid-OIDC with certified oidc.
-version: 1.0.0
+version: 1.0.1
 homepage: https://github.com/anusii/solid_auth
 repository: https://github.com/anusii/solid_auth