4 files changed, 20 insertions, 8 deletions

diff --git a/internal/api/client/auth/auth_test.go b/internal/api/client/auth/auth_test.go
index 295c0e964..bd4ff27fd 100644
--- a/internal/api/client/auth/auth_test.go
+++ b/internal/api/client/auth/auth_test.go
@@ -124,7 +124,7 @@ func (suite *AuthTestSuite) SetupTest() {
 		}
 	}
 
-	suite.oauthServer = oauth.New(suite.db, log)
+	suite.oauthServer = oauth.New(context.Background(), suite.db, log)
 
 	if err := suite.db.Put(context.Background(), suite.testAccount); err != nil {
 		logrus.Panicf("could not insert test account into db: %s", err)
diff --git a/internal/api/client/auth/authorize.go b/internal/api/client/auth/authorize.go
index d7ea65cca..972853687 100644
--- a/internal/api/client/auth/authorize.go
+++ b/internal/api/client/auth/authorize.go
@@ -35,7 +35,7 @@ import (
 
 // AuthorizeGETHandler should be served as GET at https://example.org/oauth/authorize
 // The idea here is to present an oauth authorize page to the user, with a button
-// that they have to click to accept. See here: https://docs.joinmastodon.org/methods/apps/oauth/#authorize-a-user
+// that they have to click to accept.
 func (m *Module) AuthorizeGETHandler(c *gin.Context) {
 	l := m.log.WithField("func", "AuthorizeGETHandler")
 	s := sessions.Default(c)
@@ -122,7 +122,6 @@ func (m *Module) AuthorizeGETHandler(c *gin.Context) {
 // AuthorizePOSTHandler should be served as POST at https://example.org/oauth/authorize
 // At this point we assume that the user has A) logged in and B) accepted that the app should act for them,
 // so we should proceed with the authentication flow and generate an oauth token for them if we can.
-// See here: https://docs.joinmastodon.org/methods/apps/oauth/#authorize-a-user
 func (m *Module) AuthorizePOSTHandler(c *gin.Context) {
 	l := m.log.WithField("func", "AuthorizePOSTHandler")
 	s := sessions.Default(c)
diff --git a/internal/api/client/auth/token.go b/internal/api/client/auth/token.go
index 7e590aa1f..f9009767e 100644
--- a/internal/api/client/auth/token.go
+++ b/internal/api/client/auth/token.go
@@ -36,7 +36,6 @@ type tokenBody struct {
 
 // TokenPOSTHandler should be served as a POST at https://example.org/oauth/token
 // The idea here is to serve an oauth access token to a user, which can be used for authorizing against non-public APIs.
-// See https://docs.joinmastodon.org/methods/apps/oauth/#obtain-a-token
 func (m *Module) TokenPOSTHandler(c *gin.Context) {
 	l := m.log.WithField("func", "TokenPOSTHandler")
 	l.Trace("entered TokenPOSTHandler")
diff --git a/internal/api/client/auth/util.go b/internal/api/client/auth/util.go
index 48fe4748a..14c38e667 100644
--- a/internal/api/client/auth/util.go
+++ b/internal/api/client/auth/util.go
@@ -1,3 +1,21 @@
+/*
+   GoToSocial
+   Copyright (C) 2021 GoToSocial Authors admin@gotosocial.org
+
+   This program is free software: you can redistribute it and/or modify
+   it under the terms of the GNU Affero General Public License as published by
+   the Free Software Foundation, either version 3 of the License, or
+   (at your option) any later version.
+
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU Affero General Public License for more details.
+
+   You should have received a copy of the GNU Affero General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
 package auth
 
 import (
@@ -7,10 +25,6 @@ import (
 func (m *Module) clearSession(s sessions.Session) {
 	s.Clear()
 
-	// newOptions := router.SessionOptions(m.config)
-	// newOptions.MaxAge = -1 // instruct browser to delete cookie immediately
-	// s.Options(newOptions)
-
 	if err := s.Save(); err != nil {
 		panic(err)
 	}