Issue Details

OAuth tokens are remaining valid beyond their expiration, allowing users to access protected resources longer than intended. Security review and token expiry enforcement must be applied.