- /* TODO(octo): Make sure that we get a new token 60 seconds or so before the
- * old one expires. */
- if (auth->valid_until > cdtime())
+ /* Renew OAuth token 30 seconds *before* it expires. */
+ cdtime_t const slack = TIME_T_TO_CDTIME_T(30);
+
+ if (auth->valid_until > (cdtime() + slack))