-

internal/domain/duration.go

@@ -45,3 +45,13 @@ func (d Duration) MarshalJSON() ([]byte, error) {
 func (d Duration) String() string {
 	return d.Duration.String()
 }
+
+// Int64 returns the duration in nanoseconds for validator compatibility
+func (d Duration) Int64() int64 {
+	return int64(d.Duration)
+}
+
+// IsZero returns true if the duration is zero
+func (d Duration) IsZero() bool {
+	return d.Duration == 0
+}

internal/domain/models.go

@@ -159,8 +159,8 @@ type CreateApplicationRequest struct {
 	Type                 []ApplicationType `json:"type" validate:"required,min=1,dive,oneof=static user"`
 	CallbackURL          string            `json:"callback_url" validate:"required,url,max=500"`
 	TokenPrefix          string            `json:"token_prefix" validate:"omitempty,min=2,max=4,uppercase"`
-	TokenRenewalDuration Duration          `json:"token_renewal_duration" validate:"required,min=1"`
-	MaxTokenDuration     Duration          `json:"max_token_duration" validate:"required,min=1"`
+	TokenRenewalDuration Duration          `json:"token_renewal_duration" validate:"required"`
+	MaxTokenDuration     Duration          `json:"max_token_duration" validate:"required"`
 	Owner                Owner             `json:"owner" validate:"required"`
 }
 
@@ -171,8 +171,8 @@ type UpdateApplicationRequest struct {
 	CallbackURL          *string            `json:"callback_url,omitempty" validate:"omitempty,url,max=500"`
 	HMACKey              *string            `json:"hmac_key,omitempty" validate:"omitempty,min=1,max=255"`
 	TokenPrefix          *string            `json:"token_prefix,omitempty" validate:"omitempty,min=2,max=4,uppercase"`
-	TokenRenewalDuration *Duration          `json:"token_renewal_duration,omitempty" validate:"omitempty,min=1"`
-	MaxTokenDuration     *Duration          `json:"max_token_duration,omitempty" validate:"omitempty,min=1"`
+	TokenRenewalDuration *Duration          `json:"token_renewal_duration,omitempty"`
+	MaxTokenDuration     *Duration          `json:"max_token_duration,omitempty"`
 	Owner                *Owner             `json:"owner,omitempty" validate:"omitempty"`
 }
 

internal/services/application_service.go

@@ -42,6 +42,14 @@ func (s *applicationService) Create(ctx context.Context, req *domain.CreateAppli
 		return nil, fmt.Errorf("validation failed: %w", err)
 	}
 
+	// Manual validation for Duration fields
+	if req.TokenRenewalDuration.Duration <= 0 {
+		return nil, fmt.Errorf("token_renewal_duration must be greater than 0")
+	}
+	if req.MaxTokenDuration.Duration <= 0 {
+		return nil, fmt.Errorf("max_token_duration must be greater than 0")
+	}
+
 	// Basic permission validation - check if user can create applications
 	// In a real system, this would check against user roles/permissions
 	if userID == "" {
@@ -127,6 +135,14 @@ func (s *applicationService) Update(ctx context.Context, appID string, updates *
 		return nil, fmt.Errorf("user authentication required")
 	}
 
+	// Manual validation for Duration fields
+	if updates.TokenRenewalDuration != nil && updates.TokenRenewalDuration.Duration <= 0 {
+		return nil, fmt.Errorf("token_renewal_duration must be greater than 0")
+	}
+	if updates.MaxTokenDuration != nil && updates.MaxTokenDuration.Duration <= 0 {
+		return nil, fmt.Errorf("max_token_duration must be greater than 0")
+	}
+
 	// Additional business logic validation
 	if updates.TokenRenewalDuration != nil && updates.MaxTokenDuration != nil {
 		if updates.TokenRenewalDuration.Duration > updates.MaxTokenDuration.Duration {