treat response from adobe jwt appropriately, as milliseconds (#1754)

* treat  response from adobe jwt appropriately, as milliseconds

* update changelog

Co-authored-by: Adam Sachs <adam@Adams-MacBook-Pro.local>

CHANGELOG.md

@@ -43,6 +43,7 @@ The types of changes are:
 * Show a helpful error message if Docker daemon is not running during "fides deploy" [#1694](https://github.com/ethyca/fides/pull/1694)
 * Allow users to query their own permissions, including root user. [#1698](https://github.com/ethyca/fides/pull/1698)
 * Single-select taxonomy fields legal basis and special category can be cleared. [#1712](https://github.com/ethyca/fides/pull/1712)
+* Correctly handle response from adobe jwt auth endpoint as milliseconds, rather than seconds. [#1754](https://github.com/ethyca/fides/pull/1754)
 
 ### Security
 

src/fides/api/ops/service/saas_request/override_implementations/authentication_strategy_adobe_campaign.py

@@ -84,6 +84,7 @@ def add_authentication(
             if response.ok:
                 json_response = response.json()
                 access_token = json_response.get("access_token")
+                # note: `expires_in` is expressed in ms
                 expires_in = json_response.get("expires_in")
 
                 # merge the new values into the existing connection_config secrets
@@ -92,7 +93,9 @@ def add_authentication(
                     **secrets,
                     **{
                         "access_token": access_token,
-                        "expires_at": int(datetime.utcnow().timestamp()) + expires_in,
+                        "expires_at": (
+                            datetime.utcnow() + timedelta(milliseconds=expires_in)
+                        ).timestamp(),
                     },
                 }
                 connection_config.update(db, data={"secrets": updated_secrets})