Comment 1 for bug 1469563

I can reproduce this.

Here is an authentication response using passwordCredentials and the uuid provider: http://cdn.pasteraw.com/ve3ghqtx670q92a7tkz45lq4vzjrx7

Here is the response authenticating with the token above (rescoping): http://cdn.pasteraw.com/891ceexx0j1k5nom2muemdawdt4o6l2

The original token and the rescoped tokens both expire at 2015-06-29T15:59:21Z

The following is an authentication response using the fernet provider: http://cdn.pasteraw.com/8wtpp3b98ci647dgr5zg0j2py336tkb

The fernet token should expire at 2015-06-29T15:55:34.952246Z. The response from rescoping the fernet token bumps the expiration to 2015-06-29T15:56:09.663074Z : http://cdn.pasteraw.com/nud9m8000yyusa6ntqy2234ko8cnbwf