Open
Description
token, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) {when I use JWT.Parse I get the error "Token used before issued",
after writing the entire token in the console I checked it manually several times and the iat variable is always returned with a time of 4 minutes into the future, e.g. for 10:00 the iat time is 10:04 which makes no sense.
the rest of the function works correctly
*I have the UTC +1 time zone on my computer but it shouldn't have any effect
src:
https://pastebin.com/aU09PhkT
if it's useful to you, I've bypassed the bug by adding a function with a 5-minute time tolerance
const timeLeeway = 5 * time.Minute
if claims, ok := token.Claims.(jwt.MapClaims); ok {
now := time.Now().UTC() // set time to UTC
if iat, ok := claims["iat"].(float64); ok {
iatTime := time.Unix(int64(iat), 0).UTC()
if now.Before(iatTime.Add(-timeLeeway)) {
return nil, fmt.Errorf("token used before issue time (iat)")
}
}
if nbf, ok := claims["nbf"].(float64); ok {
nbfTime := time.Unix(int64(nbf), 0).UTC()
if now.Before(nbfTime.Add(-timeLeeway)) {
return nil, fmt.Errorf("token used before 'not before' (nbf) time")
}
}
if exp, ok := claims["exp"].(float64); ok {
expTime := time.Unix(int64(exp), 0).UTC()
if now.After(expTime.Add(timeLeeway)) {
return nil, fmt.Errorf("token is expired")
}
}
} else {
log.Println("Could not parse claims")
return nil, fmt.Errorf("could not parse claims")
}Metadata
Metadata
Assignees
Labels
No labels