Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

expiresAt does not match accessToken JWT expire time #757

Open
6 tasks done
RandomEngy opened this issue Aug 28, 2024 · 1 comment
Open
6 tasks done

expiresAt does not match accessToken JWT expire time #757

RandomEngy opened this issue Aug 28, 2024 · 1 comment
Labels
bug This points to a verified bug in the code

Comments

@RandomEngy
Copy link

Checklist

Description

I found my app failing to authenticate, and the root cause was that SecureCredentialsManager was giving me a JWT that was expired.

The credentials object had accessToken with an expiration from earlier today, but expiresAt has an expiration of tomorrow. So my custom authorizer for AWS API Gateway fails, as it's validating the JWT.

Reproduction

I don't know how to reproduce this. This did happen after I crossed the international date line in an eastward direction, but I don't know if that caused it.

Additional context

Perhaps the library aught to parse the JWT and validate that it isn't expired? Or figure out why the expiration times came to be different.

This is my original login code.

        WebAuthProvider.login(AuthConstants.AUTH0_ACCOUNT)
            .withScheme("focalist")
            .withScope("openid profile email offline_access")
            .withAudience("https://ez672wgm73.execute-api.us-east-2.amazonaws.com")
            .start(this, object : Callback<Credentials, AuthenticationException> {
                override fun onFailure(error: AuthenticationException) {
                    logger.error("Login failed", error)
                }

                override fun onSuccess(result: Credentials) {
                    val storage = CredentialStorage.getInstance(this@MainActivity)
                    storage.saveCredentials(result)

                    logger.info("Sign in succeeded")
                    loadOrReloadWebView()
                }
            })

That CredentialStorage wraps SecureCredentialsManager, and I call saveCredentials and getCredentials on it.

Auth0.Android version

2.11.0

Android version(s)

13
@RandomEngy RandomEngy added the bug This points to a verified bug in the code label Aug 28, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug This points to a verified bug in the code
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@RandomEngy and others