How to deal with users having a system time in the future?

[fwolff]

Issue and Steps to Reproduce

When you set your system date / time in the future, two things can happen:

• if the delta between your time and the server (Azure in my case) time is more than the expiry of the access token, the application is caught in an infinite loop trying to get a token that is not immediately expired.
• if the delta is more than the refresh_time_before_tokens_expiration_in_second, the user can send an expired token to the server before it is automatically refreshed.

I couldn't find any way to tell the user that his system time isn't sync with the server time and that it should adjust it.

Versions

7.22.4 with a service worker

Expected

Give a way to tell the user that his system time isn't sync with the server time and that he should adjust it.

Actual

See "Issue and Steps to Reproduce" above.

Additional Details

My configuration:

export const oidcConfiguration: OidcConfiguration = {
    client_id: "***",
    redirect_uri: '***/authentication/callback',
    silent_redirect_uri: '***/authentication/silent_callback',
    scope: 'openid profile email',
    authority: "***",
    service_worker_relative_url: "/OidcServiceWorker.js",
    service_worker_only: true,
}

[guillaume-chervet]

Hi @fwolff very sorry for the delay.

System in general are synchronised.
There is no way to check it.

If you have that case you can renew token when an http 401 occured.
I think it is the best way to handle that case.