Support time drift between servers, aka token from the future

[jonnyzzz]

I have the following problem logged:

[2018-07-18 12:48:04,998] -  DEBUG j.v.s.s.hub.jwt.JWTCheckerImpl                     - Failed to verify JWT token: The Token can't be used before Wed Jul 18 12:48:05 UTC 2018.
com.auth0.jwt.exceptions.InvalidClaimException: The Token can't be used before Wed Jul 18 12:48:05 UTC 2018.
	at com.auth0.jwt.JWTVerifier.assertDateIsPast(JWTVerifier.java:448)
	at com.auth0.jwt.JWTVerifier.assertValidDateClaim(JWTVerifier.java:434)
	at com.auth0.jwt.JWTVerifier.verifyClaims(JWTVerifier.java:376)
	at com.auth0.jwt.JWTVerifier.verify(JWTVerifier.java:355)
	at jetbrains.vcs.server.settings.hub.jwt.JWTCheckerImpl.check(jwt-checker.kt:50)
	...

The issue is that one server has time slightly ahead of the server that validates the token. It is not possible to configure token claim verification to have less strict assert

[lbalmaceda]

@jonnyzzz It's failing due to nbf (not before) claim being "in the future". This is part of the standard validation. To allow a small difference you can specify a leeway by using the acceptLeeway method. Note the value you pass is in SECONDS and you should keep it as LOW as possible. From the logs you posted it seems the diff is smaller than a second. I'd start with a leeway of 3 seconds just to be sure.