Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add ability to configure allowedClockSkewMillis parameter of JWT token parser #6565

Closed
skabashnyuk opened this issue Oct 4, 2017 · 0 comments
Closed

Add ability to configure allowedClockSkewMillis parameter of JWT token parser #6565

skabashnyuk opened this issue Oct 4, 2017 · 0 comments
Assignees
@sleshchenko
Labels
kind/task Internal things, technical debt, and to-do tasks to be performed.

Comments

@skabashnyuk
Copy link
Contributor

skabashnyuk commented Oct 4, 2017
edited by sleshchenko
Loading

We are using DefaultJwtParser of JWT tokens. It checks

  • token MUST NOT be accepted on or after any specified exp time:
  • token MUST NOT be accepted before any specified nbf time

But due some delays in time setup on keycloak side and browsers and ws-master
it may be that time on this three nodes has a small difference. To reduce the possibility
of errors due to this difference, there is a parameter allowedClockSkewSeconds.
We want to make it configurable with default value 3 sec
@skabashnyuk skabashnyuk added kind/task Internal things, technical debt, and to-do tasks to be performed. sprint/current team/platform labels Oct 4, 2017
@skabashnyuk skabashnyuk mentioned this issue Oct 4, 2017
Closed
25 tasks
@sleshchenko sleshchenko self-assigned this Oct 4, 2017
@sleshchenko sleshchenko added the status/in-progress This issue has been taken by an engineer and is under active development. label Oct 4, 2017
@sleshchenko sleshchenko mentioned this issue Oct 4, 2017
Merged
@sleshchenko sleshchenko removed the status/in-progress This issue has been taken by an engineer and is under active development. label Oct 4, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@sleshchenko sleshchenko

Labels
kind/task Internal things, technical debt, and to-do tasks to be performed.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@skabashnyuk @sleshchenko