Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

adds 1-second leeway to JWT validation to prevent intermittent except… #828

Merged
merged 1 commit into from
Feb 5, 2016

Conversation

bshaffer
Copy link
Contributor

@bshaffer bshaffer commented Feb 2, 2016

…ions

@googlebot googlebot added the cla: yes This human has signed the Contributor License Agreement. label Feb 2, 2016
bshaffer added a commit that referenced this pull request Feb 5, 2016
adds 1-second leeway to JWT validation to prevent intermittent except…
@bshaffer bshaffer merged commit bc39060 into master Feb 5, 2016
@bshaffer bshaffer deleted the issue-827-add-leeway branch February 5, 2016 21:50
@jmichalek132
Copy link

Should it be fixed in newest version?

@bshaffer
Copy link
Contributor Author

@Kak3n v2.0.0-RC5 and on have had this change.

@jmichalek132
Copy link

thanks ok.

2016-05-25 18:49 GMT+02:00 Brent Shaffer notifications@github.com:

@Kak3n https://github.com/Kak3n v2.0.0-RC5
https://github.com/google/google-api-php-client/releases and on have
had this change.


You are receiving this because you were mentioned.
Reply to this email directly or view it on GitHub
#828 (comment)

@YuanXiong
Copy link

On my server, the system time is 2 min prior to the current time so I got this problem. The system admin may have to run the ntp service for date updates.

@jrd-lewis
Copy link

jrd-lewis commented Aug 20, 2016

Mine shows 5 hours later than what what the Google Token returns, even using the latest version.

@bshaffer
Copy link
Contributor Author

@jslewis90 I imagine this is an issue with your server's date/time configuration.

@liebsen
Copy link

liebsen commented Jan 4, 2017

Now is impossible to set leeway outside vendor. Please rollback this fix.

@bshaffer
Copy link
Contributor Author

bshaffer commented Jan 4, 2017

@Martinfree You're right, this is not an optimal solution because it pollutes global scope. I'll submit a fix that ensures the adjustment is localized. It would be great if the Firebase\JWT class made leeway configurable per instance as well as statically.

@liebsen
Copy link

liebsen commented Jan 10, 2017

@bshaffer thank you for considering my suggestion. Cheers.

@hamzawain7
Copy link

hamzawain7 commented Mar 6, 2017

In google-api-php-client/src/Google/AccessToken/Verify.php line 213 you are not adding 1 to JWT leeway like you mentioned in the comments but rather setting it to 1. Kindly fix it.
`
if (property_exists($jwtClass, 'leeway')) {
// adds 1 second to JWT leeway
// @see #827
$jwtClass::$leeway = 1;
}

`

@dyegonery
Copy link

This solution didn't worked with me. So, I tried adding 60 seconds to JWT leeway:
if (property_exists($jwtClass, 'leeway')) {
// adds 1 second to JWT leeway
// @see #827
$jwtClass::$leeway += 60;
}

@ilyasdemirtas
Copy link

ilyasdemirtas commented May 10, 2018

Hello,

I have that same problem me too, The problem is solving when i changing $leeway variable value as "+=60", but i do not want change in core file of package. But i don't find any way overwrite this variable on another place.

There is any way changing that variable another place?

I'm using 2.1.2 version on laravel as package.

@perials
Copy link

perials commented May 2, 2019

@fg-developer You can pass a custom JWT object to Google_Client.

$jwt = new \Firebase\JWT\JWT;
$jwt::$leeway = 60; // adjust this value

// we explicitly pass jwt object whose leeway is set to 60
$this->client = new \Google_Client(['jwt' => $jwt]);

Refer this post.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
cla: yes This human has signed the Contributor License Agreement.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

10 participants