From debc60363273138479064eba84e1dba31a4ba780 Mon Sep 17 00:00:00 2001
From: Austin King <shout@ozten.com>
Date: Tue, 5 Feb 2013 12:39:59 -0800
Subject: [PATCH] We should log expiration issues. A root cause of Issue #2985

---
 resources/static/common/js/user.js | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/resources/static/common/js/user.js b/resources/static/common/js/user.js
index 4dd93d053..23ddb113f 100644
--- a/resources/static/common/js/user.js
+++ b/resources/static/common/js/user.js
@@ -45,7 +45,13 @@ BrowserID.User = (function() {
 
           // or if it was issued before the last time the domain key
           // was updated, it's invalid
-          if (!cert.payload.iat || cert.payload.iat < creationTime) {
+          if (!cert.payload.iat) {
+            helpers.log('Data Format ERROR: expected cert to have iat ' +
+              'property, but found none, marking expired');
+            return true;
+          } else if (cert.payload.iat < creationTime) {
+            helpers.log('Certificate issued ' + cert.payload.iat +
+              ' is before creation time ' + creationTime + ', marking expired');
             return true;
           }