You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When I run nextstrain login I get an uncaught error nextstrain.cli.aws.cognito.TokenError: ImmatureSignatureError: The token is not yet valid (iat)
Expected behavior
Error is caught and wrapped into something useful for the enduser
How to reproduce
Screw up your local system time
Try nextstrain login
Example stack trace:
$ nextstrain login
Logging into Nextstrain.org…
Username: XXXXXX
Password:
Traceback (most recent call last):
File "nextstrain.cli.aws.cognito", line 249, in _verify_token
File "jwt.api_jwt", line 210, in decode
File "jwt.api_jwt", line 162, in decode_complete
File "jwt.api_jwt", line 242, in _validate_claims
File "jwt.api_jwt", line 278, in _validate_iat
jwt.exceptions.ImmatureSignatureError: The token is not yet valid (iat)
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "runpy", line 196, in _run_module_as_main
File "runpy", line 86, in _run_code
File "nextstrain.cli.__main__", line 55, in<module>
File "nextstrain.cli.__main__", line 19, in main
File "nextstrain.cli", line 36, in run
File "nextstrain.cli.command.login", line 103, in run
File "nextstrain.cli.authn", line 69, in login
File "nextstrain.cli.aws.cognito", line 167, in authenticate
File "nextstrain.cli.aws.cognito", line 232, in verify_tokens
File "nextstrain.cli.aws.cognito", line 261, in _verify_token
nextstrain.cli.aws.cognito.TokenError: ImmatureSignatureError: The token is not yet valid (iat)
Your environment: if running Nextstrain locally
Operating system: macOS 13.5.1, ARM
Version (e.g. auspice 2.7.0): nextstrain cli 7.2.0
Additional context
Fix: I ran sudo sntp -sS time.apple.com to sync my clock and that fixed things. My time was apparently 2 seconds off.
It would certainly be friendlier in these cases to catch ImmatureSignatureError and issue a nice error message with suggestions of how to fix. And maybe adding some more leeway for clock skew.
tsibley
changed the title
Uncaught error: nextstrain.cli.aws.cognito.TokenError: ImmatureSignatureError: The token is not yet valid (iat)
Uncaught ImmatureSignatureError: The token is not yet valid (iat)
Sep 1, 2023
Current Behavior
When I run
nextstrain login
I get an uncaught errornextstrain.cli.aws.cognito.TokenError: ImmatureSignatureError: The token is not yet valid (iat)
Expected behavior
Error is caught and wrapped into something useful for the enduser
How to reproduce
nextstrain login
Example stack trace:
Your environment: if running Nextstrain locally
auspice 2.7.0
): nextstrain cli 7.2.0Additional context
Fix: I ran
sudo sntp -sS time.apple.com
to sync my clock and that fixed things. My time was apparently 2 seconds off.Further discussion in these two blab slack threads:
The text was updated successfully, but these errors were encountered: