Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SEP-24 interactive URL token iat: set grace period to 5 minutes #667

Merged
merged 3 commits into from
Jan 19, 2023
Merged

SEP-24 interactive URL token iat: set grace period to 5 minutes #667

merged 3 commits into from
Jan 19, 2023

Conversation

yuriescl
Copy link
Contributor

resolves #666

@JakeUrban
Copy link
Contributor

Hey Yuri, thanks for addressing this. We actually added a similar solution at the Stellar SDK level for SEP-10 tokens. In that case we actually added a much more forgiving grace period of 5 minutes.

Can we do the same for the interactive URL JWT?

@yuriescl
Copy link
Contributor Author

Hey Yuri, thanks for addressing this. We actually added a similar solution at the Stellar SDK level for SEP-10 tokens. In that case we actually added a much more forgiving grace period of 5 minutes.

Can we do the same for the interactive URL JWT?

Yes, done

@yuriescl yuriescl changed the title SEP-24 interactive URL token iat is now one second earlier SEP-24 interactive URL token iat: set grace period to 5 minutes Jan 19, 2023
@yuriescl
Copy link
Contributor Author

@JakeUrban Not sure about clock syncing though. The only clock involved is the server one, since iat is generated by the same server that checks now.

@yuriescl
Copy link
Contributor Author

5 minutes might be overkill for this specific issue

@JakeUrban
Copy link
Contributor

Oh you're right, my mistake. Clock drift would only be relevant when the client has to check the server's expiration.

@yuriescl
Copy link
Contributor Author

No problem, I reverted back the change, 1 second seems to be sufficient

@yuriescl
Copy link
Contributor Author

PR is ready on my side, feel free to merge

@JakeUrban
Copy link
Contributor

I'm working on removing the CircleCI check -- we're moving to GH actions. Then I'll merge & release the patch.

@JakeUrban JakeUrban merged commit b678bf7 into stellar:master Jan 19, 2023
@yuriescl yuriescl deleted the 666-token-yet-not-valid branch April 12, 2023 02:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@JakeUrban JakeUrban JakeUrban approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Occasional "The token is not yet valid (iat)" in SEP-24
2 participants
@yuriescl @JakeUrban