make iat 30 seconds in the past instead · margin.at/margin@1a5da2e

margin.at / margin

fork atom

Write on the margins of the internet. Powered by the AT Protocol. margin.at

extension web atproto comments

fork atom

make iat 30 seconds in the past instead

scanash.com 2 months ago 1a5da2ed 4456f2a2

+2 -2

1 changed file

expand all

unified split

backend

internal

oauth

client.go

+2 -2

backend/internal/oauth/client.go

··· 205 205 "jti": base64.RawURLEncoding.EncodeToString(jti), 206 206 "htm": method, 207 207 "htu": uri, 208 - "iat": now.Unix(), 208 + "iat": now.Add(-30 * time.Second).Unix(), 209 209 "exp": now.Add(5 * time.Minute).Unix(), 210 210 } 211 211 if nonce != "" { ··· 243 243 Issuer: c.ClientID, 244 244 Subject: c.ClientID, 245 245 Audience: jwt.Audience{issuer}, 246 - IssuedAt: jwt.NewNumericDate(now.Add(-5 * time.Minute)), 246 + IssuedAt: jwt.NewNumericDate(now.Add(-30 * time.Second)), 247 247 Expiry: jwt.NewNumericDate(now.Add(5 * time.Minute)), 248 248 ID: base64.RawURLEncoding.EncodeToString(jti), 249 249 }