Comments (16)
Try setting the leeway
in the php-jwt.
Somewhere in your project before the auth0 sdk is initialized add this line:
\Firebase\JWT\JWT::$leeway = X;
this will let you move the time window X seconds, ceck if you are ahead or behind and play with it until you find a confortable value.
from auth0-php.
ntpdate -q 0.rhel.pool.ntp.org
chkconfig ntpdate on
service ntpdate start
from auth0-php.
My ugly hack/workaround for now was to comment out the exception in 2 places in /vendor/firebase/php-jwt/Authentication/JWT.php
:
//---------------------------------------
// Temporarily commenting out to fix bug
//---------------------------------------
// throw new BeforeValidException(
// 'Cannot handle token prior to ' . date(DateTime::ISO8601, $payload->nbf)
// );
//---------------------------------------
I'm not sure if that reduces the security significantly or anything? I suspect not by much.
from auth0-php.
@SimonEast did it work?
from auth0-php.
OK, awesome. That's the kinda thing I was looking for. Haven't tried it yet but hope to do so in the next 1-2 weeks and will try post back how it goes.
from auth0-php.
sure, I will close the issue for now but feel free to open a new one (or just ping me here)
from auth0-php.
@SimonEast Did the leeway setting work for you? What setting did you settle on?
from auth0-php.
@SeanZicari I actually can't remember what I did with it 12 months ago, I'm sorry. I'd have to dig through my source code, which I may not get time to do very soon due to life circumstances. I apologize.
from auth0-php.
@SeanZicari the leeway should do the trick, anyway if it is posible check that your server's timezone is well configured and that it is sincronized with an NTP server so it keeps up to date.
Also, can you check what is the difference between the server time and the current time?
from auth0-php.
@glena Thanks! I increased the leeway to 120 seconds. Is that excessive? It did seem to resolve the issue.
from auth0-php.
@SeanZicari it is not a good idea because you are opening the expiration window. It is always better to try to keep the server time in sync to avoid future issues.
from auth0-php.
@glena That makes sense. The issue I was having seemed to be related to one individual auth0 account that was causing that error to be thrown when trying to log in as them. I don't know enough about what's going on behind the scenes to know how else to fix it.
from auth0-php.
if you have ssh access to the server, you can check the time of it (if it is linux by running date
) and check if it is correct (time and timezone). Probably it is some minutes off.
If that is the case, I would recommend to configure it to be in sync with an NTP service or if it is already configured you will need to troubleshoot why it is not working.
from auth0-php.
from auth0-php.
@glena Thanks. This solved the problem.
from auth0-php.
This issue has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.
from auth0-php.
Related Issues (20)
- Update README HOT 6
- Auth0 8.3.0 now requires "cookieSecret" configuration HOT 2
- getUser() now returns null HOT 7
- Recent changes break existing auth0/login configuration HOT 2
- Authentication#emailPasswordlessStart returns 400 (Bad Request) HOT 3
- Provided state breaks the flow with "Invalid state" error HOT 3
- Migrating from PHP SDK 7 to 8 - session not persisting HOT 4
- Error when i use $auth0->exchange in php
- Unable to retrieve Management API access token due to change in 8.4.0 HOT 3
- Browser Header Field Exceeds Limit HOT 4
- Laravel 10 install does not work - Error with composer HOT 3
- Breaking change in minor update HOT 2
- Error thrown when attempting to verify access token HOT 16
- Problem encountered with the $sdk->exchanges() method between versions 8.4.0 and 8.5.0 HOT 7
- Adding an explanation to the StateException regarding the possible reasons for the access token being missing. HOT 2
- Trigger deprecation and fallback to `none` strategy on configuration HOT 2
- use final-annotation instead of hard-final HOT 1
- JWT generator: wrong header key "type" HOT 1
- Cannot empty initiate_login_uri with API
- Double signature verification HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from auth0-php.