INVALID TOKEN in 5.0.2

[ahelord]

Hello when I install the plugin in moodle I get this error in Moodle

with this logs

lti.setup(process.env.LTI_KEY,
    // Setting up database configurations
    {url: process.env.MONGO_URL},
    {
        appRoute: '/',
        loginRoute: '/login',
        logger: false,
        staticPath: APP_FOLDER,
        tokenMaxAge: false,
        cookies: {
            sameSite: 'None'
        }
    });

I have ltijs 5.0.2 I check the platform configuration and everything is fine, I don't know what could be failing

[Cvmcosta]

I see that you are receiving no cookies, my guess is that your browser does not like that cookies are sent as sameSite: None without also being secure: true.

If you can't use secure cookies i suggest turning on devMode: true on the options.

[ahelord]

Ready would be like this

lti.setup(process.env.LTI_KEY,
    // Setting up database configurations
    {url: process.env.MONGO_URL},
    {
        appRoute: '/',
        loginRoute: '/login',
        logger: false,
        staticPath: APP_FOLDER,
        tokenMaxAge: false,
       devMode:true
    });

[Cvmcosta]

Yes, that's it

[ahelord]

i get this TokenExpiredError: jwt expired

[Cvmcosta]

When exactly in the flow this error happens, i need to know what token is expiring. This should only happen if for some reason the idtoken is being reutilized

[ahelord]

Hello change to devMode:true and error change ISS_CLAIM_DOES_NOT_MATCH to jwt expired is when I open the tool in Moodle.

[Cvmcosta]

This might be an issue with the time either on Moodle or the LTI server, jwt expired is not controlled by LTIJS, this error is happening during the JWT verification.