Invalid ID Token error when device time is manually set to wrong time

FormidableLabs / react-native-app-auth

React native bridge for AppAuth - an SDK for communicating with OAuth2 providers

https://commerce.nearform.com/open-source/react-native-app-auth

MIT License

2.01k stars 439 forks source link

Invalid ID Token error when device time is manually set to wrong time #721

Open robinvandenb opened 2 years ago

robinvandenb commented 2 years ago

Issue.

We noticed we encountered a few `Invalid ID Token` errors. After some research and trial and error we noticed it was caused because the device time was manually set to the wrong time.
Clearer error messages would have taken less time to debug the issue.

Environment

Your Identity Provider: CDC
Platform that you're experiencing the issue on: Android
Are you using Expo? No

Jay-A-McBee commented 2 years ago

:wave: Hey @robinvandenb - I agree that highly descriptive error messages would've made this easier to debug, but the thing is we're subject to the error message returned by the native libraries we use - AppAuth Android and AppAuth iOS.

I'll definitely try to repro this to see if there's more info included in the error that would allow us to spell out exactly why the id token is invalid - I'm doubtful that there is. On the bright side though this is definitely something that would only affect a very small fraction of users who choose to manually set the time incorrectly on their device 🤷‍♂️.

swikars1 commented 2 years ago

This happed to me in android simulator, i dont know why time was wrong, not a major thing but weird and need fix.

zomervinicius commented 2 years ago

Is there a way to get the server time instead of the device time to get the time?

kevindice commented 1 year ago

Thanks for filing this issue and saving future people some time. My emulator was 5 minutes behind which caused this.

sanduluca commented 5 months ago

My tests show that you get the Invalid ID Token error if your phone time is more than ten minutes behind or if the phone time is after expiration time (as workaround refresh token time to live can be increased, of course if you can 😄 ). There is a issue on AppAuth-Android that asks for a configuration options and it also has a PR open with the feature Issue: https://github.com/openid/AppAuth-Android/issues/830 PR: https://github.com/openid/AppAuth-Android/pull/1033

No info on AppAuth-iOS

kevindice commented 5 months ago

I believe it's a feature, not a bug - like OP suggested, a clearer error message could certainly help.

FormidableLabs / react-native-app-auth

Invalid ID Token error when device time is manually set to wrong time #721

Issue.

We noticed we encountered a few Invalid ID Token errors. After some research and trial and error we noticed it was caused because the device time was manually set to the wrong time. Clearer error messages would have taken less time to debug the issue.

Environment

We noticed we encountered a few `Invalid ID Token` errors. After some research and trial and error we noticed it was caused because the device time was manually set to the wrong time.
Clearer error messages would have taken less time to debug the issue.