Open robinvandenb opened 2 years ago
:wave: Hey @robinvandenb - I agree that highly descriptive error messages would've made this easier to debug, but the thing is we're subject to the error message returned by the native libraries we use - AppAuth Android and AppAuth iOS.
I'll definitely try to repro this to see if there's more info included in the error that would allow us to spell out exactly why the id token is invalid - I'm doubtful that there is. On the bright side though this is definitely something that would only affect a very small fraction of users who choose to manually set the time incorrectly on their device 🤷♂️.
This happed to me in android simulator, i dont know why time was wrong, not a major thing but weird and need fix.
Is there a way to get the server time instead of the device time to get the time?
Thanks for filing this issue and saving future people some time. My emulator was 5 minutes behind which caused this.
My tests show that you get the Invalid ID Token error
if your phone time is more than ten minutes behind or if the phone time is after expiration time (as workaround refresh token time to live can be increased, of course if you can 😄 ).
There is a issue on AppAuth-Android that asks for a configuration options and it also has a PR open with the feature
Issue: https://github.com/openid/AppAuth-Android/issues/830
PR: https://github.com/openid/AppAuth-Android/pull/1033
No info on AppAuth-iOS
I believe it's a feature, not a bug - like OP suggested, a clearer error message could certainly help.
Issue.
We noticed we encountered a few
Invalid ID Token
errors. After some research and trial and error we noticed it was caused because the device time was manually set to the wrong time.Clearer error messages would have taken less time to debug the issue.
Environment
CDC
Android