Closed DavidLiuGit closed 1 month ago
Partial trace from pycognito when verify_iat
is enabled:
[...]
pycognito/__init__.py", line 266, in verify_token
raise TokenVerificationException(
pycognito.exceptions.TokenVerificationException: Your 'access_token' token could not be verified (The token is not yet valid (iat)).
@pvizeli bump on this PR. WDYT?
PyJWT v2.8.0 verifies
iat
(issued-at timestamp) by default. There are several discussions on disabling this check, since it is not within spec. Cognito's token verification guide does not suggest verifyingiat
, unlikeexp
. This should not be default behavior.Other discussions: https://github.com/jpadilla/pyjwt/issues/814 https://github.com/jpadilla/pyjwt/issues/939