Right now we specify a leeway of 10 seconds when validating JWT payload expiration, but no leeway for nbf (not valid before). The shopify-api JS library does allow for clockTolerance in both fields, and I think it makes sense for the Ruby gem to do the same.
How has this been tested?
I added unit tests.
Checklist:
[x] My commit message follow the pattern described in here
[x] I have performed a self-review of my own code.
[x] I have added tests that prove my fix is effective or that my feature works.
Description
Right now we specify a leeway of 10 seconds when validating JWT payload expiration, but no leeway for
nbf(not valid before). Theshopify-apiJS library does allow forclockTolerancein both fields, and I think it makes sense for the Ruby gem to do the same.How has this been tested?
I added unit tests.
Checklist: