Closed TimoGlastra closed 4 months ago
@nklomp could you take a look at this PR?
Yeah, need to have a closer look into it. Because I wasn't entirely sure about it if I remember correctly.
To be clear it revolved more around also renaming the first part or not. I only quickly looked at it a few days ago from mobile phone
Made a small change. The createdAt from the state manager is in milliseconds. The expiration arguments and JWT claims are in seconds. So the first change IMO was incorrect. Changed it to divide the createdAt by 1000 to convert it to seconds. Then add the tokenExpiresIn and compare that to iat
iat > (createdAt/1000 + tokenExpiresIn)
another fix related to milliseconds vs seconds