Closed stveit closed 1 year ago
Leeway concept was misunderstood by original author it seems. Authlib has a leeway concept, which is meant to account for clock skew, not to compare against "iat". The function the original author overrides has that leeway support, and the "iat" comparison is added on top of it so it actually checks both. So technically this removed both the "iat" comparison leeway concept AND clockskew concept.
Clockskew concept can possibly be added back without the additional "iat" comparison
Removes leeway concept and some whitespaces