When a Token is issued it is not immediately usable. When developing with Go 1.18 on Windows I frequently have to resync to NTP or the token appears to of been used before it was issued.
What was the expected behavior?
Tokens should have a backdated issue date (by at least a few seconds) to avoid time-drift causing users to use the token before it was used. This could have a serious impact on a production environment.
Describe the problem
When a Token is issued it is not immediately usable. When developing with Go 1.18 on Windows I frequently have to resync to NTP or the token appears to of been used before it was issued.
What was the expected behavior?
Tokens should have a backdated issue date (by at least a few seconds) to avoid time-drift causing users to use the token before it was used. This could have a serious impact on a production environment.
StackOverflow has a nice writeup on this bug https://stackoverflow.com/questions/60480824/auth0-jwt-authentication-error-parsing-token-token-used-before-issued
Reproduction
Develop an application with React Auth0 and Go JWT Middleware and try to login.
Environment
Windows 11 and Go 1.18 with JetBrains GoLand as my IDE and running the application.