Closed croensch closed 1 year ago
google-cla[bot]
commented
1 year ago Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).
View this failed invocation of the CLA check for more information.
For the most up to date status, view the checks section at the bottom of the pull request.
bshaffer
commented
1 year ago Wouldn't it be a better solution to just use microtime(true) instead of time() for the JWT validation?
Update: microtime requires that gettimeofday has an implementation. It seems like this is always the case, but it's possible this library is running on an obscure operating system without an implementation. Maybe we should wait to support microtime in a major version bump
bshaffer
commented
1 year ago This is a good solution for now, and we can look at using microtime in a future version
This makes #488 work without having to set leeway.