bmorton
commented
2 years ago Nice! This looks like it would fix the issue in #33.
Open arlandism opened 2 years ago
bmorton
commented
2 years ago Nice! This looks like it would fix the issue in #33.
arlandism
commented
2 years ago We have this running in our production environment with no problems.
arlandism
commented
2 years ago Hey @PrasadG193 or @sahil-lakhwani, is there any chance one of you would have time to review this?
arlandism
commented
2 years ago Just wanted to drop a note that the underlying change in the jwt-go library supporting this was reverted recently due to backwards-compatibility issues. We had no problem compiling with this library but I understand if we want to hold on bring this change in.
This change lets clients decide how much leeway should apply to the 'exp' and 'nbf' claims coming from the JWTs on inbound requests. It's a pass-through to the jwt library's functionality.
See https://github.com/golang-jwt/jwt/commit/d489c99d3e8a82bd47dcb3e4880414f7f747eaa7 for related changes there.