The token is not yet valid (iat)

[aruehl]

Since upgrading to version 2.6.0 the decoding of my ID Token fails with: jwt.exceptions.ImmatureSignatureError: The token is not yet valid (iat)

The token has valid values. For example:

{
  "exp": 1667737396,
  "iat": 1667737096,
  "auth_time": 1667732666,
  "jti": "ac4bb8fb-1c05-478f-ba61-99a78d7a3b84",
  "sub": "a50dbd90-fccf-42f6-b13d-04759e3e6ee4",
  "typ": "ID",
...

Epoch timestamp at calling the decode method was 1667737094. From client view the token is generated in the future.

Previous versions (2.4.0 and 2.5.0) are decoding the token susccessfully.

I have also tried options={"verify_aud": False, "verify_nbf": False}, but get the same error!

Did you changed any parameters of validation?

Reproduction Steps

import jwt

jwt.decode(token, signing_key, algorithms=["ES256", "RS256"], options={"verify_aud": False})

System Information

$ python -m jwt.help

{
  "cryptography": {
    "version": "38.0.1"
  "platform": {
    "release": "10",
    "system": "Windows"
  },
  "pyjwt": {
    "version": "2.6.0"
  }
}

[daillouf]

this is a duplicate of #814

814 got closed as the PR got closed but there was no release made yet.

Waiting for that release I suggest either putting leeway=1 in all your decode() calls, or limit your pyjwt <2.6.0 for now

[CCodeInspect]

this is a duplicate of #814 #814 got closed as the PR got closed but there was no release made yet.

Waiting for that release I suggest either putting leeway=1 in all your decode() calls, or limit your pyjwt <2.6.0 for now

this is a duplicate of #814 #814 got closed as the PR got closed but there was no release made yet.

Waiting for that release I suggest either putting leeway=1 in all your decode() calls, or limit your pyjwt <2.6.0 for now

Thanks and i also met this question and i just back to 2.5.0 and try again.

question: raise ImmatureSignatureError("The token is not yet valid (iat)") jwt.exceptions.ImmatureSignatureError: The token is not yet valid (iat)