fix(client): use timestamp before issue token request to ensure expiresAt is smaller than token exp

logto-io / js

🤓 Logto JS SDKs.

https://docs.logto.io/quick-starts/

MIT License

67 stars 40 forks source link

fix(client): use timestamp before issue token request to ensure expiresAt is smaller than token exp #522

Closed charIeszhao closed 1 year ago

charIeszhao commented 1 year ago

Summary

Calculate the expiresAt by requestedAt + expiresIn, which ensures the calculated result is always smaller than the actual exp property in token claims.

expiresAt = requestedAt + actual request time + expiresIn

Should fix #518

Testing

N/A

Checklist

[x] .changeset

linear[bot] commented 1 year ago

LOG-6493 ExpireAt and exp in token claims are mismatched

Discussed and decided to add a backward shifted time (60s) to the `expireAt` result.