Open IchbinkeinReh opened 7 months ago
@manfredsteyer or @jeroenheijmans Could you please have a look at this PR, because i think the part with the "expires_at" is rather critical
Heya! FYI: I'm no longer very active as a maintainer or community moderator (see #1280), so I will likely not be investigating or reviewing. But thanks for submitting a fix to this Open Source project, hopefully Manfred or another contributor can find time to help out!
@manfredsteyer sry for bumping, but i think this is a big issue and should be fixed asap
Need to be merged.
In the "expires_at" is set and its calculated with local clock (see https://github.com/manfredsteyer/angular-oauth2-oidc/blob/15.0.0/projects/lib/src/oauth-service.ts#L1698 ). Therefore there is no need to appy clockSkewInMsec in hasValidAccessToken