Nonce is too old - Githubissues

michelangelo13 / openid4java

Automatically exported from code.google.com/p/openid4java

Apache License 2.0

0 stars 0 forks source link

Nonce is too old #26

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago

If relying party and openid provider is not in same timezone,It's possible
that return INVALID_TIMESTAMP in
org.openid4java.consumer.AbstractNonceVerifier.seen()

Original issue reported on code.google.com by zhouyanm...@gmail.com on 3 Sep 2007 at 2:47

GoogleCodeExporter commented 9 years ago

Can you post a few more details, e.g. some debug logs?

As far as I know, the format of the nonces is striclty specified in the spec 
and 
uses UTC time, so timezones should not matter.

Also: INVALID_TIMESTAMP is returned only if the nonce could not be parsed 
properly, 
which would imply it was not in the proper format.

Johnny

Original comment by johnny%s...@gtempaccount.com on 3 Sep 2007 at 11:23

GoogleCodeExporter commented 9 years ago

sorry,I was wrong,it returns TOO_OLD, it cause by time  not synchronizated on my
computer,it's not openid4java bug.

Original comment by zhouyanm...@gmail.com on 4 Sep 2007 at 1:26

GoogleCodeExporter commented 9 years ago

Original comment by Johnny.B...@gmail.com on 4 Sep 2007 at 7:49

Changed state: Invalid