OpenID Certified™ OpenID Connect and OAuth Provider written in Go - cloud native, security-first, open source API security for your infrastructure. SDKs for any language. Works with Hardware Security Modules. Compatible with MITREid.
I've been running OIDC conformance tests using Ory Hydra (hosted on Ory network) and it seems like the user info endpoint (https://inspiring-hopper-b5cn7ocqrx.projects.oryapis.com/userinfo) returns all timestamps as Unix timestamp in seconds (rat, auth_time, iat) but updated_at as Unix timestamp in milliseconds (as JS does it).
This leads to the test to fail with the error:
updated_at in userinfo appears to be in the future
updated_at: Dec 25, 52671, 12:26:40 AM
now: Jun 24, 2024, 8:10:37 PM
Preflight checklist
Ory Network Project
https://inspiring-hopper-b5cn7ocqrx.projects.oryapis.com
Describe the bug
I've been running OIDC conformance tests using Ory Hydra (hosted on Ory network) and it seems like the user info endpoint (https://inspiring-hopper-b5cn7ocqrx.projects.oryapis.com/userinfo) returns all timestamps as Unix timestamp in seconds (
rat
,auth_time
,iat
) butupdated_at
as Unix timestamp in milliseconds (as JS does it).This leads to the test to fail with the error:
I was using the Test variant:
Reproducing the bug
openid
andprofile
JWT
(maybe others are also possible ?!)HTTP Basic Authorization
openid
andprofile
Relevant log output
No response
Relevant configuration
No response
Version
1.2.0
On which operating system are you observing this issue?
Ory Network
In which environment are you deploying?
Ory Network
Additional Context
No response