Closed yuriescl closed 1 year ago
JakeUrban
commented
1 year ago Hey Yuri, thanks for addressing this. We actually added a similar solution at the Stellar SDK level for SEP-10 tokens. In that case we actually added a much more forgiving grace period of 5 minutes.
Can we do the same for the interactive URL JWT?
yuriescl
commented
1 year ago Hey Yuri, thanks for addressing this. We actually added a similar solution at the Stellar SDK level for SEP-10 tokens. In that case we actually added a much more forgiving grace period of 5 minutes.
Can we do the same for the interactive URL JWT?
Yes, done
yuriescl
commented
1 year ago @JakeUrban Not sure about clock syncing though. The only clock involved is the server one, since iat is generated by the same server that checks now.
yuriescl
commented
1 year ago 5 minutes might be overkill for this specific issue
JakeUrban
commented
1 year ago Oh you're right, my mistake. Clock drift would only be relevant when the client has to check the server's expiration.
yuriescl
commented
1 year ago No problem, I reverted back the change, 1 second seems to be sufficient
yuriescl
commented
1 year ago PR is ready on my side, feel free to merge
JakeUrban
commented
1 year ago I'm working on removing the CircleCI check -- we're moving to GH actions. Then I'll merge & release the patch.
resolves #666