Token fails validation with status = NotYetValid

[godefroi]

I have a token that was retrieved from Auth0, and issued a few minutes ago. When I validate the token with .EnableLifetimeValidation(), the validation fails, with Status being NotYetValid. The code that does the validation is as follows:

var policy = new TokenValidationPolicyBuilder()
    .RequireAudience("https://tv-dev-test/")
    .RequireSignature(m_keys)
    .RequireIssuer(m_domain)
    .EnableLifetimeValidation()
    .Build();

var reader = new JwtReader();
var header = AuthenticationHeaderValue.Parse(req.Headers[HeaderNames.Authorization]);
var result = reader.TryReadToken(header.Parameter, policy);

Console.WriteLine(result.Succedeed);
Console.WriteLine(result.Status);
Console.WriteLine(result.Exception?.ToString());
Console.WriteLine($"now is {DateTime.UtcNow} {DateTime.UtcNow.Kind}");
Console.WriteLine($"not before {result.Token.NotBefore} {result.Token.NotBefore?.Kind}");
Console.WriteLine($"issued at {result.Token.IssuedAt} {result.Token.IssuedAt?.Kind}");
Console.WriteLine($"expiration time {result.Token.ExpirationTime} {result.Token.ExpirationTime?.Kind}");

The output of this validation is as follows:

False
NotYetValid

now is 9/17/2020 9:49:05 PM Utc
not before
issued at 9/17/2020 9:09:54 PM Utc
expiration time 9/18/2020 9:09:54 PM Utc

The current time is definitely between the "issued at" and the "expires at" times, but the validation still fails. Is there something I am doing wrong?

[ycrumeyrolle]

There is an issue with token lifetime validation when the JWT does not have a 'nbf' claim. All the tests are done with either 'exp' & 'nbf' present of missing, but not without 'nbf' only.... (since it is very common). I a looking for a fix.

[ycrumeyrolle]

Fixed in version 1.8