Description
I am using JWT.php from the Google PHP API and when I first authenticate using a Google Account JWT.php throws a Fatal Error. If I refresh the page a few seconds later the error goes away.
On line 112 of JWT.php I alter the error message to:
if (isset($payload->iat) && $payload->iat > (time() + self::$leeway)) { throw new BeforeValidException( 'Cannot handle token prior to ' . date(DateTime::ISO8601, $payload->iat) . 'The payload output is:' . $payload->iat . ' but time is ' . time() ); }
I find from the error message that the iat property of $payload is 4 seconds slower than time(). No problem, I change the following in line 30:
public static $leeway = 5;
This still doesn't make a difference.
The only way to resolve the problem is to manually enter the leeway into the calculation on line 111:
if (isset($payload->iat) && $payload->iat > (time() + self::$leeway + 5))
It would appear that time() + self::$leeway is just time()?
Thanks