set clock skew to 0 (Issue/1964-tokenExpiryUIv2)

3bed0bd5 · L. Ellenbeck · 71cc0726 · 3bed0bd5
Commit 3bed0bd5 authored 3 years ago by L. Ellenbeck
--- a/src/JwtHandler/JwtHandler.cs
+++ b/src/JwtHandler/JwtHandler.cs
@@ -15,8 +15,10 @@ namespace Coscine.JwtHandler
        private readonly JwtSecurityTokenHandler _jwtSecurityTokenHandler;
        private readonly SymmetricSecurityKey _symmetricSecurityKey;
        private readonly DateTime _centuryBegin;
+
        // How long the default token is valid (in minutes).
        private readonly double _defaultExpiration;
+
        private readonly string _issuer;
        private readonly string _audience;

@@ -52,7 +54,9 @@ namespace Coscine.JwtHandler
                ValidateIssuerSigningKey = true,
                IssuerSigningKey = _symmetricSecurityKey,
                ValidateIssuer = false,
-                ValidateAudience = false
+                ValidateAudience = false,
+                // set clockskew to zero so tokens expire exactly at token expiration time (instead of 5 minutes later)
+                ClockSkew = TimeSpan.Zero
            };

            _jwtSecurityTokenHandler.ValidateToken(token, tokenValidationParameters, out _);
@@ -107,6 +111,5 @@ namespace Coscine.JwtHandler

            return GenerateJwtToken(payload, issuer, audience, issuedAt, expires, signatureAlgorithm);
        }
-
    }
 }
\ No newline at end of file