New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

auth_time and max_age are provided in seconds #489

Closed

mvakulich opened this issue May 31, 2020 · 1 comment · Fixed by #497

Labels

bug

mvakulich commented May 31, 2020

auth0-spa-js/src/jwt.ts

Line 167 in e6c3ba1

(parseInt(decoded.claims.auth_time) + options.max_age) / 1000 + leeway

here is the issue, where auth_time and max_age as per docs should be a seconds
and division by 1000 breaking token validation

The text was updated successfully, but these errors were encountered:

stevehobbsdev added the bug label

Contributor

stevehobbsdev commented Jun 1, 2020

Thanks for raising @mvakulich - let us look into it!

stevehobbsdev mentioned this issue

[SDK-1699] Fix ID token validation for auth_time #497

Merged

4 tasks

stevehobbsdev closed this as completed in #497

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment