The token expiration date time for Asymmetric and Symmetric does not work.
The token is still valid even after the specified expiration date time has passed.
Hi Meng Wye, Lavin Lim , can you give an example?
João Almeida wrote:
Using the jwt demo, set an an expiry date time to 30 seconds after system time. Read the sign token in the jwt demo by checking the lifetime verification and it will still flag as valid.
It will only flagged as invalid when system time has passed about 5 mins after the expiry date time set in the token.
Hello João Almeida.
Sorry to bother you. I would like to ask a question. Has this problem been resolved? I'm still having this problem.
Thank you
I wanted to comment and say I'm seeing the same thing. I did a test with the demo and found that there is a near-exact 5 minute delay after the EXP claim before the time validation will fail. I just kept refreshing the demo site to get this:
Lifetime validation failed. The token is expired. ValidTo: '10/29/2021 21:45:09', Current time: '10/29/2021 21:50:09'.
This error comes directly from the JWT Integration library which comes directly from the System library that handles JWT. Is this some sort of disconnect of system time on the OutSystems server?