Exception: Cannot handle token prior to [timestamp] #56
Comments
|
My ugly hack/workaround for now was to comment out the exception in 2 places in I'm not sure if that reduces the security significantly or anything? I suspect not by much. |
|
Try setting the Somewhere in your project before the auth0 sdk is initialized add this line:
this will let you move the time window X seconds, ceck if you are ahead or behind and play with it until you find a confortable value. |
|
@SimonEast did it work? |
|
OK, awesome. That's the kinda thing I was looking for. Haven't tried it yet but hope to do so in the next 1-2 weeks and will try post back how it goes. |
|
sure, I will close the issue for now but feel free to open a new one (or just ping me here) |
|
@SimonEast Did the leeway setting work for you? What setting did you settle on? |
|
@SeanZicari I actually can't remember what I did with it 12 months ago, I'm sorry. I'd have to dig through my source code, which I may not get time to do very soon due to life circumstances. I apologize. |
|
@SeanZicari the leeway should do the trick, anyway if it is posible check that your server's timezone is well configured and that it is sincronized with an NTP server so it keeps up to date. Also, can you check what is the difference between the server time and the current time? |
|
@glena Thanks! I increased the leeway to 120 seconds. Is that excessive? It did seem to resolve the issue. |
|
@SeanZicari it is not a good idea because you are opening the expiration window. It is always better to try to keep the server time in sync to avoid future issues. |
|
@glena That makes sense. The issue I was having seemed to be related to one individual auth0 account that was causing that error to be thrown when trying to log in as them. I don't know enough about what's going on behind the scenes to know how else to fix it. |
|
if you have ssh access to the server, you can check the time of it (if it is linux by running If that is the case, I would recommend to configure it to be in sync with an NTP service or if it is already configured you will need to troubleshoot why it is not working. |
|
Ok, so it sounds like the problem I am having periodically should
definitely never happen when the time is in sync with a time server.
…On Thu, Feb 23, 2017 at 12:19 PM Germán Lena ***@***.***> wrote:
if you have ssh access to the server, you can check the time of it (if it
is linux by running date) and check if it is correct (time and timezone).
Probably it is some minutes off.
If that is the case, I would recommend to configure it to be in sync with
an NTP service or if it is already configured you will need to troubleshoot
why it is not working.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#56 (comment)>, or mute
the thread
<https://github.com/notifications/unsubscribe-auth/ACPDrS5hl66kP519OkZMKqjXjrbC4GSsks5rfem1gaJpZM4HFdC->
.
|
|
@glena Thanks. This solved the problem. |
|
ntpdate -q 0.rhel.pool.ntp.org |
Cannot handle token prior auth0/auth0-PHP#56
|
This issue has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs. |
As I mentioned in this issue (over in PHP-JWT), I'm getting this exception triggered a lot when calling
$auth0->getUser(). It first happened on my development machine and now on my web host:It appears to occur when the server's clock is a few seconds behind Auth0's. I resynced my local dev machine's clock and the message went away. I can't do that on a shared web hosting server though. :-(
My thoughts are that the time check should not be so strict that it requires an up-to-the-second time-synchronization.
Simon.
The text was updated successfully, but these errors were encountered: