Angular-auth-oidc-client: Client Offset Time not Considering in Token Validation in initial load

Created on 5 Feb 2021  路  2Comments  路  Source: damienbod/angular-auth-oidc-client

Hi Team,

We are using this package as port of our application token generation and we have a token which is valid for 10 mins and uses the silent renew to refresh the token.
Issue :
As part the Token Validation if the client Time have a difference greater then 10 mins then the Token is rejecting from the package as we are not sending the the offset time from the configuration. Is there any way can we send the offset time for the below method from the configuration to consider the off set time when validating the token at initial load ? Or we need to tell the each client that time is different from internet time ?

https://github.com/damienbod/angular-auth-oidc-client/blob/710af82194bc9372d8a5ffedae00d94fc6f5417c/projects/angular-auth-oidc-client/src/lib/validation/state-validation.service.ts#L154

Any Help or fix is really appreciated.

question
Source
picture sashissd

Most helpful comment

Ok Thankyou.

picture sashissd on 8 Feb 2021
🎉1 👍1

All 2 comments

Hi @sashissd the time sync check is defined in the spec like this. You could use a configuration to disable the check, or increase the allowed time. If your tokens are only valid for 10 mins, maybe you could just turn the check off.

See the configuration properties for details.

Greetings Damien

damienbod picture damienbod on 8 Feb 2021

Ok Thankyou.

sashissd picture sashissd on 8 Feb 2021
🎉1 👍1
Was this page helpful?
0 / 5 - 0 ratings

Related issues

sdev95 picture sdev95  路  3Comments
xaviergxf picture xaviergxf  路  3Comments
nizarkhsib picture nizarkhsib  路  4Comments
cgatian picture cgatian  路  4Comments
vit100 picture vit100  路  4Comments