express-stormpath icon indicating copy to clipboard operation
express-stormpath copied to clipboard
verified publisher icon stormpath

Google OAuth fails if server's clock is just few seconds ahead

Open mattilindell opened this issue 9 years ago • 4 comments

Hi,

Google OAuth fails if client's system time is just few seconds ahead. Stormpath swallows the root cause, saing just "Token is invalid" without any additional info.

a) Can you make the time-checks less strict on Stormpath's side, allowing some time drifting on client's side b) Bubble up the actual error root cause to the callee.

Thanks, Matti

mattilindell avatar May 17 '16 11:05 mattilindell

Thanks for the report, is there more information in the error message, such as a status code? In addition to the Google access token, we also exchange our own tokens during the login flow, so it's possible there is also an issue with server time. I want to make sure we're looking in the right place.

robertjd avatar May 17 '16 17:05 robertjd

Hi, this is not actually caused by client's clock, but server's clock instead.

mattilindell avatar Jun 09 '16 06:06 mattilindell

Thanks for the update, is your application now working with an updated server clock?

robertjd avatar Jun 13 '16 21:06 robertjd

Yes it is.

mattilindell avatar Jun 14 '16 05:06 mattilindell