Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Mismatch token timestamp web client and php server cause exception #139

Closed
alexswe1 opened this issue Dec 7, 2017 · 5 comments
Closed

Mismatch token timestamp web client and php server cause exception #139

alexswe1 opened this issue Dec 7, 2017 · 5 comments

Comments

@alexswe1
Copy link

alexswe1 commented Dec 7, 2017

I am using version 3.5 of the library. The issue is that the timestamp on the client with firebase web and the timestamp on the php server is mismatched and that causes an exception to be thrown when validating token in php. See details below:

On the client i get the token with:

fbase_auth.currentUser.getIdToken(true)
  .then((token) => {
        // return token
});

On the php server i run this code:

public function getUserFromTokenId($idTokenString) {
   $idToken = $this->auth->verifyIdToken($idTokenString);
   $uid = $idToken->getClaim('sub');			
   return $this->auth->getUser($uid);		
}

With the $idTokenString sent in from the client.

When running verifyIssuedAt in IdTokenVerifier class i get the error message:

"This token has been issued in the future."

The problem is that inside that code you have:

private function verifyIssuedAt(Token $token)   {
    if (!$token->hasClaim('iat'))  {            
        throw new InvalidIdToken('The claim "iat" is missing.');
     }

     if ($token->getClaim('iat') > time())  {  // this fails..			
        throw new InvalidIdToken('This token has been issued in the future.');        
   }    
}

The problem is as mentioned that the token from the client is in the future compared to the timestamp on the server. The test i ran the timestamp (from clock) on the server was 5 minutes slower then on client, so mismatch in timestamp caused it to not work (exception thrown)..
@jeromegamez
Copy link
Member

Hey @alexswe1! Thank you for your report - this seems to be the same issue as in #140 - if you agree, I'd like to close this issue and we can continue the discussion over there, where I already added a proposal to work around this issue: #140 (comment)

@alexswe1
Copy link
Author

alexswe1 commented Dec 8, 2017 via email
edited by jeromegamez
Loading

@jeromegamez
Copy link
Member

Continued in #140

@icardo icardo mentioned this issue Jun 4, 2018
Closed
@jeromegamez
Copy link
Member

4.9.0 (Documentation) should fix the issue for special use cases.

@lock
Copy link

lock bot commented Jun 8, 2019

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.

@lock lock bot locked as resolved and limited conversation to collaborators Jun 8, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jeromegamez @alexswe1