Added option clockSkewInSeconds to allow setting clock_skew_in_seconds parameter for token verification by fschaeck · Pull Request #625 · firebase/firebase-admin-python
Adding the optional parameter clock_skew_in_seconds=60 to the call to google.oauth2.id_token.verify_token now allows for the token-issuing server's clock to be off by up to a minute without the token becoming invalid due to a 'issued-at-time' timestamp that is in the future.
self-assigned this
This option value is used for the token verification instead of the fixed 60 seconds from the earlier commit. This way, the user of firebase_admin can decide if he/she wants to set that value or not. Also all existing uses of firebase_admin won't suddenly change behaviour, since if the option is not specified, it's default of 0 is equivalent to what was used before the introduction of the new option.
fschaeck
changed the title
Added clock_skew_in_seconds=60 to token verification
Added option clockSkewInSeconds to allow setting clock_skew_in_seconds parameter for token verification
stillmatic added a commit to stillmatic/firebase-admin-python that referenced this pull request
Aug 23, 2023
stillmatic added a commit to stillmatic/firebase-admin-python that referenced this pull request
Sep 26, 2023
stillmatic added a commit to stillmatic/firebase-admin-python that referenced this pull request
Oct 12, 2023
jonathanedey pushed a commit that referenced this pull request
Oct 26, 2023
* feat: add clockSkewSeconds per feedback in #625 (comment) adds unit and integration tests as well. unit tests and lint pass. * fix: test * chore: version bump for testing * chore: address CR * fix:lint * chore: address CR * chore: remove test * fix: remove more tests * chore: address CR
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode characters