You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently, in src/Validation/Validate.php at method "notBefore" the comparison done between $notBefore and time() is <. If $notBefore and time() are identical (and time() is only precise to the second), then authorization will fail even though the token isn't being used before the not before time. I'm open to correction, but I get the impression that using <= instead would be appropriate, since there are cases where developers would generate a token (with not before time and issued at time set to the same value) and then quickly use it.
The text was updated successfully, but these errors were encountered:
Currently, in src/Validation/Validate.php at method "notBefore" the comparison done between
$notBeforeandtime()is<. If$notBeforeandtime()are identical (andtime()is only precise to the second), then authorization will fail even though the token isn't being used before the not before time. I'm open to correction, but I get the impression that using<=instead would be appropriate, since there are cases where developers would generate a token (with not before time and issued at time set to the same value) and then quickly use it.The text was updated successfully, but these errors were encountered: