tabshift/pocketbase
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[#6529] added default leeway for the id_token checks

Browse Source
This commit is contained in:
Gani Georgiev
2025-02-24 11:43:26 +02:00
parent 653f2d8b16
commit 4155f50fe1
32 changed files with 60 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
tools/auth/apple.go
View File

@@ -141,6 +141,7 @@ func (p *Apple) parseAndVerifyIdToken(idToken string) (jwt.MapClaims, error) {
jwtValidator := jwt.NewValidator(
jwt.WithExpirationRequired(),
jwt.WithIssuedAt(),
jwt.WithLeeway(idTokenLeeway),
jwt.WithIssuer("https://appleid.apple.com"),
jwt.WithAudience(p.clientId),
)