Skip to content

ImmatureSignatureError The token is not yet valid #1102

New issue
New issue
Open
#1103
Open
ImmatureSignatureError The token is not yet valid#1102
#1103
@mageo

Description

@mageo
mageo
opened on Apr 9, 2025

Hello,

The problem I'm facing is identical to the one solved in #685 but with a different backend, Keycloak.

The solution that is proposed, to add SOCIAL_AUTH_JWT_LEEWAY in the Django settings does not work as leeway is not implemented in the backend code:

def user_data(self, access_token, *args, **kwargs):  # pylint: disable=unused-argument
    """Decode user data from the access_token

    You can specialize this method to e.g. get information
    from the Keycloak backend if you do not want to include
    the user information in the access_token.
    """

    return jwt.decode(
        access_token,
        key=self.public_key(),
        algorithms=self.algorithm(),
        audience=self.audience()
    )

I checked the AzureAD B2C backend and the jwt.decode is implementing the leeway in the following way:

return jwt_decode(
    id_token,
    key=key,
    algorithms=["RS256"],
    audience=self.setting("KEY"),
    leeway=self.setting("JWT_LEEWAY", default=0),
)

I will submit a PR to port this to the Keycloak backend.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions