Hello,
I have a problem with JWT expired time
In the iOS app I’m using custom lock screen with following code:
authentication?
.login(usernameOrEmail: email, password: password, realm: connection, audience: "https://" + domain + "/userinfo", scope: "openid profile offline_access email")
.start { (result) in
switch result {
case .failure(let error):
log.error("Failed user-pass login from Lock with \(error.localizedDescription)")
let responseError = ResponseError(customConnectionMeta: "", message: error.localizedDescription)
completion(responseError)
case .success(let credentials):
_ = self.store(credentials: credentials)
completion(nil)
}
}
After that login I’m getting the credentials that I’m storing to the keychain. The “expiresIn” date is set for the next 24 hours
And we are using JWT in our server’s API
After the next application launch I’m using Touch ID. The SDK checks that the expiresIn date is less than the current date and doesn’t make a renew with a refreshToken. However, JWT token might be expired that moment and the app will get an error about it.
So how can I make the JWT and credentials expiresIn date to be same, so the app will define that JWT is expired by checking credentials? Do I need to parse JWT and get “exp” timestamp in the app manually to refresh JWT even if the expiresId date < current date or there is another simple solution.
And what if we will set the JWT exp for 10 hours or even 1 hour, how can we set the credentials expiresIn date correctly?
SDK v1.10
Thanks for any help in advance
Regards, Pavel.