OIDC: increase allowed clock skew from 5s to 1m

Other systems [1] allow a skew of 5 minutes, so 1 minute doesn't seem unreasonable. [1] https://blog.logto.io/troubleshooting-invalid-issued-at-time-error For https://github.com/unmojang/drasl/issues/166
2025-08-03 02:46:03 -04:00 · 2025-04-13 17:38:13 -04:00 · 2025-04-13 17:38:13 -04:00 · 21aca475d5
commit 21aca475d5
parent 3c5a3b59ed
1 changed files with 1 additions and 1 deletions
--- a/main.go
+++ b/main.go
@ -518,7 +518,7 @@ func setup(config *Config) *App {
 	scopes := []string{"openid", "email"}
 	for _, oidcConfig := range config.RegistrationOIDC {
 		options := []rp.Option{
-			rp.WithVerifierOpts(rp.WithIssuedAtOffset(5 * time.Second)),
+			rp.WithVerifierOpts(rp.WithIssuedAtOffset(1 * time.Minute)),
 			rp.WithHTTPClient(MakeHTTPClient()),
 			rp.WithSigningAlgsFromDiscovery(),
 		}