From 99a021bde97e7863c4830923edfd92d647c1f0f7 Mon Sep 17 00:00:00 2001
From: Evan Goode <mail@evangoo.de>
Date: Sun, 13 Apr 2025 17:38:13 -0400
Subject: [PATCH] OIDC: increase allowed clock skew from 5s to 1m

Other systems [1] allow a skew of 5 minutes, so 1 minute doesn't seem
unreasonable.

[1] https://blog.logto.io/troubleshooting-invalid-issued-at-time-error

For https://github.com/unmojang/drasl/issues/166
---
 main.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/main.go b/main.go
index ca113f9..9857776 100644
--- a/main.go
+++ b/main.go
@@ -518,7 +518,7 @@ func setup(config *Config) *App {
 	scopes := []string{"openid", "email"}
 	for _, oidcConfig := range config.RegistrationOIDC {
 		options := []rp.Option{
-			rp.WithVerifierOpts(rp.WithIssuedAtOffset(5 * time.Second)),
+			rp.WithVerifierOpts(rp.WithIssuedAtOffset(1 * time.Minute)),
 			rp.WithHTTPClient(MakeHTTPClient()),
 			rp.WithSigningAlgsFromDiscovery(),
 		}