You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The spec's instructions for verifying token TTL doesn't explain how to handle nanoseconds.
If the user has specified a maximum age (or "time-to-live") for the token, ensure the recorded timestamp is not too far in the past.
This results in difference between implementations. For example, fernet-go uses time.Time.After, which checks equality down to the nanosecond level, while Python's cryptography.fernet truncates nanoseconds from the now timestamp before comparing. This means that a token may fail verification in one implementation, but pass in the other.
The text was updated successfully, but these errors were encountered:
The spec's instructions for verifying token TTL doesn't explain how to handle nanoseconds.
This results in difference between implementations. For example, fernet-go uses
time.Time.After, which checks equality down to the nanosecond level, while Python's cryptography.fernet truncates nanoseconds from the now timestamp before comparing. This means that a token may fail verification in one implementation, but pass in the other.The text was updated successfully, but these errors were encountered: