Reputation: 89
Uncaught exception 'Firebase\JWT\BeforeValidException' with message 'Cannot handle token prior to 2016-11-03T21:37:13+0100'
Hello I have a problem trying to use google/apiclient
Fatal error: Uncaught exception 'Firebase\JWT\BeforeValidException' with message 'Cannot handle token prior to 2016-11-03T21:37:13+0100' in C:\xampp\htdocs\Google\vendor\firebase\php-jwt\src\JWT.php:124 Stack trace: #0 C:\xampp\htdocs\Google\vendor\google\apiclient\src\Google\AccessToken\Verify.php(100): Firebase\JWT\JWT::decode('eyJhbGciOiJSUzI...', '-----BEGIN PUBL...', Array) #1 C:\xampp\htdocs\Google\vendor\google\apiclient\src\Google\Client.php(705): Google_AccessToken_Verify->verifyIdToken('eyJhbGciOiJSUzI...', '474251646530-0t...') #2 C:\xampp\htdocs\Google\app\class\google_auth.php(51): Google_Client->verifyIdToken() #3 C:\xampp\htdocs\Google\app\class\google_auth.php(35): GoogleAuth->getPayLoad() #4 C:\xampp\htdocs\Google\index.php(10): GoogleAuth->checkRedirectCode() #5 {main} thrown in C:\xampp\htdocs\Google\vendor\firebase\php-jwt\src\JWT.php on line 124
My index:
<?php
require_once('app/ini.php');
require_once('vendor/autoload.php');
require_once('app/class/google_auth.php');
$googleClient = new Google_Client();
$auth = new GoogleAuth($googleClient);
if ($auth->checkRedirectCode()) {
header("Location: index.php");
}
?>
<!DOCTYPE html>
<html>
<head>
<title></title>
</head>
<body>
<?php if (!$auth->isLoggedIn()): //Verificar Inicio de Sesion ?>
<a href="<?php echo $auth->getAuthUrl(); ?>">Inicie Sesion con Google</a>
<?php else: //Si no ha iniciado Sesion ?>
Bienvenido.. <a href="logout.php">Cerrar Sesion</a>
<?php endif; ?>
</body>
</html>
The class GoogleAuth:
<?php
class GoogleAuth{//Clase para la autenticacion del usuario google
protected $client;//Variable de cliente
public function __construct(Google_Client $googleClient = null){
$this->client = $googleClient;
if ($this->client) {
$this->client->setClientId('474251646530-0tiho0cbf4dusercontent.com');//Usuario Auth Google
$this->client->setClientSecret('bMuLusxvnvPg2zRz');//Clave Auth Google
$this->client->setRedirectUri('http://localhost/Google/index.php');
$this->client->setScopes('email');
}
}
public function isLoggedIn(){//Metodo que devuelve el estatus de la Sesion con Google (true o false)
return isset($_SESSION['access_token']);
}
public function getAuthUrl(){//Funcion que devuelve el enlace requerido para iniciar sesion
return $this->client->createAuthUrl();
}
public function checkRedirectCode(){
if (isset($_GET['code'])) {
$this->client->authenticate($_GET['code']);
$this->setToken($this->client->getAccessToken());
$payload=$this->getPayLoad();
echo "<pre>", print_r($payload) ,"<pre>";
return true;
}
return false;
}
public function setToken($token){
$_SESSION['access_token']=$token;
$this->client->setAccessToken($token);
}
public function logout(){
unset($_SESSION['access_token']);
}
public function getPayLoad(){
$payload=$this->client->verifyIdToken()->getAttributes();
return $payload;
}
}
?>
PLEASE HELP ME
Upvotes: 7
Views: 8111
Answers (3)
Reputation: 1482
The JWT library makes use of a leeway (in seconds) to account for when there is a clock skew times between the signing and verifying servers.
This error occurs when the times difference between library and your server is major than the leeway
To fix it, go to
\vendor\google\apiclient\src\Google\AccessToken\Verify.php
and increase leeway in the getJwtService function.
private function getJwtService()
{
$jwtClass = 'JWT';
if (class_exists('\Firebase\JWT\JWT')) {
$jwtClass = 'Firebase\JWT\JWT';
}
if (property_exists($jwtClass, 'leeway')) {
// adds 1 second to JWT leeway
// @see https://github.com/google/google-api-php-client/issues/827
$jwtClass::$leeway += 10;
}
return new $jwtClass;
}
Upvotes: 9
Reputation: 858
You have a Server time issue. The time between your JWT Library and Server differs. That Library uses the 'UTC' timezone. Depending on your usecase, you will want to align the timezones to be in the same zone or you can comment this line if you don't need it.
// Configures the time that the token can be used (nbf claim)
// ->setNotBefore(time() + 60)
Upvotes: 2
Reputation: 134
Inside this function:
public function getPayLoad(){
$payload=$this->client->verifyIdToken()->getAttributes();
return $payload;
}
remove getAttributes() and leave it like this:
public function getPayLoad(){
$payload=$this->client->verifyIdToken();
//print_r($payload); //This gives you the information you need
return $payload;
}
Upvotes: 0
Related Questions
- Google Client Invalid JWT: Token must be a short-lived token
- JWT Token generated using firebase/php-jwt is showing as Invalid Token
- Firebase auth with custom token from php
- 401 Unauthorized When trying to call a google cloud functions
- Algorithm Not Allowed error with Firebase trying to decode JWT token
- Error: Google id_token is not allowed to be used with this application. Firebase access fails after it was working
- Firebase Invalid Custom Token
- Firebase JWT: Signature verification failed
- firebase: "Could not parse auth token."
- Uncaught exception 'Google_Auth_Exception' with message 'Could not json decode the token'