Removes JWT refresh guards and adds parameter for expiration

GoogleCloudPlatform · Mar 26, 2019 · b82ab92 · b82ab92
1 parent a41c002
commit b82ab92
Show file tree

Hide file tree

Showing 6 changed files with 22 additions and 24 deletions.
diff --git a/examples/Esp32-lwmqtt/ciotc_config.h b/examples/Esp32-lwmqtt/ciotc_config.h
@@ -45,6 +45,9 @@ const char *private_key_str =
     "63:38:b0:90:57:57:e0:c0:9a:e8:6f:06:0c:d9:ee:"
     "31:41";
 
+// Time (seconds) to expire token += 20 minutes for drift
+const int jwt_exp_secs = 3600; // Maximum 24H (3600*24)
+
 // To get the certificate for your region run:
 // openssl s_client -showcerts -connect mqtt.googleapis.com:8883
 // Copy the certificate (all lines between and including ---BEGIN CERTIFICATE---

diff --git a/examples/Esp32-lwmqtt/esp32-mqtt.h b/examples/Esp32-lwmqtt/esp32-mqtt.h
@@ -50,13 +50,9 @@ String getDefaultSensor() {
 }
 
 String getJwt() {
-  if (iss == 0 || time(nullptr) - iss > 3600) {  // TODO: exp in device
-    iss = time(nullptr);
-    Serial.println("Refreshing JWT");
-    jwt = device->createJWT(iss);
-  } else {
-    Serial.println("Reusing still-valid JWT");
-  }
+  iss = time(nullptr);
+  Serial.println("Refreshing JWT");
+  jwt = device->createJWT(iss, jwt_exp_secs);
   return jwt;
 }
 

diff --git a/examples/Esp8266-lwmqtt/ciotc_config.h b/examples/Esp8266-lwmqtt/ciotc_config.h
@@ -41,6 +41,9 @@ const char* private_key_str =
     "07:fd:ed:22:0d:03:2b:a6:b1:b6:04:0b:d5:9b:49:"
     "7d:ca";
 
+// Time (seconds) to expire token += 20 minutes for drift
+const int jwt_exp_secs = 3600; // Maximum 24H (3600*24)
+
 // Use the root certificate to verify tls connection rather than
 // using a fingerprint.
 //

diff --git a/examples/Esp8266-lwmqtt/esp8266_mqtt.h b/examples/Esp8266-lwmqtt/esp8266_mqtt.h
@@ -50,14 +50,12 @@ String getDefaultSensor() {
 }
 
 String getJwt() {
-  if (iss == 0 || time(nullptr) - iss > 3600) {  // TODO: exp in device
-    // Disable software watchdog as these operations can take a while.
-    ESP.wdtDisable();
-    iss = time(nullptr);
-    Serial.println("Refreshing JWT");
-    jwt = device->createJWT(iss);
-    ESP.wdtEnable(0);
-  }
+  // Disable software watchdog as these operations can take a while.
+  ESP.wdtDisable();
+  iss = time(nullptr);
+  Serial.println("Refreshing JWT");
+  jwt = device->createJWT(iss, jwt_exp_secs);
+  ESP.wdtEnable(0);
   return jwt;
 }
 
@@ -142,9 +140,6 @@ void setupCloudIoT() {
   netClient = new WiFiClientSecure();
   setupWifi();
 
-  // Device/Time OK, ESP8266 refresh JWT
-  Serial.println(getJwt());
-
   // ESP8266 WiFi secure initialization
   setupCert();
 

diff --git a/examples/MKR1000-lwmqtt/ciotc_config.h b/examples/MKR1000-lwmqtt/ciotc_config.h
@@ -41,6 +41,9 @@ const char* private_key_str =
     "07:fd:ed:22:0d:03:2b:a6:b1:b6:04:0b:d5:9b:49:"
     "7d:ca";
 
+// Time (seconds) to expire token += 20 minutes for drift
+const int jwt_exp_secs = 3600; // Maximum 24H (3600*24)
+
 // In case we ever need extra topics
 const int ex_num_topics = 0;
 const char* ex_topics[ex_num_topics];

diff --git a/examples/MKR1000-lwmqtt/mkr1000-mqtt.h b/examples/MKR1000-lwmqtt/mkr1000-mqtt.h
@@ -48,12 +48,10 @@ String getDefaultSensor() {
 }
 
 String getJwt() {
-  if (iss == 0 || WiFi.getTime() - iss > 3600) {  // TODO: exp in device
-    // Disable software watchdog as these operations can take a while.
-    Serial.println("Refreshing JWT");
-    iss = WiFi.getTime();
-    jwt = device->createJWT(iss);
-  }
+  // Disable software watchdog as these operations can take a while.
+  Serial.println("Refreshing JWT");
+  iss = WiFi.getTime();
+  jwt = device->createJWT(iss, jwt_exp_secs);
   return jwt;
 }