-
Notifications
You must be signed in to change notification settings - Fork 157
Token expiring after 70 minutes. #99
Comments
The 70 minutes is probably coming from a combination of the 60 minute token expiration set in the JWT payload combined with the 20 minutes of clock drift allowed by the authentication backend. If you're using the new examples, they should refresh the JWT token when it expires and subsequently re-authenticates the MQTT connection. Can you share any additional debugging information, as described in the support issue? |
I'm able to repro the issue:
However, you'll notice that the connection eventually corrects itself. I'll see if I can get the connection to properly drop / resetart after the JWT expires. |
Hi Man, had this problem for while and destroy my head on. If can help this seems direct connect in some way to MQTT protocol. looks like need to fully reset the connection ( or go to a timeout.... ) to reconnect, in fact if you reset also wifi cons and reopen full wifi + ssl + iot core this work good ( a workaround could do to set a 24 Expiry and do that 1 time a day). It would be SO useful to have acces to MQTT log ( I suppose ( I repeat I suppose....) IOT core is a layer on standard IBM MQTT) to verifiy what's happening on server side. Do you have ability to have a look with you google internal super power? ✌️ |
It looks to me that the current issue is that String getJwt() {
if (iss == 0 || time(nullptr) - iss > 60) { // TODO: exp in device
// Disable software watchdog as these operations can take a while.
ESP.wdtDisable();
iss = time(nullptr);
Serial.println("Refreshing JWT");
jwt = device->createJWT(iss, 60); // TODO: fix force expiration
ESP.wdtEnable(0);
}
return jwt;
} There will be more refactoring necessary for making these less decoupled but I do believe that refresh is working, just out of sync with the token issue. |
I found the bug -- the getJWT code was hardcoded to guard against refreshing the JWT too frequently. This fix has been pushed to master and has been tested. This should release later this week. I'll close the issue now, please reopen if you're still seeing the JWTs expire and not refresh after installing the latest library from the master branch. |
Hi Gus.
6 months ago I was trying to use the mqtt examples for ESP32, but I stopped at the token expiration problem. Now I saw that you changed the examples a lot, it was easier to understand, this more didactic, but I still found the token expiration problem after 70 minutes. Now I'm using ESP8266, I can only refresh the token if I reset the device, where am I going wrong?
Thanks for attention.
The text was updated successfully, but these errors were encountered: