feat(nextjs): Clock skew error message

[brkalow]

Type of change

• 🐛 Bug fix
• 🌟 New feature
• 🔨 Breaking change
• 📖 Refactoring / dependency upgrade / documentation
• other:

Packages affected

• @clerk/clerk-js
• @clerk/clerk-react
• @clerk/nextjs
• @clerk/remix
• @clerk/types
• @clerk/themes
• @clerk/localizations
• @clerk/clerk-expo
• @clerk/backend
• @clerk/clerk-sdk-node
• @clerk/shared
• @clerk/fastify
• @clerk/chrome-extension
• gatsby-plugin-clerk
• build/tooling/chore

Description

• npm test runs as expected.
• npm run build runs as expected.

Attempt to detect clock skew in development based on the requestState. If detected, we log a helpful error message.

Example output:

Error: Clerk: Clock skew detected. This usually means that your server's system clock is inaccurate. Clerk will continuously try to issue new tokens, as the existing ones will be treated as "expired" due to clock skew.

To resolve this issue, make sure your system's clock is set to the correct time (e.g. turn off and on automatic time synchronization).

---

JWT cannot be used prior to not before date claim (nbf). Not before date: Wed Aug 30 2023 13:18:40 GMT-0500 (Central Daylight Time); Current date: Wed Aug 30 2023 13:17:56 GMT-0500 (Central Daylight Time); (reason=token-not-active-yet, token-carrier=cookie)

related to JS-675

[changeset-bot]

🦋 Changeset detected

Latest commit: 26af835

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 6 packages

Name	Type
@clerk/backend	Patch
@clerk/nextjs	Patch
@clerk/fastify	Patch
gatsby-plugin-clerk	Patch
@clerk/remix	Patch
@clerk/clerk-sdk-node	Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

[jit-ci]

✅ Great news! Jit hasn't found any security issues in your PR. Good Job! 🏆

[nikosdouvlis]

This makes sense to me!

[nikosdouvlis]

Is it possible to use the enum here? Ref: https://github.com/clerkinc/javascript/blob/18d507e4d7c1dfed207ed21a4f86f19042a00a9a/packages/backend/src/tokens/errors.ts#L14

[brkalow]

@nikosdouvlis I would have to import from the dist, what's our stance on that?

import { TokenVerificationErrorReason } from '@clerk/backend/dist/types/tokens/errors';

[dimkl]

Why not use the requestState.action: TokenVerificationErrorAction.EnsureClockSync ?

[brkalow]

!snapshot

[clerk-cookie]

Hey @brkalow - the snapshot version command generated the following package versions:

Package	Version
@clerk/backend	0.28.1-snapshot.b493055
@clerk/chrome-extension	0.3.29-snapshot.b493055
@clerk/clerk-js	4.56.2-snapshot.b493055
eslint-config-custom	0.3.0
@clerk/clerk-expo	0.18.20-snapshot.b493055
@clerk/fastify	0.6.5-snapshot.b493055
gatsby-plugin-clerk	4.4.6-snapshot.b493055
@clerk/localizations	1.25.0
@clerk/nextjs	4.23.4-snapshot.b493055
@clerk/clerk-react	4.24.0
@clerk/remix	2.10.1-snapshot.b493055
@clerk/clerk-sdk-node	4.12.4-snapshot.b493055
@clerk/shared	0.22.0
@clerk/themes	1.7.5
@clerk/types	3.50.0

Tip: use the snippet copy button below to quickly install the required packages.

# @clerk/backend
npm i @clerk/[email protected]

# @clerk/chrome-extension
npm i @clerk/[email protected]

# @clerk/clerk-js
npm i @clerk/[email protected]

# eslint-config-custom
npm i [email protected]

# @clerk/clerk-expo
npm i @clerk/[email protected]

# @clerk/fastify
npm i @clerk/[email protected]

# gatsby-plugin-clerk
npm i [email protected]

# @clerk/localizations
npm i @clerk/[email protected]

# @clerk/nextjs
npm i @clerk/[email protected]

# @clerk/clerk-react
npm i @clerk/[email protected]

# @clerk/remix
npm i @clerk/[email protected]

# @clerk/clerk-sdk-node
npm i @clerk/[email protected]

# @clerk/shared
npm i @clerk/[email protected]

# @clerk/themes
npm i @clerk/[email protected]

# @clerk/types
npm i @clerk/[email protected]

[clerk-cookie]

This PR has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.