Draft: FAPI2: Test Clock Skew In 'private_key_jwt' Client Assertions (!1403) · Merge requests · OpenID Foundation / conformance-suite · GitLab

Alan Smillie requested to merge issue-1351-jwt-skew into master Jun 27, 2024

As per 'https://bitbucket.org/openid/fapi/pull-requests/497/diff' introduce tests to check, at the PAR endpoint, valid handling of clock skew in client assertions.

Tests check that:

Client assertions containing an nbf < 10 seconds in the future are accepted.
Client assertions containing an nbf > 60 seconds in the future are rejected.

Closes #1351

Edited Jun 27, 2024 by Alan Smillie