mirrors/PocketMine-MP
1
0
Fork 0
mirror of https://github.com/pmmp/PocketMine-MP.git synced 2025-06-05 11:27:07 +00:00
Code Issues Projects Releases Wiki Activity

login: allow 60 seconds clock drift on login JWT

Browse Source 
can everyone please just use NTP already?
This commit is contained in:
Dylan K. Taylor 2019-01-20 15:51:29 +00:00
parent a27c9409f1
commit 47321114eb
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/pocketmine/network/mcpe/VerifyLoginTask.php
View File

@ -45,6 +45,8 @@ class VerifyLoginTask extends AsyncTask{
public const MOJANG_ROOT_PUBLIC_KEY = "MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE8ELkixyLcwlZryUQcu1TvPOmI2B7vX83ndnWRUaXm74wFfa5f/lwQNTfrLVHa2PmenpGI6JhIMUJaWZrjmMj90NoKNFSNBuKdm8rYiXsfaz3K36x/1U26HpG0ZxK/V1V";
private const CLOCK_DRIFT_MAX = 60;
/** @var LoginPacket */
private $packet;
@ -144,11 +146,11 @@ class VerifyLoginTask extends AsyncTask{
$claims = json_decode(base64_decode(strtr($payloadB64, '-_', '+/'), true), true);
$time = time();
if(isset($claims["nbf"]) and $claims["nbf"] > $time){
if(isset($claims["nbf"]) and $claims["nbf"] > $time + self::CLOCK_DRIFT_MAX){
throw new VerifyLoginException("%pocketmine.disconnect.invalidSession.tooEarly");
}
if(isset($claims["exp"]) and $claims["exp"] < $time){
if(isset($claims["exp"]) and $claims["exp"] < $time - self::CLOCK_DRIFT_MAX){
throw new VerifyLoginException("%pocketmine.disconnect.invalidSession.tooLate");
}