OpenTok JWT认证错误

当对opentok REST API执行REST请求时，我得到的是我的jwt令牌已过期

我想了想，对服务器执行了一个虚拟请求 为了获取服务器日期，通过使用来自服务器的相同日期作为令牌过期时间，我能够列出属于会话的视频

这显然是错误的，iat时间和exp时间不应与服务器日期匹配

可能的解决办法：

A用户应该能够指定其服务器时区，OpenTok REST服务器应该与为给定项目配置的时区相关的日期相匹配

b忽略IAT，考虑秒的有效时间。

谢谢

补丁

/**
 * Useless class used to fix bugs and solve single session archive fetching
 * issue in opentok.
 * 
 * This class also implements JWT in order to comply with the new authentication
 * system that will be in use during July of 2017.
 * 
 * A problem was also detected when trying to authenticate (date issue)
 *
 * @see https://github.com/opentok/OpenTok-PHP-SDK/issues/172
 * @see https://stackoverflow.com/questions/44768499/opentok-jwt-authenticacion-bug
 * 
 * @author Federico Stange <jpfstange@gmail.com>
 */

namespace stange\opentok;

use \Firebase\JWT\JWT;
use \Guzzle\Common\Event;
use \OpenTok\Util\Client as OpenTokClient;

class OTAuthPlugin extends \OpenTok\Util\Plugin\PartnerAuth{

    private $timestamp = null;

    public static function getSubscribedEvents(){
        return array('request.before_send' => 'onBeforeSend');
    }

    public function setTimestamp($time){
        $this->timestamp =$time;
        return $this;
    }

    public function getTimestamp(){
        return $this->timestamp;
    }

    public function onBeforeSend(Event $event){

        $event['request']->addHeader(
                'X-OPENTOK-AUTH', 
                $this->createAuthHeader()
        );

    }

    private function createAuthHeader(){

        $token = array(
            'ist' => 'project',
            'iss' => $this->apiKey,
            'iat' => $this->timestamp,
            'exp' => $this->timestamp+180,
            'jti' => uniqid()
        );

        return JWT::encode($token, $this->apiSecret);

    }

}

class Client extends OpenTokClient{

    public function configure($apiKey, $apiSecret, $apiUrl){
        $this->apiKey = $apiKey;
        $this->apiSecret = $apiSecret;
        $this->setBaseUrl($apiUrl);
        $this->setUserAgent(OPENTOK_SDK_USER_AGENT, true);

        $opentokAuthPlugin = new OTAuthPlugin($apiKey, $apiSecret);
        $opentokAuthPlugin->setTimestamp($this->getServerDate());

        $this->addSubscriber($opentokAuthPlugin);

        $this->configured = true;
    }

    /** 
     * Make a request for getting the server date
     * this is a bug and it has been reported to the opentok team.
     * and to the tech support department.
     *
     *
     */

    public function getServerDate(){

        try{

            $response = $this->get(
                "/v2/project/". md5(uniqid())
            )->send();

        } catch (\Exception $e) {

            $date = $e->getResponse()->getHeader('Date')->toArray();
            $date = $date[0];

            $serverDate = \DateTime::createFromFormat(
                    "D, d M Y H:i:s e",
                    $date
            );

            return $serverDate->getTimestamp();

        }

        return $serverDate;

    }

    public function listArchivesInSession($sessionId){
        $url = "/v2/project/{$this->apiKey}/archive?sessionId=$sessionId";
        $request = $this->get($url);
        return $request->send()->json();
    }

}

---

这表示服务器上的时钟未正确同步。从2.5.0版开始的PHPSDK已经实现了JWT，并且已经被证明工作正常。我建议您升级到v2.5.0，并确保服务器时钟准确无误