Share:
We fixed an issue with clock skew and our short-lived auth token for the widget. The problem was that on some user agents, the auth token looks invalid before it expires on the server. This isn’t a problem in most cases, but on some systems, the clock was skewed too far and even a fresh token looked like it had expired. The solution was to simply trust any fresh tokens that the client receives and let the server reject it if it isn’t valid.
