Token used before issued

[elaine-jackson]

Describe the problem

When a Token is issued it is not immediately usable. When developing with Go 1.18 on Windows I frequently have to resync to NTP or the token appears to of been used before it was issued.

What was the expected behavior?

Tokens should have a backdated issue date (by at least a few seconds) to avoid time-drift causing users to use the token before it was used. This could have a serious impact on a production environment.

StackOverflow has a nice writeup on this bug https://stackoverflow.com/questions/60480824/auth0-jwt-authentication-error-parsing-token-token-used-before-issued

Reproduction

Develop an application with React Auth0 and Go JWT Middleware and try to login.

Environment

Windows 11 and Go 1.18 with JetBrains GoLand as my IDE and running the application.