fix bug where mytokens that are not yet valid cannot be created

CHANGELOG.md

@@ -36,6 +36,7 @@
 - Fixed PKCE code verifier length.
 - Fixed Datetimepicker issues on consent page.
 - Fixed response type if an (oidc) error occures on the redirect step of the authorization code flow.
+- Fixed a bug where mytokens that are not yet valid could not be created
 
 ## mytoken 0.3.2
 

internal/endpoints/token/mytoken/polling/pollingEndpoint.go

@@ -65,7 +65,7 @@ func handlePollingCode(req response.PollingCodeRequest, networkData api.ClientMe
 			Response: api.ErrorAuthorizationPending,
 		}
 	}
-	mt, err := mytoken.ParseJWT(token)
+	mt, err := mytoken.ParseJWTWithoutClaimsValidation(token)
 	if err != nil {
 		log.Errorf("%s", errorfmt.Full(err))
 		return model.ErrorToInternalServerErrorResponse(err)

shared/mytoken/pkg/mytoken.go

@@ -255,15 +255,31 @@ func (mt *Mytoken) ToJWT() (string, error) {
 		return mt.jwt, nil
 	}
 	var err error
-	mt.jwt, err = jwt.NewWithClaims(jwt.GetSigningMethod(config.Get().Signing.Alg), mt).SignedString(jws.GetPrivateKey())
+	mt.jwt, err = jwt.NewWithClaims(
+		jwt.GetSigningMethod(config.Get().Signing.Alg), mt,
+	).SignedString(jws.GetPrivateKey())
 	return mt.jwt, errors.WithStack(err)
 }
 
 // ParseJWT parses a token string into a Mytoken
 func ParseJWT(token string) (*Mytoken, error) {
-	tok, err := jwt.ParseWithClaims(token, &Mytoken{}, func(t *jwt.Token) (interface{}, error) {
-		return jws.GetPublicKey(), nil
-	})
+	return parseJWT(token, false)
+}
+
+// ParseJWTWithoutClaimsValidation parses a token string into a Mytoken
+func ParseJWTWithoutClaimsValidation(token string) (*Mytoken, error) {
+	return parseJWT(token, true)
+}
+
+func parseJWT(token string, skipCalimsValidation bool) (*Mytoken, error) {
+	parser := jwt.Parser{
+		SkipClaimsValidation: skipCalimsValidation,
+	}
+	tok, err := parser.ParseWithClaims(
+		token, &Mytoken{}, func(t *jwt.Token) (interface{}, error) {
+			return jws.GetPublicKey(), nil
+		},
+	)
 	if err != nil {
 		return nil, errors.WithStack(err)
 	}