aws-aspnet-cognito-identity-provider
aws-aspnet-cognito-identity-provider copied to clipboard
Fix a UTC Time conversion bug
The UTC time offset is currently converted straight to a DateTime in the computer's local timezone. It is then passed into the CognitoUserSession constructor, where it is converted to a universal time. If you're in a timezone +'ve of UTC this means that IsValid on the CognitoUserSession will always return false, which breaks a number of other methods in the User Manager (anything that checks for authentication).
Issue #, if available:
On Line 168 of CognitoUserManager this line of code exists:
user.SessionTokens = new CognitoUserSession(idToken, accessToken, refreshToken, result.Properties.IssuedUtc.Value.DateTime, result.Properties.ExpiresUtc.Value.DateTime);
This writes the UTC time into a local time, and then the CognitoUserSession constructer makes that local time a UTC time. This means that the time written to the CognitoUserSession for token expiry is incorrect, and if you're in a positive timezone, it means IsValid won't return true.
Description of changes:
Fixed this time conversion bug by changing .Value.DateTime
to .Value.UtcDateTime
.
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.