Description
Hi
I tried to use this lib on a testing project. It works great at first but after some times (more than 2hours), I get HTTP errors (401 : Unauthorize) without any reason.
PS : I'm using autofact to inject the lib.
I tried different things to fix the issue but I think there is a problem with your method that verify if the token is valid.
https://github.com/ilovepdf/ilovepdf-net/blob/master/ILovePDF/ILovePDF/Core/RequestHelper.cs
private Boolean isExpiredGwt()
{
try
{
JWT.Decode(Gwt, _privateKey, JwsAlgorithm.HS256);
return false;
}
catch (Exception)
{
return true;
}
}It seems that the "JWT.Decode" function doesn't check if the token is expired, it only check if the token is valid on himself
https://github.com/dvsekhvalnov/jose-jwt/blob/1f49ec31134e297c1c3ae9fbd2234181f25bd43d/jose-jwt/JWT.cs
I forked the project to modify the code and generate token for each call and it seems to work like that
private void addAuthorizationHeader(HttpClient httpClient)
{
Gwt = getJwt();
httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", Gwt);
}A better fix would be to verify if the decoded token is valid thanks to his "exp" property.