Not a question really (except has anything changed?) more an observation
I have always set my JWT Dates as follows (I'm sure that is in a demo somewhere)
JWT.Claims.IssuedAt := TTimeZone.local.ToUniversalTime(Now);
JWT.Claims.Expiration := TTimeZone.local.ToUniversalTime(IncMinute(Now, JWT_VALID_FOR));
And this was fine when the JWT was consumed by a WebCore App where the date was converted using
Epoch := toInteger(Obj.Properties['exp']);
Result := TJSDate.New(Epoch * 1000);
However, I have been creating a JWT (using Bcl.Jose.Types.JSON) for submission to a third party service and it is always showing as expired.
It turns out that
class procedure TJSONUtils.SetJSONRttiValue(const AName: string; const AValue: TValue; AJSON: TJSONObject);
in that unit makes a call to
DateTimeToUnix(AValue.AsType<TDateTime>, False)
with the arguement AInputIsUTC set to false, so that
TTimeZone.local.ToUniversalTime
was being called twice.