fix: use utc for token expiry timestamps #47 (#49)

Author: slightfoot

packages/clerk_auth/lib/src/clerk_api/api.dart

@@ -494,7 +494,7 @@ class Api with Logging {
 
     await sessionToken(); // make sure updated
 
-    final diff = _tokenCache.sessionTokenExpiry.difference(DateTime.now());
+    final diff = _tokenCache.sessionTokenExpiry.difference(DateTime.timestamp());
     final delay = diff.isNegative ? const Duration(seconds: 55) : diff;
     _pollTimer = Timer(delay, _pollForSessionToken);
   }

packages/clerk_auth/lib/src/clerk_api/token_cache.dart

@@ -18,7 +18,8 @@ class TokenCache {
   final String _publicKey;
   final Persistor _persistor;
 
-  DateTime _sessionTokenExpiry = DateTime.fromMillisecondsSinceEpoch(0);
+  DateTime _sessionTokenExpiry =
+      DateTime.fromMillisecondsSinceEpoch(0, isUtc: true);
 
   /// the date at which, if in the future, the current [sessionToken]
   /// is due to expire
@@ -38,7 +39,7 @@ class TokenCache {
       clientToken.isNotEmpty && sessionId.isNotEmpty;
 
   bool get _sessionTokenHasExpired =>
-      DateTime.now().isAfter(sessionTokenExpiry);
+      DateTime.timestamp().isAfter(sessionTokenExpiry);
 
   String get _sessionIdKey => '_clerkSessionId_${_publicKey.hashCode}';
 
@@ -67,6 +68,7 @@ class TokenCache {
     final milliseconds = await _persistor.read(_sessionTokenExpiryKey) ?? '';
     final sessionTokenExpiry = DateTime.fromMillisecondsSinceEpoch(
       int.tryParse(milliseconds) ?? 0,
+      isUtc: true,
     );
 
     _sessionId = sessionId;
@@ -81,7 +83,7 @@ class TokenCache {
     _sessionId = '';
     _clientToken = '';
     _sessionToken = '';
-    _sessionTokenExpiry = DateTime.fromMillisecondsSinceEpoch(0);
+    _sessionTokenExpiry = DateTime.fromMillisecondsSinceEpoch(0, isUtc: true);
     for (final key in _persistorKeys) {
       _persistor.delete(key);
     }
@@ -127,7 +129,9 @@ class TokenCache {
       final expirySeconds = jwt.payload['exp'];
       if (expirySeconds is int) {
         final expiry = DateTime.fromMillisecondsSinceEpoch(
-            expirySeconds * Duration.millisecondsPerSecond);
+          expirySeconds * Duration.millisecondsPerSecond,
+          isUtc: true,
+        );
         _sessionTokenExpiry = expiry.subtract(_tokenExpiryBuffer);
         _sessionToken = token;
         _persistor.write(_sessionTokenKey, token);

packages/clerk_auth/lib/src/clerk_auth/auth.dart

@@ -353,7 +353,7 @@ class Auth {
       if (client.user is User) return client;
 
       final expiry = client.signIn?.firstFactorVerification?.expireAt;
-      if (expiry?.isAfter(DateTime.now()) != true) {
+      if (expiry?.isAfter(DateTime.timestamp()) != true) {
         throw AuthError(
             message: 'Awaited user action not completed in required timeframe');
       }

packages/clerk_auth/lib/src/models/helpers.dart

@@ -3,7 +3,7 @@ import 'package:clerk_auth/clerk_auth.dart';
 /// Convert a value to a [DateTime?]. For JsonSerializable
 DateTime? intToDateTime(dynamic input) {
   if (input is num) {
-    return DateTime.fromMillisecondsSinceEpoch(input.toInt());
+    return DateTime.fromMillisecondsSinceEpoch(input.toInt(), isUtc: true);
   }
   return null;
 }

packages/clerk_auth/test/integration/clerk_api/sign_in_test.dart

@@ -9,8 +9,9 @@ void main() {
   late final Api api;
   late final TestEnv env;
   final httpClient = TestHttpClient();
-  final expireAt =
-      DateTime.now().add(const Duration(minutes: 5)).millisecondsSinceEpoch;
+  final expireAt = DateTime.timestamp() //
+      .add(const Duration(minutes: 5))
+      .millisecondsSinceEpoch;
 
   setUpAll(() async {
     env = TestEnv('.env.test');

packages/clerk_auth/test/integration/clerk_api/sign_up_test.dart

@@ -14,8 +14,9 @@ void main() {
   late final Api api;
   late final TestEnv env;
   final httpClient = TestHttpClient();
-  final expireAt =
-      DateTime.now().add(const Duration(minutes: 5)).millisecondsSinceEpoch;
+  final expireAt = DateTime.timestamp() //
+      .add(const Duration(minutes: 5))
+      .millisecondsSinceEpoch;
 
   String emailAddress = '';
   String phoneNumber = '';

packages/clerk_auth/test/integration/clerk_api/user_details_test.dart

@@ -14,8 +14,9 @@ void main() {
   late final Api api;
   late final TestEnv env;
   final httpClient = TestHttpClient();
-  final expireAt =
-      DateTime.now().add(const Duration(minutes: 5)).millisecondsSinceEpoch;
+  final expireAt = DateTime.timestamp() //
+      .add(const Duration(minutes: 5))
+      .millisecondsSinceEpoch;
 
   setUpAll(() async {
     env = TestEnv('.env.test');

packages/clerk_auth/test/integration/clerk_auth/sign_in_test.dart

@@ -8,7 +8,7 @@ void main() {
   late final Auth auth;
   late final TestEnv env;
   final httpClient = TestHttpClient();
-  final expireAt = DateTime.now() //
+  final expireAt = DateTime.timestamp() //
       .add(const Duration(minutes: 5))
       .millisecondsSinceEpoch;
 

packages/clerk_auth/test/integration/clerk_auth/sign_up_test.dart

@@ -9,7 +9,7 @@ void main() {
   late final Auth auth;
   late final TestEnv env;
   final httpClient = TestHttpClient();
-  final expireAt = DateTime.now() //
+  final expireAt = DateTime.timestamp() //
       .add(const Duration(minutes: 5))
       .millisecondsSinceEpoch;