We have been running into invalid iat’s (issued-at time) on our Google Oauth 2 JWT’s in an internal Rails app when testing locally via WSL2. There are also plenty of reports of people getting something similar on stackoverflow and Github issues. Many of the proposed solutions involved setting the
skip-jwt flag to true on our google_oauth2 integration, but this seemed uneccesary since our application worked fine in production and most of the time when testing locally. Having an incorrect system time can cause all sorts of problems with some of the most common security protocols, so even if a code tweak would ‘fix’ our app it would not solve the underlying problem.
At MovementForward, all of our development is done on Windows 10 computers with Docker and Ubuntu running on WSL2. While investigating the time drift, I found a solution to the issue on github: https://github.com/microsoft/WSL/issues/4245.
It looks like this is a bug within WSL2 involving the way the clock in WSL2 runs during sleep and is being actively worked on.
To correct your clock, just use
sudo hwclock -s within the linux terminal or
wsl --shutdown from CMD/powershell to force WSL2 to restart on your next session.