disabled to validate time if renew request came from nats

go.mod

@@ -15,7 +15,7 @@ require (
 	github.com/jordic/lti v0.0.0-20160211051708-2c756eacbab9
 	github.com/livekit/protocol v1.23.0
 	github.com/livekit/server-sdk-go/v2 v2.2.1
-	github.com/mynaparrot/plugnmeet-protocol v0.0.0-20240926075044-4529617890be
+	github.com/mynaparrot/plugnmeet-protocol v0.0.0-20240926112458-cc5174cda27c
 	github.com/nats-io/jwt/v2 v2.7.0
 	github.com/nats-io/nats.go v1.37.0
 	github.com/nats-io/nkeys v0.4.7

go.sum

@@ -124,8 +124,8 @@ github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWE
 github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
 github.com/mattn/go-runewidth v0.0.16 h1:E5ScNMtiwvlvB5paMFdw9p4kSQzbXFikJ5SQO6TULQc=
 github.com/mattn/go-runewidth v0.0.16/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w=
-github.com/mynaparrot/plugnmeet-protocol v0.0.0-20240926075044-4529617890be h1:ffqzI3HgXDgppf/qco3zWH0wyfPgEOyif8vSnucncqI=
-github.com/mynaparrot/plugnmeet-protocol v0.0.0-20240926075044-4529617890be/go.mod h1:KqW+y5FgJfyZ1g8gnGc9AiUxjiOoMazk6JSm1dqd9tc=
+github.com/mynaparrot/plugnmeet-protocol v0.0.0-20240926112458-cc5174cda27c h1:Ohzqe8LT/9KdT29JcFU0QccIRomxTkVZ2c0Frr4VvBU=
+github.com/mynaparrot/plugnmeet-protocol v0.0.0-20240926112458-cc5174cda27c/go.mod h1:KqW+y5FgJfyZ1g8gnGc9AiUxjiOoMazk6JSm1dqd9tc=
 github.com/nats-io/jwt/v2 v2.7.0 h1:J+ZnaaMGQi3xSB8iOhVM5ipiWCDrQvgEoitTwWFyOYw=
 github.com/nats-io/jwt/v2 v2.7.0/go.mod h1:ZdWS1nZa6WMZfFwwgpEaqBV8EPGVgOTDHN/wTbz0Y5A=
 github.com/nats-io/nats.go v1.37.0 h1:07rauXbVnnJvv1gfIyghFEo6lUcYRY0WXc3x7x0vUxE=

pkg/controllers/auth.go

@@ -133,7 +133,7 @@ func HandleVerifyHeaderToken(c *fiber.Ctx) error {
 		return utils.SendCommonProtoJsonResponse(c, false, "Authorization header is missing")
 	}
 
-	claims, err := m.VerifyPlugNmeetAccessToken(authToken)
+	claims, err := m.VerifyPlugNmeetAccessToken(authToken, true)
 	if err != nil {
 		_ = c.SendStatus(errStatus)
 		return utils.SendCommonProtoJsonResponse(c, false, err.Error())

pkg/controllers/nats_auth_controller.go

@@ -55,7 +55,7 @@ func (s *NatsAuthController) handleClaims(req *jwt.AuthorizationRequestClaims) (
 	claims.Audience = s.app.NatsInfo.Account
 
 	// check the info first
-	data, err := s.authModel.VerifyPlugNmeetAccessToken(req.ConnectOptions.Token)
+	data, err := s.authModel.VerifyPlugNmeetAccessToken(req.ConnectOptions.Token, true)
 	if err != nil {
 		return nil, err
 	}

pkg/models/auth_pnm.go

@@ -10,13 +10,13 @@ func (m *AuthModel) GeneratePNMJoinToken(c *plugnmeet.PlugNmeetTokenClaims) (str
 	return auth.GeneratePlugNmeetJWTAccessToken(m.app.Client.ApiKey, m.app.Client.Secret, c.UserId, *m.app.Client.TokenValidity, c)
 }
 
-func (m *AuthModel) VerifyPlugNmeetAccessToken(token string) (*plugnmeet.PlugNmeetTokenClaims, error) {
-	return auth.VerifyPlugNmeetAccessToken(m.app.Client.ApiKey, m.app.Client.Secret, token)
+func (m *AuthModel) VerifyPlugNmeetAccessToken(token string, withTime bool) (*plugnmeet.PlugNmeetTokenClaims, error) {
+	return auth.VerifyPlugNmeetAccessToken(m.app.Client.ApiKey, m.app.Client.Secret, token, withTime)
 }
 
 // RenewPNMToken we'll renew token
-func (m *AuthModel) RenewPNMToken(token string) (string, error) {
-	claims, err := m.VerifyPlugNmeetAccessToken(token)
+func (m *AuthModel) RenewPNMToken(token string, withTime bool) (string, error) {
+	claims, err := m.VerifyPlugNmeetAccessToken(token, withTime)
 	if err != nil {
 		return "", err
 	}

pkg/models/nats_system.go

@@ -10,7 +10,11 @@ import (
 )
 
 func (m *NatsModel) RenewPNMToken(roomId, userId, token string) {
-	token, err := m.authModel.RenewPNMToken(token)
+	// to renew token, we can avoid it to check expiry
+	// because in may case because of network related issues,
+	// the client was not able to renew token
+	// as renew request is coming from nats, so it should be secure
+	token, err := m.authModel.RenewPNMToken(token, false)
 	if err != nil {
 		log.Errorln(err)
 		return