"Issued at" time should allow for clock drift (#4156)

bitwiseman · web-flow · commit d862636ceccd · 2021-03-16T19:48:37.000Z
If `iat` is in the future from the server clock perspective GitHub will report an error. 
This can happen if the clock on the client system is significant out of sync with UTC and/or server time.

Adjusting `iat` to an arbitrary 60 seconds in the past means the error will not occur in cases where the client system clock is only off by a few seconds, which is not uncommon.
diff --git a/content/developers/apps/authenticating-with-github-apps.md b/content/developers/apps/authenticating-with-github-apps.md
@@ -77,8 +77,8 @@ private_key = OpenSSL::PKey::RSA.new(private_pem)
 
 # Generate the JWT
 payload = {
-  # issued at time
-  iat: Time.now.to_i,
+  # issued at time, 60 seconds in the past to allow for clock drift
+  iat: Time.now.to_i - 60,
   # JWT expiration time (10 minute maximum)
   exp: Time.now.to_i + (10 * 60),
   # {% data variables.product.prodname_github_app %}'s identifier
