azure-cli: inability to login using my az cli: The ID token is not yet valid

This is autogenerated. Please review and update as needed.

Describe the bug

Command Name az login

Errors:

The command failed with an unexpected error. Here is the traceback:
0. The ID token is not yet valid. Current epoch = 1637312587.  The id_token was: {
  "aud": "04b07795-8ddb-461a-bbee-02f9e1bf7b46",
  "iss": "https://login.microsoftonline.com/f8cdef31-a31e-4b4a-93e4-5f571e91255a/v2.0",
  "iat": 1637312767,
  "nbf": 1637312767,
  "exp": 1637316667,
  "aio": "AYQAe/8TAAAAXxxvn6DrU9RWHJigp8yG/nLnqpsAiSI1PT4JYVKr9KaOtWlanv4hQnrTnnCWT1GfeHzNd55etkPhBtBS2maOKp/ugYH40Xbxg0FnIxKCKHOY0zk1IKpxER8WvjlWXW9k8SnAbpgMyHpb+jTbtPT4iPLZsDXNKhhKAPecULsFT5Q=",
  "idp": "https://sts.windows.net/9188040d-6c67-4c5b-b112-36a304b66dad/",
  "nonce": "112ebefa08862dabfc035f5f5c32f91447d26a365aca586d962973f5c1d7fc18",
  "preferred_username": "catherinechinwe@gmail.com",
  "prov_data": [
    {
      "at": true,
      "prov": "github.com",
      "altsecid": "68647459"
    }
  ],
  "rh": "0.AWAAMe_N-B6jSkuT5F9XHpElWpV3sATbjRpGu-4C-eG_e0YBABs.",
  "sub": "z3pT9ehkPuxq0bHMHq_5D255yNVtiIcRfpzNooOlDnQ",
  "tid": "f8cdef31-a31e-4b4a-93e4-5f571e91255a",
  "uti": "4_h7M1KCPkuCWRrkEj3yAA",
  "ver": "2.0"
}
Traceback (most recent call last):
  File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\knack/cli.py", line 231, in invoke
  File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/__init__.py", line 657, in execute
  File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/__init__.py", line 720, in _run_jobs_serially
  File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/__init__.py", line 691, in _run_job
  File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/__init__.py", line 328, in __call__
  File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/command_operation.py", line 121, in handler
  File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/command_modules/profile/custom.py", line 145, in login
  File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/_profile.py", line 155, in login
  File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/auth/identity.py", line 121, in login_with_auth_code
  File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\msal/application.py", line 1488, in acquire_token_interactive
  File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\msal/oauth2cli/oidc.py", line 280, in obtain_token_by_browser
  File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\msal/oauth2cli/oauth2.py", line 660, in obtain_token_by_browser
  File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\msal/application.py", line 135, in obtain_token_by_auth_code_flow
  File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\msal/oauth2cli/oidc.py", line 204, in obtain_token_by_auth_code_flow
  File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\msal/oauth2cli/oauth2.py", line 548, in obtain_token_by_auth_code_flow
  File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\msal/oauth2cli/oauth2.py", line 714, in _obtain_token_by_authorization_code
  File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\msal/oauth2cli/oidc.py", line 115, in _obtain_token
  File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\msal/oauth2cli/oauth2.py", line 771, in _obtain_token
  File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\msal/application.py", line 523, in <lambda>
  File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\msal/token_cache.py", line 307, in add
  File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\msal/token_cache.py", line 113, in add
  File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\msal/token_cache.py", line 152, in __add
  File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\msal/oauth2cli/oidc.py", line 76, in decode_id_token
RuntimeError: 0. The ID token is not yet valid. Current epoch = 1637312587.  The id_token was: {
  "aud": "04b07795-8ddb-461a-bbee-02f9e1bf7b46",
  "iss": "https://login.microsoftonline.com/f8cdef31-a31e-4b4a-93e4-5f571e91255a/v2.0",
  "iat": 1637312767,
  "nbf": 1637312767,
  "exp": 1637316667,
  "aio": "AYQAe/8TAAAAXxxvn6DrU9RWHJigp8yG/nLnqpsAiSI1PT4JYVKr9KaOtWlanv4hQnrTnnCWT1GfeHzNd55etkPhBtBS2maOKp/ugYH40Xbxg0FnIxKCKHOY0zk1IKpxER8WvjlWXW9k8SnAbpgMyHpb+jTbtPT4iPLZsDXNKhhKAPecULsFT5Q=",
  "idp": "https://sts.windows.net/9188040d-6c67-4c5b-b112-36a304b66dad/",
  "nonce": "112ebefa08862dabfc035f5f5c32f91447d26a365aca586d962973f5c1d7fc18",
  "preferred_username": "catherinechinwe@gmail.com",
  "prov_data": [
    {
      "at": true,
      "prov": "github.com",
      "altsecid": "68647459"
    }
  ],
  "rh": "0.AWAAMe_N-B6jSkuT5F9XHpElWpV3sATbjRpGu-4C-eG_e0YBABs.",
  "sub": "z3pT9ehkPuxq0bHMHq_5D255yNVtiIcRfpzNooOlDnQ",
  "tid": "f8cdef31-a31e-4b4a-93e4-5f571e91255a",
  "uti": "4_h7M1KCPkuCWRrkEj3yAA",
  "ver": "2.0"
}

To Reproduce:

Steps to reproduce the behavior. Note that argument values have been redacted, as they may contain sensitive information.

  • Put any pre-requisite steps here…
  • az login

Expected Behavior

Environment Summary

Windows-10-10.0.19041-SP0
Python 3.8.9
Installer: MSI

azure-cli 2.30.0

Additional Context

About this issue

  • Original URL
  • State: closed
  • Created 3 years ago
  • Comments: 22 (10 by maintainers)

Most upvoted comments

It works now, thanks!

As the error suggested: Current epoch = 1635894218. This is 2021-11-2 23:03:38 UTC (converted using https://www.epochconverter.com/).

This issue was raised at 2021-11-2 21:57 UTC. Make sure the local time of you machine is correctly set.

It works for me to force time zone synchronization

sudo apt-get install ntpdate
sudo ntpdate pool.ntp.org

Had the same issue on WSL2, which the clock was out of sync. Solved it by running /usr/sbin/hwclock -s

For people who use WSL2 and Azure CLI, there is an active issue “WSL2 date incorrect after waking from sleep” for now https://github.com/microsoft/WSL/issues/8204

You can verify if time matches with this command:

Get-Date; wsl date

And this workaround works for me - It set up a Windows scheduled task to update Ubuntu datetime when machine wake up from sleep. https://github.com/microsoft/WSL/issues/4149?msclkid=3196b9f8d15511ecb5358aec6729b48c#issuecomment-987821675

I see what is going on. https://www.epochconverter.com/ is actually showing the local computer time! Could you try to adjust your computer’s time according to https://time.is/ ?