feat(jwt): Adds some more logs around expiration.

resources/prosody-plugins/luajwtjitsi.lib.lua

@@ -226,7 +226,11 @@ function M.verify(token, expectedAlgo, key, acceptedIssuers, acceptedAudiences)
 
 
 	if body.exp and os.time() >= body.exp then
-		return nil, "Not acceptable by exp ("..tostring(os.time()-body.exp)..")"
+        local extra_msg = '';
+        if body.iat then
+            extra_msg = ", valid for:"..tostring(body.exp-body.iat).." sec";
+        end
+		return nil, "Not acceptable by exp ("..tostring(os.time()-body.exp).." sec since expired"..extra_msg..")"
 	end
 
 	if body.nbf and os.time() < body.nbf then

resources/prosody-plugins/mod_auth_token.lua

@@ -55,6 +55,7 @@ function init_session(event)
 
     -- in either case set auth_token in the session
     session.auth_token = token;
+    session.user_agent_header = request.headers['user_agent'];
 end
 
 module:hook_global("bosh-session", init_session);
@@ -101,8 +102,9 @@ function provider.get_sasl_handler(session)
         local res, error, reason = token_util:process_and_verify_token(session);
         if res == false then
             module:log("warn",
-                "Error verifying token err:%s, reason:%s tenant:%s room:%s",
-                    error, reason, session.jitsi_web_query_prefix, session.jitsi_web_query_room);
+                "Error verifying token err:%s, reason:%s tenant:%s room:%s user_agent:%s",
+                    error, reason, session.jitsi_web_query_prefix, session.jitsi_web_query_room,
+                    session.user_agent_header);
             session.auth_token = nil;
             measure_verify_fail(1);
             return res, error, reason;