From 05113d8e06a708b4cb21c1f1300f0cd1aca7a71f Mon Sep 17 00:00:00 2001
From: peaklabs-dev <122374094+peaklabs-dev@users.noreply.github.com>
Date: Mon, 6 Jan 2025 17:28:49 +0100
Subject: [PATCH] fix: check System and GitHub time and throw and error if it
 is over 50s out of sync

---
 bootstrap/helpers/github.php | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/bootstrap/helpers/github.php b/bootstrap/helpers/github.php
index cd36845a1..3ed588bdb 100644
--- a/bootstrap/helpers/github.php
+++ b/bootstrap/helpers/github.php
@@ -14,6 +14,21 @@ use Lcobucci\JWT\Token\Builder;
 
 function generateGithubToken(GithubApp $source, string $type)
 {
+    $response = Http::get("{$source->api_url}/zen");
+    $serverTime = now();
+    $githubTime = Carbon::parse($response->header('date'));
+    $timeDiff = abs($serverTime->diffInSeconds($githubTime));
+
+    if ($timeDiff > 0) {
+        throw new \Exception(
+            "System time is out of sync with GitHub API time:\n".
+            "- System time: {$serverTime->format('Y-m-d H:i:s')} UTC\n".
+            "- GitHub time: {$githubTime->format('Y-m-d H:i:s')} UTC\n".
+            "- Difference: {$timeDiff} seconds\n".
+            'Please synchronize your system clock.'
+        );
+    }
+
     $signingKey = InMemory::plainText($source->privateKey->private_key);
     $algorithm = new Sha256;
     $tokenBuilder = (new Builder(new JoseEncoder, ChainedFormatter::default()));