- **CRITICAL**: Fixed JwtService.toEpoch() and fromEpoch() producing incorrect epoch seconds on non-UTC servers. The ISO-8601 baseline string combined with dateConvert("utc2local", ...) caused a double timezone shift. Now uses parseDateTime("1970-01-01T00:00:00Z") directly, producing correct JWT iat/exp claims on any server timezone. (Affects versions 3.5.0–3.7.0)

Author: lmajano

.cfconfig.json

@@ -22,7 +22,7 @@
             "clob":"true",
 			"connectionLimit":"100",
             "connectionTimeout":"1",
-            "custom":"useUnicode=true&characterEncoding=UTF8&serverTimezone=UTC&useLegacyDatetimeCode=true&autoReconnect=true&useSSL=false&allowPublicKeyRetrieval=true",
+            "custom":"useUnicode=true&characterEncoding=UTF-8&connectionTimeZone=UTC&forceConnectionTimeZoneToSession=true&useSSL=false&allowPublicKeyRetrieval=true&useServerPrepStmts=false&cachePrepStmts=false",
             "database":"cbsecurity",
             "dbdriver":"MySQL",
             "dsn":"jdbc:mysql://{host}:{port}/{database}",

changelog.md

@@ -9,6 +9,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+### Fixed
+
+- **CRITICAL**: Fixed `JwtService.toEpoch()` and `fromEpoch()` producing incorrect epoch seconds on non-UTC servers. The ISO-8601 baseline string combined with `dateConvert("utc2local", ...)` caused a double timezone shift. Now uses `parseDateTime("1970-01-01T00:00:00Z")` directly, producing correct JWT `iat`/`exp` claims on any server timezone. (Affects versions 3.5.0–3.7.0)
+
 ## [3.7.0] - 2026-01-14
 
 ### Changed

models/jwt/JwtService.cfc

@@ -652,7 +652,7 @@ component accessors="true" singleton threadsafe {
 	function toEpoch( required target ){
 		return dateDiff(
 			"s",
-			dateConvert( "utc2local", "1970-01-01T00:00:00" ),
+			parseDateTime( "1970-01-01T00:00:00Z" ),
 			arguments.target
 		);
 	}
@@ -665,8 +665,8 @@ component accessors="true" singleton threadsafe {
 	function fromEpoch( required target ){
 		return dateAdd(
 			"s",
-			arguments.target, // should be in utc
-			dateConvert( "utc2local", "1970-01-01T00:00:00" )
+			arguments.target,
+			parseDateTime( "1970-01-01T00:00:00Z" )
 		);
 	}
 

server-boxlang-cfml@1.json

@@ -20,7 +20,7 @@
     "JVM":{
         "heapSize":"1024",
         "javaVersion":"openjdk21_jre",
-        "args":"-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=8888"
+        "args":"-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=7777"
     },
     "openBrowser":false,
     "cfconfig":{

server-boxlang-cfml@be.json

@@ -19,7 +19,7 @@
     "JVM":{
         "heapSize":"1024",
         "javaVersion":"openjdk21_jre",
-        "args":"-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=8888"
+        "args":"-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=7777"
     },
     "openBrowser": false,
     "cfconfig":{

server-boxlang@1.json

@@ -19,7 +19,7 @@
     "JVM":{
         "heapSize":"1024",
         "javaVersion":"openjdk21_jre",
-        "args":"-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=8888"
+        "args":"-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=7777"
     },
     "openBrowser": false,
     "cfconfig":{

test-harness/config/Application.cfc

@@ -2,7 +2,7 @@
 	// Configure ColdBox Application
 	function configure(){
 		// coldbox directives
-		coldbox = {
+		variables.coldbox = {
 			// Application Setup
 			appName                 : "Module Tester",
 			// Development Settings
@@ -31,21 +31,13 @@
 		// environment settings, create a detectEnvironment() method to detect it yourself.
 		// create a function with the name of the environment so it can be executed if that environment is detected
 		// the value of the environment is a list of regex patterns to match the cgi.http_host.
-		environments = { development : "localhost,127\.0\.0\.1" };
-
-		// Module Directives
-		modules = {
-			// An array of modules names to load, empty means all of them
-			include : [],
-			// An array of modules names to NOT load, empty means none
-			exclude : []
-		};
+		variables.environments = { development : "localhost,127\.0\.0\.1" };
 
 		// Register interceptors as an array, we need order
-		interceptors = [];
+		variables.interceptors = [];
 
 		// LogBox DSL
-		logBox = {
+		variables.logBox = {
 			// Define Appenders
 			appenders : {
 				files : {
@@ -62,10 +54,10 @@
 		};
 
 		// Module Settings
-		moduleSettings = {
+		variables.moduleSettings = {
 			// CBDebugger
 			cbdebugger : {
-				modules  : { enabled : true, expanded : false }
+				modules  : { enabled : false, expanded : false }
 			},
 			// CB Auth
 			cbAuth     : { userServiceClass : "UserService" },

test-harness/config/Coldbox.cfc

@@ -37,11 +37,11 @@ component {
 	}
 
 	function toEpoch( required target ){
-		return dateDiff( "s", dateConvert( "utc2local", "1970-01-01T00:00:00Z" ), arguments.target );
+		return dateDiff( "s", parseDateTime( "1970-01-01T00:00:00Z" ), arguments.target );
 	}
 
 	function fromEpoch( required target ){
-		return dateAdd( "s", arguments.target, dateConvert( "utc2local", "1970-01-01T00:00:00Z" ) );
+		return dateAdd( "s", arguments.target, parseDateTime( "1970-01-01T00:00:00Z" ) );
 	}
 
 }