Token generating the same values

[dtrinh100]

From what understand JWT should all be unique correct? I have a situation where I am creating a JWT Refresh token using this code:

        t := jwt.New()
	refreshTime := int(clock.Now().Add(refreshExpireDuration).Unix())
	_ := t.Set("id", id)
	_ = t.Set(jwt.ExpirationKey, refreshTime )
	token, _ = jwt.Sign(t, jwa.HS256, []byte(JWTSECRET))

The code then returns to be a token, but I noticed that all the tokens were the same. Am I doing something here? For example, is the JWTSECRET supposed to be randomly generated each time?

[lestrrat]

HS256 generates a signature using a hashing algorithm, so if the keys are the same and the contents are the same, they would create the same signature. If the content differs and the signatures are the same, that would be a problem. Please also be aware that token in your snippet above would be very similar each time you generate it, so I'd check using a program instead of you checking your eyes (just checking)