fix jwt test (#8873)

* fix jwt test

* update

content/en/docs/tasks/security/authentication/authn-policy/index.md

@@ -491,19 +491,22 @@ Download the [jwcrypto](https://pypi.org/project/jwcrypto) library,
 if you haven't installed it on your system.
 {{< /tip >}}
 
+The JWT authentication has 60 seconds clock skew, this means the JWT token will become valid 60 seconds earlier than
+its configured `nbf` and remain valid 60 seconds after its configured `exp`.
+
 For example, the command below creates a token that
-expires in 5 seconds. As you see, Istio authenticates requests using that token successfully at first but rejects them after 5 seconds:
+expires in 5 seconds. As you see, Istio authenticates requests using that token successfully at first but rejects them after 65 seconds:
 
 {{< text bash >}}
 $ TOKEN=$(python3 ./gen-jwt.py ./key.pem --expire 5)
-$ for i in $(seq 1 10); do curl --header "Authorization: Bearer $TOKEN" "$INGRESS_HOST:$INGRESS_PORT/headers" -s -o /dev/null -w "%{http_code}\n"; sleep 1; done
+$ for i in $(seq 1 10); do curl --header "Authorization: Bearer $TOKEN" "$INGRESS_HOST:$INGRESS_PORT/headers" -s -o /dev/null -w "%{http_code}\n"; sleep 10; done
+200
+200
 200
 200
 200
 200
 200
-401
-401
 401
 401
 401

content/en/docs/tasks/security/authentication/authn-policy/snips.sh

@@ -412,7 +412,7 @@ wget --no-verbose https://raw.githubusercontent.com/istio/istio/release-1.9/secu
 
 snip_enduser_authentication_10() {
 TOKEN=$(python3 ./gen-jwt.py ./key.pem --expire 5)
-for i in $(seq 1 10); do curl --header "Authorization: Bearer $TOKEN" "$INGRESS_HOST:$INGRESS_PORT/headers" -s -o /dev/null -w "%{http_code}\n"; sleep 1; done
+for i in $(seq 1 10); do curl --header "Authorization: Bearer $TOKEN" "$INGRESS_HOST:$INGRESS_PORT/headers" -s -o /dev/null -w "%{http_code}\n"; sleep 10; done
 }
 
 ! read -r -d '' snip_enduser_authentication_10_out <<\ENDSNIP
@@ -421,8 +421,8 @@ for i in $(seq 1 10); do curl --header "Authorization: Bearer $TOKEN" "$INGRESS_
 200
 200
 200
-401
+200
-401
+200
 401
 401
 401