From ffefd91ac2052ed193357f5bb43e789803faa540 Mon Sep 17 00:00:00 2001
From: danglduy <38782010+danglduy@users.noreply.github.com>
Date: Thu, 16 Jun 2022 10:35:19 +0700
Subject: [PATCH 1/2] Check float values of `time` in `time_within_drift?/2`

---
 CHANGELOG.md                     |  6 ++++++
 lib/guardian/token/verify.ex     |  4 ++--
 test/guardian/token/jwt_test.exs | 10 ++++++++++
 3 files changed, 18 insertions(+), 2 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 699f847e5..4c7125a80 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,11 @@
 # Changelog
 
+## v2.2.4
+
+### Enhancement
+
+* Check float values of `time` in `time_within_drift?/2`.
+
 ## v2.2.3
 
 ### Enhancement
diff --git a/lib/guardian/token/verify.ex b/lib/guardian/token/verify.ex
index 3aff42e6b..a875f54c7 100644
--- a/lib/guardian/token/verify.ex
+++ b/lib/guardian/token/verify.ex
@@ -39,7 +39,7 @@ defmodule Guardian.Token.Verify do
     end
   end
 
-  @spec time_within_drift?(mod :: module, time :: pos_integer) :: true | false
+  @spec time_within_drift?(mod :: module, time :: pos_integer | float) :: true | false
   @doc """
   Checks that a time value is within the `allowed_drift` as
   configured for the provided module.
@@ -49,7 +49,7 @@ defmodule Guardian.Token.Verify do
 
   This is to deal with clock skew.
   """
-  def time_within_drift?(mod, time) when is_integer(time) do
+  def time_within_drift?(mod, time) when is_integer(time) or is_float(time) do
     allowed_drift = apply(mod, :config, [:allowed_drift, 0]) / 1000
     diff = abs(time - Guardian.timestamp())
     diff <= allowed_drift
diff --git a/test/guardian/token/jwt_test.exs b/test/guardian/token/jwt_test.exs
index 906a8d7cd..091b779ff 100644
--- a/test/guardian/token/jwt_test.exs
+++ b/test/guardian/token/jwt_test.exs
@@ -362,11 +362,21 @@ defmodule Guardian.Token.JwtTest do
       assert {:error, :token_expired} = Jwt.verify_claims(ctx.impl, claims, [])
     end
 
+    test "it is invalid when exp is a float and too early", ctx do
+      claims = Map.put(ctx.claims, "exp", Guardian.timestamp() * 1.0 - 1)
+      assert {:error, :token_expired} = Jwt.verify_claims(ctx.impl, claims, [])
+    end
+
     test "it is invalid when nbf is too late", ctx do
       claims = Map.put(ctx.claims, "nbf", Guardian.timestamp() + 5)
       assert {:error, :token_not_yet_valid} = Jwt.verify_claims(ctx.impl, claims, [])
     end
 
+    test "it is invalid when nbf is a float and too late", ctx do
+      claims = Map.put(ctx.claims, "nbf", Guardian.timestamp() * 1.0 + 5)
+      assert {:error, :token_not_yet_valid} = Jwt.verify_claims(ctx.impl, claims, [])
+    end
+
     test "it is invalid when the issuer is not correct", ctx do
       claims = Map.put(ctx.claims, "iss", "someone-else")
       assert {:error, :invalid_issuer} = Jwt.verify_claims(ctx.impl, claims, [])

From a00f4ba92dba4e2266d94c43303d1ade75ee87c0 Mon Sep 17 00:00:00 2001
From: danglduy <38782010+danglduy@users.noreply.github.com>
Date: Thu, 16 Jun 2022 10:44:45 +0700
Subject: [PATCH 2/2] Bump version in mix.exs

---
 mix.exs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/mix.exs b/mix.exs
index 8056a7e41..b9f4935d9 100644
--- a/mix.exs
+++ b/mix.exs
@@ -2,7 +2,7 @@ defmodule Guardian.Mixfile do
   @moduledoc false
   use Mix.Project
 
-  @version "2.2.3"
+  @version "2.2.4"
   @url "https://github.com/ueberauth/guardian"
   @maintainers [
     "Daniel Neighman",