Skip to content

Commit

Permalink
[ELY-2069] JWT token validation uses int instead of long for the dates:
Browse files Browse the repository at this point in the history
exp (expiration) and nbf
  • Loading branch information
ivassile committed Jan 14, 2021
1 parent fc7500d commit 1a57249
Showing 1 changed file with 10 additions and 9 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -135,16 +135,17 @@ && verifyTimeConstraints(claims)) {
}

private boolean verifyTimeConstraints(JsonObject claims) {
int currentTime = currentTimeInSeconds();
boolean expired = currentTime > claims.getInt("exp", -1);
long currentTime = currentTimeInSeconds();
if (claims.containsKey("exp")) {
boolean expired = currentTime > claims.getJsonNumber("exp").longValue();

if (expired) {
log.debug("Token expired");
return false;
if (expired) {
log.debug("Token expired");
return false;
}
}

if (claims.containsKey("nbf")) {
boolean notBefore = currentTime >= claims.getInt("nbf");
boolean notBefore = currentTime >= claims.getJsonNumber("nbf").longValue();

if (!notBefore) {
log.debugf("Token is before [%s]", notBefore);
Expand Down Expand Up @@ -314,8 +315,8 @@ private PublicKey resolvePublicKey(JsonObject headers) {
}
}

private static int currentTimeInSeconds() {
return ((int) (System.currentTimeMillis() / 1000));
private static long currentTimeInSeconds() {
return System.currentTimeMillis() / 1000;
}

public static class Builder {
Expand Down

0 comments on commit 1a57249

Please sign in to comment.