Additional checks for validity and in validator
* Properly check nbf and exp claims in token to determine simple validity. * Properly check nbf and exp claims in validator and throw exceptions if expired/not yet valid.
This commit is contained in:
parent
369514589f
commit
f83998e6c7
@ -70,6 +70,14 @@ class JWTToken
|
||||
$this->valid = false;
|
||||
}
|
||||
}
|
||||
|
||||
if ($this->header->has('nbf')) {
|
||||
$nbf = intval($this->header->get('nbf'));
|
||||
if ($nbf >= time()) {
|
||||
// Invalid if before
|
||||
$this->valid = false;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -47,6 +47,18 @@ class JWTValidator
|
||||
throw new JWTTokenException("The token is not valid");
|
||||
}
|
||||
|
||||
if ($token->claims->has("nbf")) {
|
||||
$notBefore = intval($token->claims->get("nbf"));
|
||||
if (time() < $notBefore)
|
||||
throw new JWTTokenException("Token not yet valid");
|
||||
}
|
||||
|
||||
if ($token->claims->has("exp")) {
|
||||
$notAfter = intval($token->claims->get("exp"));
|
||||
if (time() > $notAfter)
|
||||
throw new JWTTokenException("Token no longer valid");
|
||||
}
|
||||
|
||||
if (!$token->header->hasAll($this->requireHeaders)) {
|
||||
throw new JWTHeaderException("The token is missing one or more required headers");
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user