corrected validation of issuedAt and notBefore in token calim (#390)

SKF · Oct 23, 2023 · 225c166 · 225c166
1 parent 96f587e
commit 225c166
Showing 1 changed file with 10 additions and 12 deletions.
diff --git a/v2/auth/jwt.go b/v2/auth/jwt.go
@@ -21,18 +21,16 @@ func IsTokenValid(token string, tokenExpireDurationDiff time.Duration) bool {
 
 	ts := time.Now().Add(tokenExpireDurationDiff)
 
-	for _, claim := range []*jwt.NumericDate{
-		claims.ExpiresAt,
-		claims.IssuedAt,
-		claims.NotBefore,
-	} {
-		if claim == nil {
-			continue
-		}
-
-		if claim.Before(ts) {
-			return false
-		}
+	if claims.ExpiresAt != nil && ts.Before(claims.ExpiresAt.Time) {
+		return false
+	}
+
+	if claims.IssuedAt != nil && ts.After(claims.IssuedAt.Time) {
+		return false
+	}
+
+	if claims.NotBefore != nil && ts.After(claims.NotBefore.Time) {
+		return false
 	}
 
 	return true