Implement Claim::set_expires_in #107
Conversation
|
Hi, sorry for the wait. I'll try to get this reviewed within the next few days. |
There was a problem hiding this comment.
Thank you for working on this! The code looks good and I'm ready to approve this, but I'd like to understand the use-case a bit more, before merging.
When would you want to change an expiry for an already signed set of Claims? The only time where you'd possibly attempt to modify a token, as far as I can imagine, is a public one. Claims are signed when used with the tokens, so just changing them there would invalidate the signature.
Do you have an application where you store plaintext Claims in-memory, that can't be re-constructed easily, but are re-used across expiring/different tokens?
|
I'm working on an actix-web paseto-based authentication middleware: franklx/actix-paseto-auth-middleware. When the access_token is expired is convenient using it as base for creating a new one based on refresh_token (like original implementation based on If you are interested here is where the token is created by calling a "polymorphic" function defined here where the |
|
@franklx Thanks for clarifying. Off the top of my head, this seems fine to me. I'll get this merged and issue a new release. Out in |
Implemented new function
Claim::set_expires_in(&mut self, duration: &core::time::Duration) -> Result<(), Error>useful for refreshing claims on expired tokens.Used it even for
newandnew_expires_inconstructors.