New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
JSON Web Token: support nbf
and exp
claims
#4526
Conversation
See RFC 7519, Section 4: Specific applications of JWTs will require implementations to understand and process some claims in particular ways. However, in the absence of such requirements, all claims that are not understood by implementations MUST be ignored. Signed-off-by: Robert Stepanek <rsto@fastmailteam.com>
Signed-off-by: Robert Stepanek <rsto@fastmailteam.com>
Signed-off-by: Robert Stepanek <rsto@fastmailteam.com>
Signed-off-by: Robert Stepanek <rsto@fastmailteam.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Other than my 2 comments LGTM
FYI you need to use the "backport-to..." label if you want me to backport it, I don't look for plain version labels on PRs, those are for describing which versions are affected by a bug. Is this a bug fix or a new feature? It looks like a feature, and 3.8 is stable now and doesn't get new features, only bug fixes. |
@elliefm thanks, did not know to use the "backport-to" label. It's a feature, not a bug. So no backport then. |
This updates the JSON Web Token code to
nbf
claimexp
claimThe initial code was contributed by @bamthomas in #4515. Thanks! This PR adds more strict validation invalid JSON claims and makes the cunit test code more maintainable.