Introduce a token age property #195

sberyozkin · 2020-07-02T18:13:15Z

We have discussed this idea with @teddyjtorres, in our project we use a 'lifespan' property but age is more aligned to the definition of what iat is about.
By introducing something like mp.jwt.verify.token.age property we will be able to enforce the exp - iat constraint better and limit the tokens which have been around for an unreasonably (per the deployment specific considerations) long period of time.

The text was updated successfully, but these errors were encountered:

Signed-off-by: Teddy J. Torres <teddyjtorres@hotmail.com>

Create mp.jwt.verify.token.age config property for issue #195

sberyozkin added this to the JWT-2.0 milestone Jul 2, 2020

teddyjtorres added a commit to teddyjtorres/microprofile-jwt-auth that referenced this issue Mar 23, 2022

Create mp.jwt.verify.token.age config property for issue eclipse#195

01279e5

Signed-off-by: Teddy J. Torres <teddyjtorres@hotmail.com>

teddyjtorres mentioned this issue Mar 31, 2022

Create mp.jwt.verify.token.age config property for issue #195 #284

Merged

teddyjtorres added a commit to teddyjtorres/microprofile-jwt-auth that referenced this issue Mar 31, 2022

Create mp.jwt.verify.token.age config property for issue eclipse#195

ed58fb0

Signed-off-by: Teddy J. Torres <teddyjtorres@hotmail.com>

sberyozkin added a commit that referenced this issue Apr 5, 2022

Merge pull request #284 from teddyjtorres/195-tokenAgeProperty

3ebb21b

Create mp.jwt.verify.token.age config property for issue #195

sberyozkin modified the milestones: MPJWT-3.0, MPJWT-2.1 Apr 7, 2022

sberyozkin closed this as completed Apr 7, 2022

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Introduce a token age property #195

Introduce a token age property #195

sberyozkin commented Jul 2, 2020

Introduce a token age property #195

Introduce a token age property #195

Comments

sberyozkin commented Jul 2, 2020