-
Notifications
You must be signed in to change notification settings - Fork 320
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
VerifyIssuedAt in mapclaims broken #47
Comments
Hmm interesting point, I need to check this further. It may have always been broken, i.e. that it just takes the inverted value of I was never a big fan of those |
@ggilley Can you share an example? If I parse a regular JWT that contains the payload |
Hmm... Good idea. It looks like I picked up an example for custom validation that "fixed" expiredAt and not issuedAt. This code has been running for a couple of years, so something in the path changed recently.
|
Here's the whole example:
|
Given that it's json, it makes more sense for me to change my code. Thanks for looking! |
No problem. BTW, you can make your life a lot easier if you replace the line where you reconstruct your custom claims with map claims just to validate them with the following line: Since you are embedding |
StandardClaims has issuedAt as an int64. That means when it gets marshaled to json, it's an int64.
MapClaims VerifyIssuedAt checks for float64 and json.Number, but not int64.
Therefore, verifyIssuedAt fails.
Seems like a recent regression?
github.com/golang-jwt/jwt v3.2.2+incompatible
The text was updated successfully, but these errors were encountered: