Fix validate JWT on exp=0

#179
lepture · Jan 9, 2020 · 3834a2a · 3834a2a
1 parent c88ea7f
commit 3834a2a
Showing 1 changed file with 8 additions and 7 deletions.
diff --git a/authlib/jose/rfc7519/claims.py b/authlib/jose/rfc7519/claims.py
@@ -163,8 +163,8 @@ def validate_exp(self, now, leeway):
         a few minutes, to account for clock skew.  Its value MUST be a number
         containing a NumericDate value.  Use of this claim is OPTIONAL.
         """
-        exp = self.get('exp')
-        if exp:
+        if 'exp' in self:
+            exp = self['exp']
             if not isinstance(exp, int):
                 raise InvalidClaimError('exp')
             if exp < (now - leeway):
@@ -179,8 +179,8 @@ def validate_nbf(self, now, leeway):
         account for clock skew.  Its value MUST be a number containing a
         NumericDate value.  Use of this claim is OPTIONAL.
         """
-        nbf = self.get('nbf')
-        if nbf:
+        if 'nbf' in self:
+            nbf = self['nbf']
             if not isinstance(nbf, int):
                 raise InvalidClaimError('nbf')
             if nbf > (now + leeway):
@@ -192,9 +192,10 @@ def validate_iat(self, now, leeway):
         value MUST be a number containing a NumericDate value.  Use of this
         claim is OPTIONAL.
         """
-        iat = self.get('iat')
-        if iat and not isinstance(iat, int):
-            raise InvalidClaimError('iat')
+        if 'iat' in self:
+            iat = self['iat']
+            if not isinstance(iat, int):
+                raise InvalidClaimError('iat')
 
     def validate_jti(self):
         """The "jti" (JWT ID) claim provides a unique identifier for the JWT.