Permalink
Browse files

Merge pull request #51 from mozilla/warner/timestamp-specs

README: JWT specs timestamps as seconds-since-epoch, but we use milliseconds
  • Loading branch information...
lloyd committed Nov 20, 2013
2 parents 0909e64 + 93aa4dc commit 558712bceed57b2efb7a65b5c97398d3e837d14b
Showing with 2 additions and 1 deletion.
  1. +2 −1 README.md
View
@@ -107,7 +107,7 @@ Sometimes the JSON object to sign should be a standard assertion with pre-define
// add special fields which will be encoded properly
// payload cannot contain reserved fields
assertion.sign(payload, {issuer: "foo.com", expiresAt: new Date(new Date().valueOf() + 5000),
- issuedAt: new Date(), audience: "https://example.com"},
+ issuedAt: new Date().valueOf(), audience: "https://example.com"},
keypair.secretKey,
function(err, signedAssertion) {
// a normal signedObject, much like above
@@ -122,6 +122,7 @@ Sometimes the JSON object to sign should be a standard assertion with pre-define
});
});
+Note that timestamps (for `issuedAt` and `expiresAt`) are integers containing the standard JS milliseconds-since-epoch, or objects with methods named `.valueOf()` which will return such an integer. The assertion format currently serializes these integers verbatim; a future version may serialize them as seconds (instead of milliseconds) to conform with the JWT specifications.
Certs
=======

0 comments on commit 558712b

Please sign in to comment.