Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Merge release 4.0.1 into 4.1.x #640

Merged
merged 5 commits into from Jan 28, 2021
Merged

Merge release 4.0.1 into 4.1.x #640

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
bb9d2c7
[v4.0] Token must expire the exact time of "exp" claim
Slamdunk Jan 21, 2021
d4bfa6b
Merge pull request #636 from Slamdunk/fix_40_exp_claim_RFC7519
lcobucci Jan 27, 2021
137a65d
Use the correct class name for in-memory keys
lots0logs Jan 15, 2021
b80c487
Merge pull request #632 from lots0logs/patch-1
lcobucci Jan 28, 2021
0501fc8
Merge branch '4.1.x' into 4.0.x-merge-up-into-4.1.x_601202ae8e9bb7.62…
lcobucci Jan 28, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
6 changes: 5 additions & 1 deletion docs/configuration.md
View file
Open in desktop
Expand Up @@ -19,7 +19,7 @@ In order to use it, you must:

### Configuration initialisation

The `Lcobucci\JWT\Signer\Key` object is used for symmetric/asymmetric signature.
The `Lcobucci\JWT\Signer\Key\InMemory` object is used for symmetric/asymmetric signature.

To initialise it, you can pass the key content as a plain text:

Expand Down Expand Up @@ -90,6 +90,10 @@ $configuration = Configuration::forAsymmetricSigner(
);
```

!!! Important
The implementation of ECDSA algorithms have a constructor dependency.
Use the `create()` named constructor to avoid having to handle it (e.g.: `Lcobucci\JWT\Signer\Ecdsa\Sha256::create()`).

#### For no algorithm

!!! Warning
Expand Down
2 changes: 1 addition & 1 deletion src/Token/Plain.php
View file
Open in desktop
Expand Up @@ -80,7 +80,7 @@ public function isExpired(DateTimeInterface $now): bool
return false;
}

return $now > $this->claims->get(RegisteredClaims::EXPIRATION_TIME);
return $now >= $this->claims->get(RegisteredClaims::EXPIRATION_TIME);
}

public function toString(): string
Expand Down
4 changes: 2 additions & 2 deletions test/unit/Token/PlainTest.php
View file
Open in desktop
Expand Up @@ -521,7 +521,7 @@ public function isExpiredShouldReturnFalseWhenTokenIsNotExpired(): void
* @uses \Lcobucci\JWT\Token\DataSet
* @uses \Lcobucci\JWT\Token\Signature
*/
public function isExpiredShouldReturnFalseWhenExpirationIsEqualsToNow(): void
public function isExpiredShouldReturnTrueWhenExpirationIsEqualsToNow(): void
{
$now = new DateTimeImmutable();

Expand All @@ -530,7 +530,7 @@ public function isExpiredShouldReturnFalseWhenExpirationIsEqualsToNow(): void
new DataSet([RegisteredClaims::EXPIRATION_TIME => $now], '')
);

self::assertFalse($token->isExpired($now));
self::assertTrue($token->isExpired($now));
}

/**
Expand Down
2 changes: 1 addition & 1 deletion test/unit/Validation/Constraint/ValidAtTestCase.php
View file
Open in desktop
Expand Up @@ -155,7 +155,7 @@ final public function assertShouldNotRaiseExceptionWhenLeewayIsUsed(): void
RegisteredClaims::EXPIRATION_TIME => $now->modify('-5 seconds'),
];

$constraint = $this->buildValidAtConstraint($this->clock, new DateInterval('PT5S'));
$constraint = $this->buildValidAtConstraint($this->clock, new DateInterval('PT6S'));
$constraint->assert($this->buildToken($claims));

$this->addToAssertionCount(1);
Expand Down