Merge pull request #8 from nmemoto/fix-iat-verification

Fixed the condition to judge as valid iat
Code-Hex · Mar 19, 2023 · 1883637 · 1883637
2 parents a2d752f + 00c806e
commit 1883637
Show file tree

Hide file tree

Showing 2 changed files with 1 addition and 12 deletions.
diff --git a/src/jwt-decoder.ts b/src/jwt-decoder.ts
@@ -96,7 +96,7 @@ const decodePayload = (payloadPart: string, currentTimestamp: number): DecodedPa
     throw new JwtError(JwtErrorCode.INVALID_ARGUMENT, `"iat" claim must be a number but got "${payload.iat}"`);
   }
 
-  if (currentTimestamp <= payload.iat) {
+  if (currentTimestamp < payload.iat) {
     throw new JwtError(
       JwtErrorCode.INVALID_ARGUMENT,
       `Incorrect "iat" claim must be a older than "${currentTimestamp}" (iat: "${payload.iat}")`

diff --git a/tests/jwt-decoder.test.ts b/tests/jwt-decoder.test.ts
@@ -87,17 +87,6 @@ describe('TokenDecoder', () => {
           `Incorrect "iat" claim must be a older than "${currentTimestamp}" (iat: "${currentTimestamp + 10000}")`
         ),
       ],
-      [
-        'iat is now',
-        {
-          ...payload,
-          iat: currentTimestamp,
-        },
-        new JwtError(
-          JwtErrorCode.INVALID_ARGUMENT,
-          `Incorrect "iat" claim must be a older than "${currentTimestamp}" (iat: "${currentTimestamp}")`
-        ),
-      ],
       [
         'exp is in past',
         {