Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Usage of requireExpiration(Date expiration) #213

Closed
apollux opened this issue Mar 7, 2017 · 3 comments
Closed

Usage of requireExpiration(Date expiration) #213

apollux opened this issue Mar 7, 2017 · 3 comments

Comments

@apollux
Copy link

apollux commented Mar 7, 2017

I want to validate a received token and make sure that it has a Expiration Time set. It looks like the only way to do such a thing is with the requireExpiration(Date expiration) method. However this requires the Expiration Time to equal the expiration passed as a parameter. On the receiving side I have no clue what the expiration time is going to be. I just want to make sure an expiration time is present in the token.

I have the following questions:
How can I require the presence of an exp claim?
What is the use case for the requireExpiration(Date expiration) since typically anyone who wants to validate the exp claim can not know the exact value of the expiration date.
@brotherYoung
Copy link

How did you solve it? thanks

I want to validate a received token and make sure that it has a Expiration Time set. It looks like the only way to do such a thing is with the requireExpiration(Date expiration) method. However this requires the Expiration Time to equal the expiration passed as a parameter. On the receiving side I have no clue what the expiration time is going to be. I just want to make sure an expiration time is present in the token.

I have the following questions:
How can I require the presence of an exp claim?
What is the use case for the requireExpiration(Date expiration) since typically anyone who wants to validate the exp claim can not know the exact value of the expiration date.

I've already put it into practice:

  1. please set IssuedAt & Exp at the time of creation
    Jwts.builder().setSubject("Joe").setIssuedAt(new Date()).setExpiration(DateUtil.expirationDate(20000)).signWith(key).compact()

  2. if token expire, Claims throws exception automatic

@stale
Copy link

stale bot commented Jul 13, 2019

This issue has been automatically marked as stale due to inactivity for 60 or more days. It will be closed in 7 days if no further activity occurs.

@stale stale bot added the stale Stale issues pending deletion due to inactivity label Jul 13, 2019
@lhazlewood
Copy link
Contributor

lhazlewood commented Jul 15, 2019
edited
Loading

I'm closing this in favor of #474 - that issue will allow all sorts of custom validation other than value != null && expectedValue.equals(value) (which is what it is at the time of this writing)

@lhazlewood lhazlewood removed the stale Stale issues pending deletion due to inactivity label Jul 15, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@lhazlewood @apollux @brotherYoung