diff --git a/hutool-json/src/main/java/cn/hutool/json/jwt/JWTValidator.java b/hutool-json/src/main/java/cn/hutool/json/jwt/JWTValidator.java index 38c11c5ae..79e3a361a 100755 --- a/hutool-json/src/main/java/cn/hutool/json/jwt/JWTValidator.java +++ b/hutool-json/src/main/java/cn/hutool/json/jwt/JWTValidator.java @@ -242,11 +242,13 @@ public class JWTValidator { * @throws ValidateException 验证异常 */ @SuppressWarnings("SameParameterValue") - private static void validateNotBefore(final String fieldName, final Date dateToCheck, final Date now, final long leeway) throws ValidateException { + private static void validateNotBefore(final String fieldName, final Date dateToCheck, Date now, final long leeway) throws ValidateException { if (null == dateToCheck) { return; } - now.setTime(now.getTime() - leeway * 1000); + if(leeway > 0){ + now = DateUtil.date(now.getTime() - leeway * 1000); + } if (dateToCheck.before(now)) { throw new ValidateException("'{}':[{}] is before now:[{}]", fieldName, DateUtil.date(dateToCheck), DateUtil.date(now)); diff --git a/hutool-json/src/test/java/cn/hutool/json/jwt/JWTValidatorTest.java b/hutool-json/src/test/java/cn/hutool/json/jwt/JWTValidatorTest.java index 26204faaf..1dc59d3a5 100755 --- a/hutool-json/src/test/java/cn/hutool/json/jwt/JWTValidatorTest.java +++ b/hutool-json/src/test/java/cn/hutool/json/jwt/JWTValidatorTest.java @@ -84,16 +84,17 @@ public class JWTValidatorTest { @Test public void issue2329Test(){ - final long NOW = System.currentTimeMillis(); - final Date NOW_TIME = new Date(NOW); - final long EXPIRED = 3 * 1000L; - final Date EXPIRED_TIME = new Date(NOW + EXPIRED); + final long now = System.currentTimeMillis(); + final Date nowTime = new Date(now); + final long expired = 3 * 1000L; + final Date expiredTime = new Date(now + expired); // 使用这种方式生成token - final String token = JWT.create().setPayload("sub", "blue-light").setIssuedAt(NOW_TIME).setNotBefore(EXPIRED_TIME) - .setExpiresAt(EXPIRED_TIME).setKey("123456".getBytes()).sign(); + final String token = JWT.create().setPayload("sub", "blue-light").setIssuedAt(nowTime).setNotBefore(expiredTime) + .setExpiresAt(expiredTime).setKey("123456".getBytes()).sign(); // 使用这种方式验证token - JWTValidator.of(JWT.of(token)).validateDate(DateUtil.date(NOW + 4000), 10); + JWTValidator.of(JWT.of(token)).validateDate(DateUtil.date(now - 4000), 10); + JWTValidator.of(JWT.of(token)).validateDate(DateUtil.date(now + 4000), 10); } }