This commit is contained in:
Looly 2022-05-16 18:46:25 +08:00
parent 1faf7ff519
commit a913c6e5ed
2 changed files with 12 additions and 9 deletions

View File

@ -242,11 +242,13 @@ public class JWTValidator {
* @throws ValidateException 验证异常
*/
@SuppressWarnings("SameParameterValue")
private static void validateNotBefore(final String fieldName, final Date dateToCheck, final Date now, final long leeway) throws ValidateException {
private static void validateNotBefore(final String fieldName, final Date dateToCheck, Date now, final long leeway) throws ValidateException {
if (null == dateToCheck) {
return;
}
now.setTime(now.getTime() - leeway * 1000);
if(leeway > 0){
now = DateUtil.date(now.getTime() - leeway * 1000);
}
if (dateToCheck.before(now)) {
throw new ValidateException("'{}':[{}] is before now:[{}]",
fieldName, DateUtil.date(dateToCheck), DateUtil.date(now));

View File

@ -84,16 +84,17 @@ public class JWTValidatorTest {
@Test
public void issue2329Test(){
final long NOW = System.currentTimeMillis();
final Date NOW_TIME = new Date(NOW);
final long EXPIRED = 3 * 1000L;
final Date EXPIRED_TIME = new Date(NOW + EXPIRED);
final long now = System.currentTimeMillis();
final Date nowTime = new Date(now);
final long expired = 3 * 1000L;
final Date expiredTime = new Date(now + expired);
// 使用这种方式生成token
final String token = JWT.create().setPayload("sub", "blue-light").setIssuedAt(NOW_TIME).setNotBefore(EXPIRED_TIME)
.setExpiresAt(EXPIRED_TIME).setKey("123456".getBytes()).sign();
final String token = JWT.create().setPayload("sub", "blue-light").setIssuedAt(nowTime).setNotBefore(expiredTime)
.setExpiresAt(expiredTime).setKey("123456".getBytes()).sign();
// 使用这种方式验证token
JWTValidator.of(JWT.of(token)).validateDate(DateUtil.date(NOW + 4000), 10);
JWTValidator.of(JWT.of(token)).validateDate(DateUtil.date(now - 4000), 10);
JWTValidator.of(JWT.of(token)).validateDate(DateUtil.date(now + 4000), 10);
}
}