fix: validate iat and nbf on payload #568
Conversation
|
Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA). View this failed invocation of the CLA check for more information. For the most up to date status, view the checks section at the bottom of the pull request. |
christiandavilakoobin
force-pushed
the
main
branch
from
1890da5 to
f4b20e0
Compare
|
overlaps with #453 |
|
I like your implementation better than https://github.com/firebase/php-jwt/pull/453/files because it's simpler - but do you think you could add some tests like in the other PR? If so, please also include the exception message in |
|
Hi @bshaffer! You mean this? |
|
@christiandavilakoobin you need to sign the CLA before I can merge this! |
|
@bshaffer it says I signed tje CLA on Jun 19, 2024 08:00 PDT |
|
@bshaffer I just saw I push with another mail. I've signed the CLA with that email too. |
|
@christiandavilakoobin thank you! it worked |
If a JWT has a nonumeric iat or nbf value, it throws a FATAL error when validating the field.