Merge pull request #8 from nmemoto/fix-iat-verification

Code-Hex · web-flow · commit 1883637a32e7 · 2023-03-19T10:10:42.000+09:00
Fixed the condition to judge as valid iat
diff --git a/src/jwt-decoder.ts b/src/jwt-decoder.ts
@@ -96,7 +96,7 @@ const decodePayload = (payloadPart: string, currentTimestamp: number): DecodedPa
     throw new JwtError(JwtErrorCode.INVALID_ARGUMENT, `"iat" claim must be a number but got "${payload.iat}"`);
   }
 
-  if (currentTimestamp <= payload.iat) {
+  if (currentTimestamp < payload.iat) {
     throw new JwtError(
       JwtErrorCode.INVALID_ARGUMENT,
       `Incorrect "iat" claim must be a older than "${currentTimestamp}" (iat: "${payload.iat}")`
diff --git a/tests/jwt-decoder.test.ts b/tests/jwt-decoder.test.ts
@@ -87,17 +87,6 @@ describe('TokenDecoder', () => {
           `Incorrect "iat" claim must be a older than "${currentTimestamp}" (iat: "${currentTimestamp + 10000}")`
         ),
       ],
-      [
-        'iat is now',
-        {
-          ...payload,
-          iat: currentTimestamp,
-        },
-        new JwtError(
-          JwtErrorCode.INVALID_ARGUMENT,
-          `Incorrect "iat" claim must be a older than "${currentTimestamp}" (iat: "${currentTimestamp}")`
-        ),
-      ],
       [
         'exp is in past',
         {

Original file line number	Diff line number	Diff line change
`@@ -96,7 +96,7 @@ const decodePayload = (payloadPart: string, currentTimestamp: number): DecodedPa`
`96`	`96`	throw new JwtError(JwtErrorCode.INVALID_ARGUMENT, `"iat" claim must be a number but got "${payload.iat}"`);
`97`	`97`	`}`
`98`	`98`
`99`		`- if (currentTimestamp <= payload.iat) {`
	`99`	`+ if (currentTimestamp < payload.iat) {`
`100`	`100`	`throw new JwtError(`
`101`	`101`	`JwtErrorCode.INVALID_ARGUMENT,`
`102`	`102`	`Incorrect "iat" claim must be a older than "${currentTimestamp}" (iat: "${payload.iat}")`