You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: src/Utils/DPop.php
+6-3Lines changed: 6 additions & 3 deletions
Original file line number
Diff line number
Diff line change
@@ -4,6 +4,7 @@
4
4
5
5
useLcobucci\JWT\Parser;
6
6
useLcobucci\JWT\Signer\Key;
7
+
useLcobucci\JWT\ValidationData;
7
8
useCoderCat\JWKToPEM\JWKConverter;
8
9
9
10
class DPop {
@@ -151,9 +152,11 @@ private function validateDpop($dpop, $request) {
151
152
152
153
//error_log("8");
153
154
// 8. the token was issued within an acceptable timeframe (see Section 9.1), and
154
-
// $iat = $dpop->getClaim("iat"); // FIXME: Is it correct that this was already verified by the parser?
155
-
// $exp = $dpop->getClaim("exp"); // FIXME: Is it correct that this was already verified by the parser?
156
-
155
+
$validationData = newValidationData(); // It will use the current time to validate (iat, nbf and exp)
156
+
if (!$dpop->validate($validationData)) {
157
+
thrownew \Exception("token timing is invalid");
158
+
}
159
+
157
160
// 9. that, within a reasonable consideration of accuracy and resource utilization, a JWT with the same "jti" value has not been received previously (see Section 9.1).
0 commit comments