Change expiration for JWT authentification of engine port to 60 seconds

CHANGELOG.md

@@ -3,6 +3,7 @@
 ## 22.7.0
 
 ### Additions and Improvements
+- Engine API: Change expiration time for JWT tokens to 60s [#4168](https://github.com/hyperledger/besu/pull/4168)
 
 ### Bug Fixes
 

ethereum/api/src/main/java/org/hyperledger/besu/ethereum/api/jsonrpc/authentication/EngineAuthService.java

@@ -44,6 +44,8 @@
 public class EngineAuthService implements AuthenticationService {
 
   private static final Logger LOG = LoggerFactory.getLogger(EngineAuthService.class);
+  private static final int JWT_EXPIRATION_TIME = 60;
+
   private final JWTAuth jwtAuthProvider;
 
   public EngineAuthService(final Vertx vertx, final Optional<File> signingKey, final Path datadir) {
@@ -167,6 +169,6 @@ public boolean isPermitted(
   private boolean issuedRecently(final long iat) {
     long iatSecondsSinceEpoch = iat;
     long nowSecondsSinceEpoch = System.currentTimeMillis() / 1000;
-    return (Math.abs((nowSecondsSinceEpoch - iatSecondsSinceEpoch)) <= 5);
+    return (Math.abs((nowSecondsSinceEpoch - iatSecondsSinceEpoch)) <= JWT_EXPIRATION_TIME);
   }
 }

ethereum/api/src/test/java/org/hyperledger/besu/ethereum/api/jsonrpc/authentication/EngineAuthServiceTest.java

@@ -110,15 +110,10 @@ public void denyExpired() throws IOException, URISyntaxException {
     assertThat(auth).isNotNull();
     JWTAuth jwtAuth = auth.getJwtAuthProvider();
     String token =
-        jwtAuth.generateToken(new JsonObject().put("iat", (System.currentTimeMillis() / 1000) - 6));
+        jwtAuth.generateToken(
+            new JsonObject().put("iat", (System.currentTimeMillis() / 1000) - 61));
 
-    Handler<Optional<User>> authHandler =
-        new Handler<Optional<User>>() {
-          @Override
-          public void handle(final Optional<User> event) {
-            assertThat(event).isEmpty();
-          }
-        };
+    Handler<Optional<User>> authHandler = event -> assertThat(event).isEmpty();
     auth.authenticate(token, authHandler);
   }
 }