validate iat and nbf claims

jwt · Jan 26, 2019 · ebc5bc6 · ebc5bc6
1 parent a05a1f6
commit ebc5bc6
Show file tree

Hide file tree

Showing 2 changed files with 23 additions and 9 deletions.
diff --git a/lib/jwt/claims_validator.rb b/lib/jwt/claims_validator.rb
@@ -4,7 +4,9 @@ module JWT
   class ClaimsValidator
     INTEGER_CLAIMS = %i[
       exp
-    ]
+      iat
+      nbf
+    ].freeze
 
     def initialize(payload)
       @payload = payload.each_with_object({}) { |(k, v), h| h[k.to_sym] = v }

diff --git a/spec/jwt/claims_validator_spec.rb b/spec/jwt/claims_validator_spec.rb
@@ -10,24 +10,36 @@
       expect(subject.validate!).to eq(true)
     end
 
-    context "exp validation" do
-      it 'raises an error when the value of the exp claim is a string' do
-        subject = described_class.new({ exp: '1' })
+    shared_examples_for 'an integer claim' do |claim|
+      it "raises an error when the value of the #{claim} claim is a string" do
+        subject = described_class.new({ claim => '1' })
         expect { subject.validate! }.to raise_error JWT::InvalidPayload
       end
 
-      it 'raises an error when the value of the exp claim is a Time object' do
-        subject = described_class.new({ exp: Time.now })
+      it "raises an error when the value of the #{claim} claim is a Time object" do
+        subject = described_class.new({ claim => Time.now })
         expect { subject.validate! }.to raise_error JWT::InvalidPayload
       end
 
-      it 'validates the exp when the exp key is either a string or a symbol' do
-        symbol = described_class.new({ exp: true })
+      it "validates the #{claim} claim when the key is either a string or a symbol" do
+        symbol = described_class.new({ claim.to_sym => true })
         expect { symbol.validate! }.to raise_error JWT::InvalidPayload
 
-        string = described_class.new({ 'exp' => true })
+        string = described_class.new({ claim.to_s => true })
         expect { string.validate! }.to raise_error JWT::InvalidPayload
       end
     end
+
+    context 'exp claim' do
+      it_should_behave_like 'an integer claim', :exp
+    end
+
+    context 'iat claim' do
+      it_should_behave_like 'an integer claim', :iat
+    end
+
+    context 'nbf claim' do
+      it_should_behave_like 'an integer claim', :nbf
+    end
   end
 end