tsndr/cloudflare-worker-jwt
1
0
Fork 0
Code Activity

add clock tolerance

Browse Source
This commit is contained in:
Toby
2024-02-22 22:49:24 +01:00
parent 3f62636645
commit e503b163e9
2 changed files with 38 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
tests/index.spec.ts
View File

@@ -119,4 +119,30 @@ describe.each(Object.entries(data) as [JwtAlgorithm, Dataset][])('%s', (algorith
const verified = await jwt.verify(token, data.public, algorithm)
expect(verified).toBeTruthy()
})
})
describe('Verify', async () => {
const secret = 'super-secret'
const now = Math.floor(Date.now() / 1000)
const off = 30 // 30 seconds
const nbf = now + off // Not valid before 30 seconds from now
const exp = now - off // Expired 30 seconds ago
const notYetValidToken = await jwt.sign({ sub: 'me', nbf }, secret)
const expiredToken = await jwt.sign({ sub: 'me', exp }, secret)
test('Not yet valid', () => {
expect(jwt.verify(notYetValidToken, secret, { throwError: true })).rejects.toThrowError('NOT_YET_VALID')
})
test('Expired', () => {
console.log({ exp, now: Math.floor(Date.now() / 1000) })
expect(jwt.verify(expiredToken, secret, { throwError: true })).rejects.toThrowError('EXPIRED')
})
test('Clock offset', () => {
expect(jwt.verify(notYetValidToken, secret, { clockTolerance: off, throwError: true })).resolves.toBe(true)
expect(jwt.verify(expiredToken, secret, { clockTolerance: off, throwError: true })).resolves.toBe(true)
})
})