Skip to content
Permalink

Comparing changes

This is a direct comparison between two commits made in this repository or its related repositories. View the default comparison for this range or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: jwtk/jjwt
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: 0907ae9b25f259fdb2b620b0f02c6f3490532996
Choose a base ref
..
head repository: jwtk/jjwt
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: ff97bc9346793dc172a5ec9b79bb0e502f414707
Choose a head ref
1 change: 0 additions & 1 deletion src/main/java/io/jsonwebtoken/Claims.java
View file
Original file line number Diff line number Diff line change
@@ -16,7 +16,6 @@
package io.jsonwebtoken;

import java.time.Instant;
import java.util.Date;
import java.util.Map;

/**
1 change: 0 additions & 1 deletion src/main/java/io/jsonwebtoken/ClaimsMutator.java
View file
Original file line number Diff line number Diff line change
@@ -16,7 +16,6 @@
package io.jsonwebtoken;

import java.time.Instant;
import java.util.Date;

/**
* Mutation (modifications) to a {@link io.jsonwebtoken.Claims Claims} instance.
2 changes: 1 addition & 1 deletion src/main/java/io/jsonwebtoken/Clock.java
View file
Original file line number Diff line number Diff line change
@@ -5,7 +5,7 @@
/**
* A clock represents a time source that can be used when creating and verifying JWTs.
*
* @since 0.10.0
* @since 0.7.0
*/
public interface Clock {

1 change: 0 additions & 1 deletion src/main/java/io/jsonwebtoken/JwtBuilder.java
View file
Original file line number Diff line number Diff line change
@@ -17,7 +17,6 @@

import java.security.Key;
import java.time.Instant;
import java.util.Date;
import java.util.Map;

/**
1 change: 0 additions & 1 deletion src/main/java/io/jsonwebtoken/JwtParser.java
View file
Original file line number Diff line number Diff line change
@@ -19,7 +19,6 @@

import java.security.Key;
import java.time.Instant;
import java.util.Date;

/**
* A parser for reading JWT strings, used to convert them into a {@link Jwt} object representing the expanded JWT.
7 changes: 3 additions & 4 deletions src/main/java/io/jsonwebtoken/impl/DefaultClock.java
View file
Original file line number Diff line number Diff line change
@@ -3,7 +3,6 @@
import io.jsonwebtoken.Clock;

import java.time.Instant;
import java.util.Date;

/**
* Default {@link Clock} implementation.
@@ -18,12 +17,12 @@ public class DefaultClock implements Clock {
public static final Clock INSTANCE = new DefaultClock();

/**
* Simply returns <code>new {@link Date}()</code>.
* Simply returns <code>new {@link Instant}()</code>.
*
* @return a new {@link Date} instance.
* @return a new {@link Instant} instance.
*/
@Override
public Instant now() {
return java.time.Clock.systemUTC().instant();
return Instant.now();
}
}
1 change: 0 additions & 1 deletion src/main/java/io/jsonwebtoken/impl/DefaultJwtBuilder.java
View file
Original file line number Diff line number Diff line change
@@ -34,7 +34,6 @@
import java.io.IOException;
import java.security.Key;
import java.time.Instant;
import java.util.Date;
import java.util.Map;

public class DefaultJwtBuilder implements JwtBuilder {
1 change: 1 addition & 0 deletions src/main/java/io/jsonwebtoken/impl/DefaultJwtParser.java
View file
Original file line number Diff line number Diff line change
@@ -390,6 +390,7 @@ public Jwt parse(String jwt) throws ExpiredJwtException, MalformedJwtException,
final long minTime = nowEpochMillis + this.allowedClockSkewMillis;
Instant min = allowSkew ? Instant.ofEpochMilli(minTime) : now;
if (min.isBefore(nbf)) {
// This returns an immutable formatter capable of formatting and parsing the ISO-8601 instant format.
String nbfVal = DateTimeFormatter.ISO_INSTANT.format(nbf);
String nowVal = DateTimeFormatter.ISO_INSTANT.format(now);

9 changes: 4 additions & 5 deletions src/main/java/io/jsonwebtoken/impl/FixedClock.java
View file
Original file line number Diff line number Diff line change
@@ -3,7 +3,6 @@
import io.jsonwebtoken.Clock;

import java.time.Instant;
import java.util.Date;

/**
* A {@code Clock} implementation that is constructed with a seed timestamp and always reports that same
@@ -16,18 +15,18 @@ public class FixedClock implements Clock {
private final Instant now;

/**
* Creates a new fixed clock using <code>new {@link Date Date}()</code> as the seed timestamp. All calls to
* Creates a new fixed clock using <code>new {@link Instant instant}()</code> as the seed timestamp. All calls to
* {@link #now now()} will always return this seed Date.
*/
public FixedClock() {
this(java.time.Clock.systemUTC().instant());
this(Instant.now());
}

/**
* Creates a new fixed clock using the specified seed timestamp. All calls to
* {@link #now now()} will always return this seed Date.
* {@link #now now()} will always return this seed Instant.
*
* @param now the specified Date to always return from all calls to {@link #now now()}.
* @param now the specified Instant to always return from all calls to {@link #now now()}.
*/
public FixedClock(Instant now) {
this.now = now;
86 changes: 37 additions & 49 deletions src/test/groovy/io/jsonwebtoken/JwtParserTest.groovy
View file
Original file line number Diff line number Diff line change
@@ -23,19 +23,20 @@ import org.junit.Test
import javax.crypto.spec.SecretKeySpec
import java.security.SecureRandom
import java.time.Instant
import java.time.temporal.ChronoUnit

import static org.junit.Assert.*
import static ClaimJwtException.INCORRECT_EXPECTED_CLAIM_MESSAGE_TEMPLATE
import static ClaimJwtException.MISSING_EXPECTED_CLAIM_MESSAGE_TEMPLATE

class JwtParserTest {

private static final SecureRandom random = new SecureRandom(); //doesn't need to be seeded - just testing
private static final SecureRandom RANDOM = new SecureRandom(); //doesn't need to be seeded - just testing

protected static byte[] randomKey() {
//create random signing key for testing:
byte[] key = new byte[64]
random.nextBytes(key)
RANDOM.nextBytes(key)
return key
}

@@ -166,8 +167,7 @@ class JwtParserTest {

@Test
void testParseWithExpiredJwt() {
long expSeconds = (System.currentTimeMillis() - 1000) / 1000
Instant exp = Instant.ofEpochSecond(expSeconds)
Instant exp = instantFromMillis(System.currentTimeMillis() - 1000)

String compact = Jwts.builder().setSubject('Joe').setExpiration(exp).compact()

@@ -184,9 +184,7 @@ class JwtParserTest {

@Test
void testParseWithPrematureJwt() {

long nbfSeconds = (System.currentTimeMillis() + 100000) / 1000
Instant nbf = Instant.ofEpochSecond(nbfSeconds)
Instant nbf = instantFromMillis(System.currentTimeMillis() + 100000)

String compact = Jwts.builder().setSubject('Joe').setNotBefore(nbf).compact()

@@ -203,7 +201,7 @@ class JwtParserTest {

@Test
void testParseWithExpiredJwtWithinAllowedClockSkew() {
Instant exp = Instant.ofEpochMilli(System.currentTimeMillis() - 3000)
Instant exp = instantFromMillis(System.currentTimeMillis() - 3000)

String subject = 'Joe'
String compact = Jwts.builder().setSubject(subject).setExpiration(exp).compact()
@@ -215,7 +213,7 @@ class JwtParserTest {

@Test
void testParseWithExpiredJwtNotWithinAllowedClockSkew() {
Instant exp = Instant.ofEpochMilli(System.currentTimeMillis() - 3000)
Instant exp = instantFromMillis(System.currentTimeMillis() - 3000)

String compact = Jwts.builder().setSubject('Joe').setExpiration(exp).compact()

@@ -229,7 +227,7 @@ class JwtParserTest {

@Test
void testParseWithPrematureJwtWithinAllowedClockSkew() {
Instant exp = Instant.ofEpochMilli(System.currentTimeMillis() + 3000)
Instant exp = instantFromMillis(System.currentTimeMillis() + 3000)

String subject = 'Joe'
String compact = Jwts.builder().setSubject(subject).setNotBefore(exp).compact()
@@ -241,7 +239,7 @@ class JwtParserTest {

@Test
void testParseWithPrematureJwtNotWithinAllowedClockSkew() {
Instant exp = Instant.ofEpochMilli(System.currentTimeMillis() + 3000)
Instant exp = instantFromMillis(System.currentTimeMillis() + 3000)

String compact = Jwts.builder().setSubject('Joe').setNotBefore(exp).compact()

@@ -372,9 +370,8 @@ class JwtParserTest {
@Test
void testParseClaimsJwtWithExpiredJwt() {

long nowMillis = System.currentTimeMillis()
//some time in the past:
Instant exp = Instant.ofEpochMilli(nowMillis - 1000)
Instant exp = instantFromMillis(System.currentTimeMillis() - 1000)

String compact = Jwts.builder().setSubject('Joe').setExpiration(exp).compact()

@@ -389,7 +386,7 @@ class JwtParserTest {
@Test
void testParseClaimsJwtWithPrematureJwt() {

Instant nbf = Instant.ofEpochMilli(System.currentTimeMillis() + 100000)
Instant nbf = instantFromMillis(System.currentTimeMillis() + 100000)

String compact = Jwts.builder().setSubject('Joe').setNotBefore(nbf).compact()

@@ -495,9 +492,8 @@ class JwtParserTest {

byte[] key = randomKey()

long nowMillis = System.currentTimeMillis()
//some time in the past:
Instant exp = Instant.ofEpochMilli(nowMillis - 1000)
Instant exp = instantFromMillis(System.currentTimeMillis() - 1000)

String compact = Jwts.builder().setSubject(sub).signWith(SignatureAlgorithm.HS256, key).setExpiration(exp).compact()

@@ -518,7 +514,7 @@ class JwtParserTest {

byte[] key = randomKey()

Instant nbf = Instant.ofEpochMilli(System.currentTimeMillis() + 100000)
Instant nbf = instantFromMillis(System.currentTimeMillis() + 100000)

String compact = Jwts.builder().setSubject(sub).setNotBefore(nbf).signWith(SignatureAlgorithm.HS256, key).compact()

@@ -964,7 +960,7 @@ class JwtParserTest {

@Test
void testParseRequireIssuedAt_Success() {
def issuedAt = Instant.ofEpochMilli(System.currentTimeMillis())
Instant issuedAt = instantFromMillis(System.currentTimeMillis())

byte[] key = randomKey()

@@ -984,11 +980,9 @@ class JwtParserTest {

@Test
void testParseRequireIssuedAt_Incorrect_Fail() {
long goodIssuedAtSeconds = System.currentTimeMillis() / 1000
def goodIssuedAt = Instant.ofEpochSecond(goodIssuedAtSeconds)
Instant goodIssuedAt = instantFromMillis(System.currentTimeMillis())

long badIssuedAtSeconds = (System.currentTimeMillis() - 10000) / 1000
def badIssuedAt = Instant.ofEpochSecond(badIssuedAtSeconds)
Instant badIssuedAt = instantFromMillis(System.currentTimeMillis() - 10000)

byte[] key = randomKey()

@@ -1011,9 +1005,7 @@ class JwtParserTest {

@Test
void testParseRequireIssuedAt_Missing_Fail() {
long pastTimeMillis = System.currentTimeMillis() - 10000
long pastTimeSeconds = pastTimeMillis / 1000
def issuedAt = Instant.ofEpochSecond(pastTimeSeconds)
Instant issuedAt = instantFromMillis(System.currentTimeMillis() - 10000)

byte[] key = randomKey()

@@ -1293,7 +1285,7 @@ class JwtParserTest {
@Test
void testParseRequireExpiration_Success() {
// expire in the future
def expiration = Instant.ofEpochMilli(System.currentTimeMillis() + 10000)
Instant expiration = instantFromMillis(System.currentTimeMillis() + 10000)

byte[] key = randomKey()

@@ -1313,11 +1305,9 @@ class JwtParserTest {

@Test
void testParseRequireExpirationAt_Incorrect_Fail() {
long goodExpirationSeconds = (System.currentTimeMillis() + 20000) / 1000
def goodExpiration = Instant.ofEpochSecond(goodExpirationSeconds)
Instant goodExpiration = instantFromMillis(System.currentTimeMillis() + 20000)

long badExpirationSeconds = (System.currentTimeMillis() + 10000) / 1000
def badExpiration = Instant.ofEpochSecond(badExpirationSeconds)
Instant badExpiration = instantFromMillis(System.currentTimeMillis() + 10000)

byte[] key = randomKey()

@@ -1340,8 +1330,7 @@ class JwtParserTest {

@Test
void testParseRequireExpiration_Missing_Fail() {
long expirationSeconds = (System.currentTimeMillis() + 10000) / 1000
def expiration = Instant.ofEpochSecond(expirationSeconds)
Instant expiration = instantFromMillis(System.currentTimeMillis() + 10000)

byte[] key = randomKey()

@@ -1365,7 +1354,7 @@ class JwtParserTest {
@Test
void testParseRequireNotBefore_Success() {
// expire in the future
def notBefore = Instant.ofEpochMilli(System.currentTimeMillis() - 10000)
Instant notBefore = instantFromMillis(System.currentTimeMillis() - 10000)

byte[] key = randomKey()

@@ -1385,11 +1374,9 @@ class JwtParserTest {

@Test
void testParseRequireNotBefore_Incorrect_Fail() {
long goodNotBeforeSeconds = (System.currentTimeMillis() - 20000) / 1000
def goodNotBefore = Instant.ofEpochSecond(goodNotBeforeSeconds)
Instant goodNotBefore = instantFromMillis(System.currentTimeMillis() - 20000)

long badNotBeforeSeconds = (System.currentTimeMillis() - 10000) / 1000
def badNotBefore = Instant.ofEpochSecond(badNotBeforeSeconds)
Instant badNotBefore = instantFromMillis(System.currentTimeMillis() - 10000)

byte[] key = randomKey()

@@ -1412,8 +1399,7 @@ class JwtParserTest {

@Test
void testParseRequireNotBefore_Missing_Fail() {
long notBeforetSeconds = (System.currentTimeMillis() - 10000) / 1000
def notBefore = Instant.ofEpochSecond(notBeforetSeconds)
Instant notBefore = instantFromMillis(System.currentTimeMillis() - 10000)

byte[] key = randomKey()

@@ -1436,8 +1422,7 @@ class JwtParserTest {

@Test
void testParseRequireCustomDate_Success() {
long nowSeconds = System.currentTimeMillis() / 1000
def anInstant = Instant.ofEpochSecond(nowSeconds)
Instant anInstant = instantFromMillis(System.currentTimeMillis())

byte[] key = randomKey()

@@ -1454,11 +1439,9 @@ class JwtParserTest {

@Test
void testParseRequireCustomDate_Incorrect_Fail() {
long goodTimeSeconds = System.currentTimeMillis() / 1000
Instant goodInstant = Instant.ofEpochSecond(goodTimeSeconds)
Instant goodInstant = instantFromMillis(System.currentTimeMillis())

long badTimeseconds = (System.currentTimeMillis() - 10000) / 1000
Instant badInstant = Instant.ofEpochSecond(badTimeseconds)
Instant badInstant = instantFromMillis(System.currentTimeMillis() - 10000)

byte[] key = randomKey()

@@ -1482,7 +1465,7 @@ class JwtParserTest {

@Test
void testParseRequireCustomDate_Missing_Fail() {
def anInstant = Instant.ofEpochMilli(System.currentTimeMillis())
Instant anInstant = instantFromMillis(System.currentTimeMillis())

byte[] key = randomKey()

@@ -1506,8 +1489,8 @@ class JwtParserTest {
@Test
void testParseClockManipulationWithFixedClock() {
def then = System.currentTimeMillis() - 1000
Instant expiry = Instant.ofEpochMilli(then)
Instant beforeExpiry = Instant.ofEpochMilli(then - 1000)
Instant expiry = instantFromMillis(then)
Instant beforeExpiry = instantFromMillis(then - 1000)

String compact = Jwts.builder().setSubject('Joe').setExpiration(expiry).compact()

@@ -1526,7 +1509,7 @@ class JwtParserTest {

@Test
void testParseClockManipulationWithDefaultClock() {
Instant expiry = Instant.ofEpochMilli(System.currentTimeMillis() - 1000)
Instant expiry = instantFromMillis(System.currentTimeMillis() - 1000)

String compact = Jwts.builder().setSubject('Joe').setExpiration(expiry).compact()

@@ -1609,4 +1592,9 @@ class JwtParserTest {
assertEquals 'JWT string has a digest/signature, but the header does not reference a valid signature algorithm.', se.message
}
}

// The JWT RFC *mandates* time claim values are represented as seconds.
private Instant instantFromMillis(final long millis) {
return Instant.ofEpochMilli(millis).truncatedTo(ChronoUnit.SECONDS)
}
}
Loading