- Added payload expiration time validation

2024-12-09 21:58:42 +00:00 · 2024-12-09 21:58:42 +00:00 · 23079e6040
parent d3bb2c248a
commit 23079e6040
2 changed files with 12 additions and 0 deletions
--- a/src/Authorize/Bearer/JsonWebTokenDecoder.php
+++ b/src/Authorize/Bearer/JsonWebTokenDecoder.php
@ -29,6 +29,9 @@ class JsonWebTokenDecoder
                            JsonWebTokenValidate::validateHeaderType($jsonArray);
                            JsonWebTokenValidate::validateHeaderAlgorithm($jsonArray);
                        }
+                        elseif ($key === 'payload') {
+                            JsonWebTokenValidate::validatePayloadExpiration($jsonArray);
+                        }

                        $this->$key = $jsonArray;
                    }
--- a/src/Authorize/Bearer/JsonWebTokenValidate.php
+++ b/src/Authorize/Bearer/JsonWebTokenValidate.php
@ -26,6 +26,15 @@ abstract class JsonWebTokenValidate
        }
    }

+    public static function validatePayloadExpiration(array $payload) : void
+    {
+        if ( array_key_exists('exp', $payload) && ( $payload['exp'] < time() ) ) {
+            throw new JsonWebTokenDecodingError(
+                sprintf("Given token is expired (%s)", ( new \DateTime())->setTimestamp($payload['exp'])->format(\DateTime::ISO8601) )
+            );
+        }
+    }
+
    public static function validateSignature(string $alg, string $secret, string $encodedHeader, string $encodedPayload, string $encodedSignature) : void
    {
        $algorithm = JsonWebTokenAlgorithmEnum::fromString($alg);