coolaj86
/
oauth3.js
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

made the jwt `freshness` function work with non-expiring tokens

This commit is contained in:
tigerbot 2017-10-19 15:27:35 -06:00
parent 26e9a1c08b
commit d7d07b841a
1 changed files with 17 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
oauth3.core.js
View File

@ -224,20 +224,27 @@
return OAUTH3.crypto.core.verify(jwk, data, signature); return OAUTH3.crypto.core.verify(jwk, data, signature);
} }
, freshness: function (tokenMeta, staletime, _now) { , freshness: function (tokenMeta, staletime, now) {
staletime = staletime || (15 * 60); // If the token doesn't expire then it's always fresh.
var now = _now || Date.now(); if (!tokenMeta.exp) {
var fresh = ((parseInt(tokenMeta.exp, 10) || 0) - Math.round(now / 1000));
if (fresh >= staletime) {
return 'fresh'; return 'fresh';
} }
if (fresh <= 0) { staletime = staletime || (15 * 60);
return 'expired'; now = now || Date.now();
// This particular number used to check if time is in milliseconds or seconds will work
// for any date between the years 1973 and 5138.
if (now > 1e11) {
now = Math.round(now / 1000);
}
var exp = parseInt(tokenMeta.exp, 10) || 0;
if (exp < now) {
return 'expired';
} else if (exp < now + staletime) {
return 'stale';
} else {
return 'fresh';
} }
return 'stale';
} }
} }
, urls: { , urls: {