Skip to content

Commit

Permalink
Non-numeric 'iat' now raises InvalidIssuedAtError on decode()
Browse files Browse the repository at this point in the history
  • Loading branch information
mark-adams committed Apr 17, 2017
1 parent ab99f9e commit 3e6d9ec
Show file tree
Hide file tree
Showing 4 changed files with 6 additions and 2 deletions.
2 changes: 2 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,8 @@ This project adheres to [Semantic Versioning](http://semver.org/).
- Renamed commandline script `jwt` to `jwt-cli` to avoid issues with the script clobbering the `jwt` module in some circumstances.
- Better error messages when using an algorithm that requires the cryptography package, but it isn't available [#230][230]
- Tokens with future 'iat' values are no longer rejected [#190][190]
- Non-numeric 'iat' values now raise InvalidIssuedAtError instead of DecodeError


### Fixed

Expand Down
2 changes: 2 additions & 0 deletions docs/usage.rst
Original file line number Diff line number Diff line change
Expand Up @@ -180,6 +180,8 @@ Issued At Claim (iat)
This claim can be used to determine the age of the JWT. Its value MUST be a
number containing a NumericDate value. Use of this claim is OPTIONAL.

If the `iat` claim is not a number, an `jwt.InvalidIssuedAtError` exception will be raised.

.. code-block:: python
jwt.encode({'iat': 1371720939}, 'secret')
Expand Down
2 changes: 1 addition & 1 deletion jwt/api_jwt.py
Original file line number Diff line number Diff line change
Expand Up @@ -123,7 +123,7 @@ def _validate_iat(self, payload, now, leeway):
try:
int(payload['iat'])
except ValueError:
raise DecodeError('Issued At claim (iat) must be an integer.')
raise InvalidIssuedAtError('Issued At claim (iat) must be an integer.')

def _validate_nbf(self, payload, now, leeway):
try:
Expand Down
2 changes: 1 addition & 1 deletion tests/test_api_jwt.py
Original file line number Diff line number Diff line change
Expand Up @@ -142,7 +142,7 @@ def test_decode_raises_exception_if_iat_is_not_int(self, jwt):
'eyJpYXQiOiJub3QtYW4taW50In0.'
'H1GmcQgSySa5LOKYbzGm--b1OmRbHFkyk8pq811FzZM')

with pytest.raises(DecodeError):
with pytest.raises(InvalidIssuedAtError):
jwt.decode(example_jwt, 'secret')

def test_decode_raises_exception_if_nbf_is_not_int(self, jwt):
Expand Down

0 comments on commit 3e6d9ec

Please sign in to comment.