Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: support custom TimeProvider when validating tokens (introspect, userinfo) #730

Merged
merged 2 commits into from
Aug 21, 2024
Merged

feat: support custom TimeProvider when validating tokens (introspect, userinfo) #730

merged 2 commits into from
Aug 21, 2024

Conversation

tommytroen
Copy link
Collaborator

Currently we only verify tokens issued from the server in the UserInfo and Introspection endpoints (other endpoints simply use the token as is without verification). This should fix #700 by using new verify function from the OAuth2TokenProvider class.

  • add verify function to OAuth2TokenProvider and use the TimeProvider if set - i.e. via overriding Nimbus DefaultJWTClaimsVerifier's currentTime function
  • refactor tests for simplicity

@tommytroen tommytroen requested a review from a team as a code owner August 20, 2024 07:55
@tommytroen tommytroen force-pushed the feat_verify_with_timeprovider branch from 540b611 to 36ca7a8 Compare August 20, 2024 08:41
@tommytroen
feat: support custom TimeProvider when validating tokens
7a0a8e1 
* add verify function to OAuth2TokenProvider and use the TimeProvider if set - i.e. via overriding Nimbus DefaultJWTClaimsVerifier's currentTime function
* refactor tests for simplicity
@tommytroen tommytroen force-pushed the feat_verify_with_timeprovider branch from 36ca7a8 to 7a0a8e1 Compare August 20, 2024 08:45
@tommytroen
fix: use jwkSelector when returning keys in KeyProvider
2e85e4e 
* necessary to use jwkSelector to only get keys for supported algorithm
* use Instant.now for currentTime when TimeProvider not set
* formatting
@tommytroen tommytroen mentioned this pull request Aug 20, 2024
Closed
@tommytroen tommytroen merged commit 5fe5d8e into master Aug 21, 2024
3 checks passed
@tommytroen tommytroen deleted the feat_verify_with_timeprovider branch August 21, 2024 06:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ybelMekk ybelMekk Awaiting requested review from ybelMekk

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Validation of tokens doesn't consider OAuth2Config.tokenProvider.systemTime
1 participant
@tommytroen