diff options
Diffstat (limited to 'Authentication/JWT.php')
| -rw-r--r-- | Authentication/JWT.php | 12 |
1 files changed, 7 insertions, 5 deletions
diff --git a/Authentication/JWT.php b/Authentication/JWT.php index 5f319e3..e65dc50 100644 --- a/Authentication/JWT.php +++ b/Authentication/JWT.php @@ -17,9 +17,11 @@ class JWT { /** - * When cheking nbf, iat or expiration times, we want to provide some extra leeway time to account for clock skew. + * When checking nbf, iat or expiration times, + * we want to provide some extra leeway time to + * account for clock skew. */ - const LEEWAYTIME = 60; + public static $leeway = 0; public static $supported_algs = array( 'HS256' => array('hash_hmac', 'SHA256'), @@ -86,7 +88,7 @@ class JWT // Check if the nbf if it is defined. This is the time that the // token can actually be used. If it's not yet that time, abort. - if (isset($payload->nbf) && $payload->nbf > (time() + self::LEEWAYTIME)) { + if (isset($payload->nbf) && $payload->nbf > (time() + self::$leeway)) { throw new BeforeValidException( 'Cannot handle token prior to ' . date(DateTime::ISO8601, $payload->nbf) ); @@ -95,14 +97,14 @@ class JWT // Check that this token has been created before 'now'. This prevents // using tokens that have been created for later use (and haven't // correctly used the nbf claim). - if (isset($payload->iat) && $payload->iat > (time() + self::LEEWAYTIME)) { + if (isset($payload->iat) && $payload->iat > (time() + self::$leeway)) { throw new BeforeValidException( 'Cannot handle token prior to ' . date(DateTime::ISO8601, $payload->iat) ); } // Check if this token has expired. - if (isset($payload->exp) && (time() - self::LEEWAYTIME) >= $payload->exp) { + if (isset($payload->exp) && (time() - self::$leeway) >= $payload->exp) { throw new ExpiredException('Expired token'); } } |