zhouxy108/hutool
1
0
Fork 0
mirror of https://gitee.com/chinabugotech/hutool.git synced 2025-07-21 15:09:48 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix bug

Browse Source
This commit is contained in:
Looly
2022-05-16 18:39:42 +08:00
parent ef64cc9a41
commit 1faf7ff519
2 changed files with 21 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
hutool-json/src/main/java/cn/hutool/json/jwt/JWTValidator.java
View File

@@ -218,11 +218,13 @@ public class JWTValidator {
* @param leeway 容忍空间,单位:秒。向后容忍 * @param leeway 容忍空间,单位:秒。向后容忍
* @throws ValidateException 验证异常 * @throws ValidateException 验证异常
*/ */
private static void validateNotAfter(final String fieldName, final Date dateToCheck, final Date now, final long leeway) throws ValidateException { private static void validateNotAfter(final String fieldName, final Date dateToCheck, Date now, final long leeway) throws ValidateException {
if (null == dateToCheck) { if (null == dateToCheck) {
return; return;
} }
now.setTime(now.getTime() + leeway * 1000); if(leeway > 0){
now = DateUtil.date(now.getTime() + leeway * 1000);
}
if (dateToCheck.after(now)) { if (dateToCheck.after(now)) {
throw new ValidateException("'{}':[{}] is after now:[{}]", throw new ValidateException("'{}':[{}] is after now:[{}]",
fieldName, DateUtil.date(dateToCheck), DateUtil.date(now)); fieldName, DateUtil.date(dateToCheck), DateUtil.date(now));

17
hutool-json/src/test/java/cn/hutool/json/jwt/JWTValidatorTest.java
View File

@@ -6,6 +6,8 @@ import cn.hutool.json.jwt.signers.JWTSignerUtil;
import org.junit.Assert; import org.junit.Assert;
import org.junit.Test; import org.junit.Test;
import java.util.Date;
public class JWTValidatorTest { public class JWTValidatorTest {
@Test(expected = ValidateException.class) @Test(expected = ValidateException.class)
@@ -79,4 +81,19 @@ public class JWTValidatorTest {
JWTValidator.of(jwt).validateDate(DateUtil.date()); JWTValidator.of(jwt).validateDate(DateUtil.date());
} }
@Test
public void issue2329Test(){
final long NOW = System.currentTimeMillis();
final Date NOW_TIME = new Date(NOW);
final long EXPIRED = 3 * 1000L;
final Date EXPIRED_TIME = new Date(NOW + EXPIRED);
// 使用这种方式生成token
final String token = JWT.create().setPayload("sub", "blue-light").setIssuedAt(NOW_TIME).setNotBefore(EXPIRED_TIME)
.setExpiresAt(EXPIRED_TIME).setKey("123456".getBytes()).sign();
// 使用这种方式验证token
JWTValidator.of(JWT.of(token)).validateDate(DateUtil.date(NOW + 4000), 10);
}
} }