Skip to content

Commit

Permalink
fix: validate iat and nbf on payload
Browse files Browse the repository at this point in the history
  • Loading branch information
christiandavilakoobin authored and Azure Pipeplines CI committed Jun 21, 2024
1 parent 500501c commit f4b20e0
Showing 1 changed file with 11 additions and 1 deletion.
12 changes: 11 additions & 1 deletion src/JWT.php
Original file line number Diff line number Diff line change
Expand Up @@ -127,6 +127,16 @@ public static function decode(
if (!$payload instanceof stdClass) {
throw new UnexpectedValueException('Payload must be a JSON object');
}
if (isset($payload->iat) && !\is_numeric($payload->iat)) {
throw new UnexpectedValueException('Payload iat must be a number');
}
if (isset($payload->nbf) && !\is_numeric($payload->nbf)) {
throw new UnexpectedValueException('Payload nbf must be a number');
}
if (isset($payload->exp) && !\is_numeric($payload->exp)) {
throw new UnexpectedValueException('Payload exp must be a number');
}

$sig = static::urlsafeB64Decode($cryptob64);
if (empty($header->alg)) {
throw new UnexpectedValueException('Empty algorithm');
Expand Down Expand Up @@ -172,7 +182,7 @@ public static function decode(
}

// Check if this token has expired.
if (isset($payload->exp) && ($timestamp - static::$leeway) >= $payload->exp) {
if (isset($payload->exp) && floor($payload->exp) && ($timestamp - static::$leeway) >= $payload->exp) {
$ex = new ExpiredException('Expired token');
$ex->setPayload($payload);
throw $ex;
Expand Down

0 comments on commit f4b20e0

Please sign in to comment.