larryh/corso
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
corso/src/internal/common/jwt/jwt.go
Abhishek Pandey 3784269f04
Add logic to check if the JWT token has expired (#4417) 
<!-- PR description-->
**Changes**
* Introduce jwt expiry checks, to be used in a later PR. Based off @vkamra's idea. 
* Add an url parsing helper func to extract the value of specified query param(e.g. `tempauth`).
* Unit tests for both above.


---

#### Does this PR need a docs update or release note?

- [ ]  Yes, it's included
- [x] 🕐 Yes, but in a later PR
- [ ]  No

#### Type of change

<!--- Please check the type of change your PR introduces: --->
- [ ] 🌻 Feature
- [ ] 🐛 Bugfix
- [ ] 🗺️ Documentation
- [ ] 🤖 Supportability/Tests
- [ ] 💻 CI/Deployment
- [ ] 🧹 Tech Debt/Cleanup
- [x] Optimization

#### Issue(s)

<!-- Can reference multiple issues. Use one of the following "magic words" - "closes, fixes" to auto-close the Github issue. -->
* internal

#### Test Plan

<!-- How will this be tested prior to merging.-->
- [ ] 💪 Manual
- [x]  Unit test
- [ ] 💚 E2E
2023-10-09 10:06:00 +00:00

40 lines
1.0 KiB
Go
Raw Blame History

package jwt
import (
"time"
"github.com/alcionai/clues"
jwt "github.com/golang-jwt/jwt/v5"
)
// IsJWTExpired checks if the JWT token is past expiry by analyzing the
// "exp" claim present in the token. Token is considered expired if "exp"
// claim < current time. Missing "exp" claim is considered as non-expired.
// An error is returned if the supplied token is malformed.
func IsJWTExpired(
rawToken string,
) (bool, error) {
p := jwt.NewParser()
// Note: Call to ParseUnverified is intentional since token verification is
// not our objective. We only care about the embed claims in the token.
// We assume the token signature is valid & verified by caller stack.
token, _, err := p.ParseUnverified(rawToken, &jwt.RegisteredClaims{})
if err != nil {
return false, clues.Wrap(err, "invalid jwt")
}
t, err := token.Claims.GetExpirationTime()
if err != nil {
return false, clues.Wrap(err, "getting token expiry time")
}
if t == nil {
return false, nil
}
expired := t.Before(time.Now())
return expired, nil
}
Reference in New Issue View Git Blame Copy Permalink