Skip to content

Commit

Permalink
[spec] rspec to test that strings containing exp/nbf/iat are not
Browse files Browse the repository at this point in the history
validated
  • Loading branch information
GobinathAL authored and anakinj committed Jul 29, 2023
1 parent dbcb028 commit 6951436
Showing 1 changed file with 13 additions and 0 deletions.
13 changes: 13 additions & 0 deletions spec/jwt/verify_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@

RSpec.describe ::JWT::Verify do
let(:base_payload) { { 'user_id' => 'some@user.tld' } }
let(:string_payload) { 'beautyexperts_nbf_iat' }
let(:options) { { leeway: 0 } }

context '.verify_aud(payload, options)' do
Expand Down Expand Up @@ -64,6 +65,10 @@
end.to raise_error JWT::ExpiredSignature
end

it 'must not consider string containing exp as expired' do
expect(described_class.verify_expiration(string_payload, options)).to eq(nil)
end

context 'when leeway is not specified' do
let(:options) { {} }

Expand Down Expand Up @@ -103,6 +108,10 @@
described_class.verify_iat(payload.merge('iat' => (iat + 120)), options)
end.to raise_error JWT::InvalidIatError
end

it 'must not validate if the payload is a string containing iat' do
expect(described_class.verify_iat(string_payload, options)).to eq(nil)
end
end

context '.verify_iss(payload, options)' do
Expand Down Expand Up @@ -265,6 +274,10 @@ def issuer_start_with_ruby?(issuer)
it 'must allow some leeway in the token age when nbf_leeway is configured' do
described_class.verify_not_before(payload, options.merge(nbf_leeway: 10))
end

it 'must not validate if the payload is a string containing iat' do
expect(described_class.verify_not_before(string_payload, options)).to eq(nil)
end
end

context '.verify_sub(payload, options)' do
Expand Down

0 comments on commit 6951436

Please sign in to comment.