From f975cf38e0f0ec8a8f4b1a0c468bfb3da753e7fb Mon Sep 17 00:00:00 2001 From: Derrick Hammer Date: Mon, 12 Feb 2024 02:19:09 -0500 Subject: [PATCH] fix: need to override claim validation to convert string exp to unix --- api/middleware.go | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git a/api/middleware.go b/api/middleware.go index 76ba44b..82ede60 100644 --- a/api/middleware.go +++ b/api/middleware.go @@ -17,6 +17,7 @@ import ( "net/http" "strconv" "strings" + "time" ) const AUTHED_CONTEXT_KEY = "authed" @@ -25,11 +26,27 @@ const WEBHOOK_CONTEXT_KEY = "webhook" const AuthCookieName = "auth-token" +var _ = jwt.Claims(&standardClaims{}) + type standardClaims struct { - Issuer any `json:"iss,omitempty"` + Issuer any `json:"iss,omitempty"` + ExpiresAt any `json:"exp,omitempty"` jwt.StandardClaims } +func (s *standardClaims) Valid() error { + if timeStr, ok := s.ExpiresAt.(string); ok { + t, err := time.Parse(time.RFC3339Nano, timeStr) + if err != nil { + return err + } + + unixTimestamp := t.Unix() + s.ExpiresAt = unixTimestamp + } + return s.StandardClaims.Valid() +} + func findAuthToken(r *http.Request) string { authHeader := parseAuthTokenHeader(r.Header)