Fix client token generation

- Set NotBefore timestamp one minute in the past to prevent false
negative checks
- Set NotAfter timestamp 5 minutes to the future
This commit is contained in:
wpetit 2019-05-10 13:44:29 +02:00
parent fbb2381b14
commit dab91eea29
1 changed files with 3 additions and 3 deletions

View File

@ -9,7 +9,7 @@ import (
"net/http" "net/http"
"time" "time"
"github.com/dgrijalva/jwt-go" jwt "github.com/dgrijalva/jwt-go"
peering "forge.cadoles.com/wpetit/go-http-peering" peering "forge.cadoles.com/wpetit/go-http-peering"
"forge.cadoles.com/wpetit/go-http-peering/crypto" "forge.cadoles.com/wpetit/go-http-peering/crypto"
@ -153,8 +153,8 @@ func (c *Client) addClientToken(r *http.Request, body []byte) error {
token := jwt.NewWithClaims(jwt.SigningMethodRS256, peering.ClientTokenClaims{ token := jwt.NewWithClaims(jwt.SigningMethodRS256, peering.ClientTokenClaims{
StandardClaims: jwt.StandardClaims{ StandardClaims: jwt.StandardClaims{
NotBefore: time.Now().Unix(), NotBefore: time.Now().Add(time.Minute * -1).Unix(),
ExpiresAt: time.Now().Add(time.Minute * 10).Unix(), ExpiresAt: time.Now().Add(time.Minute * 5).Unix(),
}, },
BodySum: bodySum, BodySum: bodySum,
}) })