Browse Source

Fix client token generation

- Set NotBefore timestamp one minute in the past to prevent false
negative checks
- Set NotAfter timestamp 5 minutes to the future
master
William Petit 3 months ago
parent
commit
dab91eea29
1 changed files with 3 additions and 3 deletions
  1. 3
    3
      client/client.go

+ 3
- 3
client/client.go View File

@@ -9,7 +9,7 @@ import (
9 9
 	"net/http"
10 10
 	"time"
11 11
 
12
-	"github.com/dgrijalva/jwt-go"
12
+	jwt "github.com/dgrijalva/jwt-go"
13 13
 
14 14
 	peering "forge.cadoles.com/wpetit/go-http-peering"
15 15
 	"forge.cadoles.com/wpetit/go-http-peering/crypto"
@@ -153,8 +153,8 @@ func (c *Client) addClientToken(r *http.Request, body []byte) error {
153 153
 
154 154
 	token := jwt.NewWithClaims(jwt.SigningMethodRS256, peering.ClientTokenClaims{
155 155
 		StandardClaims: jwt.StandardClaims{
156
-			NotBefore: time.Now().Unix(),
157
-			ExpiresAt: time.Now().Add(time.Minute * 10).Unix(),
156
+			NotBefore: time.Now().Add(time.Minute * -1).Unix(),
157
+			ExpiresAt: time.Now().Add(time.Minute * 5).Unix(),
158 158
 		},
159 159
 		BodySum: bodySum,
160 160
 	})

Loading…
Cancel
Save