diff options
author | William Edmisten <91079455+wcedmisten-reify@users.noreply.github.com> | 2022-09-23 07:14:12 -0400 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-09-23 17:14:12 +0600 |
commit | 8ccb8258508721f67fb3bb0678080111ef22d6d3 (patch) | |
tree | 9fa27a2f39261286cf13cc038219fd23a7677e10 | |
parent | 1cba0db67870b80ab386476e96657c2098ff5816 (diff) | |
download | pyjwt-8ccb8258508721f67fb3bb0678080111ef22d6d3.tar.gz |
Invalidate exp when exp == now() (#797)
* Invalidate exp when exp == now()
* Update changelog
-rw-r--r-- | CHANGELOG.rst | 2 | ||||
-rw-r--r-- | jwt/api_jwt.py | 2 |
2 files changed, 3 insertions, 1 deletions
diff --git a/CHANGELOG.rst b/CHANGELOG.rst index fb936fd..2432203 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -13,6 +13,8 @@ Changed Fixed ~~~~~ +- Invalidate token on the exact second the token expires `#797 <https://github.com/jpadilla/pyjwt/pull/797>`_ + Added ~~~~~ diff --git a/jwt/api_jwt.py b/jwt/api_jwt.py index 91a6d2e..a391793 100644 --- a/jwt/api_jwt.py +++ b/jwt/api_jwt.py @@ -230,7 +230,7 @@ class PyJWT: except ValueError: raise DecodeError("Expiration Time claim (exp) must be an" " integer.") - if exp < (now - leeway): + if exp <= (now - leeway): raise ExpiredSignatureError("Signature has expired") def _validate_aud(self, payload, audience): |