diff options
-rw-r--r-- | CHANGELOG.rst | 1 | ||||
-rw-r--r-- | jwt/api_jwt.py | 3 | ||||
-rw-r--r-- | tests/test_api_jwt.py | 7 |
3 files changed, 9 insertions, 2 deletions
diff --git a/CHANGELOG.rst b/CHANGELOG.rst index 3c69338..12117ec 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -16,6 +16,7 @@ Fixed ~~~~~ - Add classifier for Python 3.11 by @eseifert in `#818 <https://github.com/jpadilla/pyjwt/pull/818>`_ +- Fix ``_validate_iat`` validation by @Viicos in `#847 <https://github.com/jpadilla/pyjwt/pull/847>`_ Added ~~~~~ diff --git a/jwt/api_jwt.py b/jwt/api_jwt.py index fd8a8bf..5664949 100644 --- a/jwt/api_jwt.py +++ b/jwt/api_jwt.py @@ -265,9 +265,8 @@ class PyJWT: now: float, leeway: float, ) -> None: - iat = payload["iat"] try: - int(iat) + iat = int(payload["iat"]) except ValueError: raise InvalidIssuedAtError("Issued At claim (iat) must be an integer.") if iat > (now + leeway): diff --git a/tests/test_api_jwt.py b/tests/test_api_jwt.py index d74973d..24ed240 100644 --- a/tests/test_api_jwt.py +++ b/tests/test_api_jwt.py @@ -227,6 +227,13 @@ class TestJWT: with pytest.raises(ImmatureSignatureError): jwt.decode(jwt_message, secret, algorithms=["HS256"]) + def test_decode_works_if_iat_is_str_of_a_number(self, jwt, payload): + payload["iat"] = "1638202770" + secret = "secret" + jwt_message = jwt.encode(payload, secret) + data = jwt.decode(jwt_message, secret, algorithms=["HS256"]) + assert data["iat"] == "1638202770" + def test_decode_raises_exception_if_nbf_is_not_int(self, jwt): # >>> jwt.encode({'nbf': 'not-an-int'}, 'secret') example_jwt = ( |