JWTClaimsSet: milliseconds vs seconds issue
Issue #35
resolved
Hi,
While using this library to verify tokens generated by a Python library we get expired tokens. It appears that JWTClaimsSet interprets iat / nbf / exp claims as milliseconds since epoch, whereas our Python code sets them as seconds since epoch.
Quoting the JWT specification at http://tools.ietf.org/html/draft-ietf-oauth-json-web-token-06, "IntDate A JSON numeric value representing the number of seconds from 1970-01-01T0:0:0Z UTC until the specified UTC date/time. See RFC 3339 [RFC3339] for details regarding date/times in general and UTC in particular.", so it seems the Python code is correct here.
Thanks, Jochem Berndsen
Comments (3)
-
-
- changed status to resolved
Hi Jochem,
I just produced a fix (see commit 5d053dd ) and updated the JWT tests for that, which should be released with the next library version.
Thanks again for reporting that!
Vladimir
-
Hi Vladimir,
Awesome, thank you for the very quick turnaround!
Thanks, Jochem
- Log in to comment
Thanks for reporting this issue, I'll look at it now.