- changed status to resolved
Allow to inject a current time provider into DefaultJWTClaimsVerifier
Issue #410
resolved
The DefaultJWTClaimsVerifier.verify(JWTClaimsSet claimsSet, final C context)
method is currently using the current system time obtained with new Date()
To reduce side effects in testing, and also with app is running on its own clock it would be beneficial to allow to override system time using a time provider, e.g. java.time.Clock
or similar.
Perhaps either add time provider into the DefaultJWTClaimsVerifier
or add a new method into the SecurityContext
Comments (1)
-
- Log in to comment
Addressed in PR #86, released in v9.14.