From dee98cd5fc522002b483653826b84cba2d582fa3 Mon Sep 17 00:00:00 2001 From: Robin Chalas Date: Wed, 20 Jan 2021 16:58:38 +0100 Subject: [PATCH] Fix creating tokens when iat is already set in the payload --- Services/JWSProvider/LcobucciJWSProvider.php | 7 +++++-- Tests/Services/JWSProvider/AbstractJWSProviderTest.php | 2 +- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/Services/JWSProvider/LcobucciJWSProvider.php b/Services/JWSProvider/LcobucciJWSProvider.php index c9b51f0d..48ff9bc7 100644 --- a/Services/JWSProvider/LcobucciJWSProvider.php +++ b/Services/JWSProvider/LcobucciJWSProvider.php @@ -111,10 +111,13 @@ public function create(array $payload, array $header = []) $now = time(); + $issuedAt = isset($payload['iat']) ? $payload['iat'] : $now; + unset($payload['iat']); + if ($this->legacyJWTApi) { - $jws->setIssuedAt($now); + $jws->setIssuedAt($issuedAt); } else { - $jws->issuedAt($this->useDateObjects ? new \DateTimeImmutable("@{$now}") : $now); + $jws->issuedAt($this->useDateObjects && !$issuedAt instanceof \DateTimeImmutable ? new \DateTimeImmutable("@{$issuedAt}") : $issuedAt); } if (null !== $this->ttl || isset($payload['exp'])) { diff --git a/Tests/Services/JWSProvider/AbstractJWSProviderTest.php b/Tests/Services/JWSProvider/AbstractJWSProviderTest.php index 7f4e0ba5..06f69a87 100644 --- a/Tests/Services/JWSProvider/AbstractJWSProviderTest.php +++ b/Tests/Services/JWSProvider/AbstractJWSProviderTest.php @@ -79,7 +79,7 @@ public function testCreate() ->method('getPassphrase') ->willReturn('foobar'); - $payload = ['username' => 'chalasr']; + $payload = ['username' => 'chalasr', 'iat' => time()]; $jwsProvider = new static::$providerClass($keyLoaderMock, 'openssl', 'RS384', 3600, 0); $this->assertInstanceOf(CreatedJWS::class, $created = $jwsProvider->create($payload));