-
Notifications
You must be signed in to change notification settings - Fork 18
Allow leeway when validating iat and nbf claims #12
Conversation
Let me resolve these conflicts. I see the previous compilation issue was due to non existing Go 1.12 support for |
Hi @anderslauri - Thanks for the PR. We initially forked this repository to fix the security vulnrability mentioned here: dgrijalva#422 as the library author was unresponsive. After some time the owner has responded and is discussing transferring ownership of the repository to a group of people who have track record maintaining OSS projects. Here's discussion over the changes dgrijalva#462. It's likely that Form3 will migrate over to using the upstream project again and recommend people also move to a community maintained project. I will do a review of this PR and look to create a release for you to use with this functionality, but be warned that the group of new maintainers may not want this functionality and may not include it in future versions. |
Thanks for the reply! I fear that this will still not be usuable because of dgrijalva#458 |
nevermind - this should work. Had a pointer error |
Ill cut a release when I'm back at my work computer. Thanks for the contribution |
Any updates here? We are currently using the forked version of Anders and would love to switch back to this library if possible |
It would probably be advisable to remake this PR in the new maintenance repository. Please see dgrijalva#462 |
Right. Thank you. Looks like this fork did evolve into a project. I will have look and provide a PR. |
This fork is now archived. |
This PR enables support for
leeway
through a defined interface, the underlying claims implementation can opt to implement this interface, as is the case ofStandardClaims
. Fairly basic and small change of scope. I did not apply changes forMapClaims
although I did to provide an attempt however the scope change would be to major.Please provide feedback. Thank you.