@Test public void shouldAddNotBefore() throws Exception { String signed = JWTCreator.init() .withNotBefore(new Date(1477592000)) .sign(Algorithm.HMAC256("secret")); assertThat(signed, is(notNullValue())); assertThat(TokenUtils.splitToken(signed)[1], is("eyJuYmYiOjE0Nzc1OTJ9")); }
public static Optional<String> getToken(MCRUserInformation userInformation, String remoteIp) { ZonedDateTime currentTime = ZonedDateTime.now(ZoneOffset.UTC); return Optional.ofNullable(userInformation) .map(MCRJWTUtil::getJWTBuilder) .map(b -> { return b.withAudience(AUDIENCE) .withClaim(MCRJWTUtil.JWT_CLAIM_IP, remoteIp) .withExpiresAt(Date.from(currentTime.plusMinutes(EXPIRATION_TIME_MINUTES).toInstant())) .withNotBefore(Date.from(currentTime.minusMinutes(EXPIRATION_TIME_MINUTES).toInstant())) .sign(MCRJWTUtil.getJWTAlgorithm()); }); }
.withSubject(userId) .withAudience(oAuthBasePath) .withNotBefore(new Date(now)) .withExpiresAt(new Date(now + expiresIn * 1000)) .withClaim("scope", "signature")