Re: Perl version of python-jose (Javascript Object Signing and Encryption)?

by tangent (Parson)

on Sep 10, 2019 at 23:19 UTC ( [id://11105994]=note: print w/replies, xml )

Need Help??

Looking through the github docs I notice that the payload has an 'exp' attribute (expiration time) which the python script deals with like so:

if time.time() > claims['exp']:
    print('Token is expired')
    return False
[download]

Using Crypt::JWT you need to specify what to do with 'exp' by passing a value for 'verify_exp':

verify_exp
undef (default) - Expiration Time 'exp' claim must be valid if present
0 - ignore 'exp' claim
1 - require valid 'exp' claim

If the payload has 'exp' and your arguments to decode_jwt() do not contain 'verify_exp' then you get the error you describe. You could try:

my $data = decode_jwt(token=>$token, kid_keys=>$keylist, verify_exp=>1
+);
[download]

Comment on Re: Perl version of python-jose (Javascript Object Signing and Encryption)? Select or Download Code

Replies are listed 'Best First'.
Re^2: Perl version of python-jose (Javascript Object Signing and Encryption)? by scorpio17 (Canon) on Sep 11, 2019 at 12:47 UTC
That was it! The test token had expired, so to ignore that and decode it anyway, I needed verify_exp=>0. I knew I was probably overlooking something simple- thank you so much!	[reply]

Domain Nodelet^?

Node Status^?

node history
Node Type: note [id://11105994]
help

Chatterbox^?

How do I use this? • Last hour • Other CB clients

Other Users^?

Others scrutinizing the Monastery: (6)

As of 2024-04-23 17:20 GMT

Sections^?

Information^?

Find Nodes^?

Leftovers^?

Voting Booth^?

No recent polls found