How can I adjust how much time variation the JWTVerifier will tolerate?
I see some reference to a defaultLeeway in JWTVerifier.Verification in the java library but I don't see any way to actually set it short of recreating half a dozen classes.
How can I adjust how much time variation the JWTVerifier will tolerate?
I see some reference to a defaultLeeway in JWTVerifier.Verification in the java library but I don't see any way to actually set it short of recreating half a dozen classes.
Hi @bradmac
Though I could not understand your concern really well, still on doing a bit of research I found that there is the support to set leeway in the JWTVerfier class
Here is the reference :
/**
* Define the default window in seconds in which the Not Before, Issued At and Expires At Claims will still be valid.
* Setting a specific leeway value on a given Claim will override this value for that Claim.
*
* @param leeway the window in seconds in which the Not Before, Issued At and Expires At Claims will still be valid.
* @return this same Verification instance.
* @throws IllegalArgumentException if leeway is negative.
*/
@Override
public Verification acceptLeeway(long leeway) throws IllegalArgumentException {
assertPositive(leeway);
this.defaultLeeway = leeway;
return this;
}
For more info please visit : [java-jwt/JWTVerifier.java at master · auth0/java-jwt · GitHub] (JWTVerifier)