class JWT::Claims::Expiration

The Expiration class is responsible for validating the expiration claim ('exp') in a JWT token.

Attributes

leeway[R]

Public Class Methods

new(leeway:) click to toggle source

Initializes a new Expiration instance.

@param leeway [Integer] the amount of leeway (in seconds) to allow when validating the expiration time. Default: 0.

# File lib/jwt/claims/expiration.rb, line 10
def initialize(leeway:)
  @leeway = leeway || 0
end

Public Instance Methods

verify!(context:, **_args) click to toggle source

Verifies the expiration claim ('exp') in the JWT token.

@param context [Object] the context containing the JWT payload. @param _args [Hash] additional arguments (not used). @raise [JWT::ExpiredSignature] if the token has expired. @return [nil]

# File lib/jwt/claims/expiration.rb, line 20
def verify!(context:, **_args)
  return unless context.payload.is_a?(Hash)
  return unless context.payload.key?('exp')

  raise JWT::ExpiredSignature, 'Signature has expired' if context.payload['exp'].to_i <= (Time.now.to_i - leeway)
end