Merge pull request #28 from zgiber/fix-iat-validation use GetTime when validating "iat" claim

commit: 472ccf5a9421093baa7d937fd0933915f9d500f4 [log] [tgz]
author: Eric Lagergren <ericscottlagergren@gmail.com> Tue Nov 01 11:13:38 2016 -0700
committer: GitHub <noreply@github.com> Tue Nov 01 11:13:38 2016 -0700
tree: 52397f2fbc7f80c225e35e7575cc5a82b8b6da3b
parent: b10f12c5188d355a3eacc61aba9abd3eb6b3b787 [diff]
parent: 8c6758c2c6a90bcccde42ab364ff32a74faa886c [diff]
diff --git a/jwt/jwt.go b/jwt/jwt.go
index d29c43a..feb1712 100644
--- a/jwt/jwt.go
+++ b/jwt/jwt.go

@@ -59,9 +59,10 @@
 		j.Claims().Get("sub") != sub {
 		return ErrInvalidSUBClaim
 	}
-	if iat, ok := v.Expected.IssuedAt(); ok &&
-		j.Claims().Get("iat") != iat {
-		return ErrInvalidIATClaim
+	if iat, ok := v.Expected.IssuedAt(); ok {
+		if t, ok := j.Claims().GetTime("iat"); !t.Equal(iat) || !ok {
+			return ErrInvalidIATClaim
+		}
 	}
 	if jti, ok := v.Expected.JWTID(); ok &&
 		j.Claims().Get("jti") != jti {
commit	472ccf5a9421093baa7d937fd0933915f9d500f4	[log] [tgz]
author	Eric Lagergren <ericscottlagergren@gmail.com>	Tue Nov 01 11:13:38 2016 -0700
committer	GitHub <noreply@github.com>	Tue Nov 01 11:13:38 2016 -0700
tree	52397f2fbc7f80c225e35e7575cc5a82b8b6da3b
parent	b10f12c5188d355a3eacc61aba9abd3eb6b3b787 [diff]
parent	8c6758c2c6a90bcccde42ab364ff32a74faa886c [diff]