Google Git
Sign in
edge/third_party/SermoDigital/jose/c11df4ab46a19c69b087529281ef8aa480ce9294^!/.
commit
c11df4ab46a19c69b087529281ef8aa480ce9294
[log]
author
Eric Lagergren <ericscottlagergren@gmail.com>
Mon Oct 05 15:41:01 2015 -0700
committer
Eric Lagergren <ericscottlagergren@gmail.com>
Mon Oct 05 15:41:01 2015 -0700
tree
3ac8dd25e465cd6efb74ecb71febfe6406e3abc1
parent
608d3ba03f2110986006014320b149b9ef80f13f [diff]
jwt: claims.go/jwt.go - added proper range checking

diff --git a/jwt/claims.go b/jwt/claims.go
index 32d499f..2f4f2e1 100644
--- a/jwt/claims.go
+++ b/jwt/claims.go

@@ -27,8 +27,8 @@
 	return nil
 }
 
-func within(cur, delta, max float64) bool {
-	return cur+delta < max || cur-delta < max
+func within(val, delta, max float64) bool {
+	return val > max+delta || val > max-delta
 }
 
 // Get retrieves the value corresponding with key from the Claims.

diff --git a/jwt/jwt.go b/jwt/jwt.go
index dbbf03d..ed41220 100644
--- a/jwt/jwt.go
+++ b/jwt/jwt.go

@@ -1,10 +1,6 @@
 package jwt
 
-import (
-	"fmt"
-
-	"github.com/SermoDigital/jose/crypto"
-)
+import "github.com/SermoDigital/jose/crypto"
 
 // JWT represents a JWT per RFC 7519.
 // It's described as an interface instead of a physical structure
@@ -59,7 +55,6 @@
 func (v *Validator) Validate(j JWT) error {
 	if iss, ok := v.Expected.Issuer(); ok &&
 		j.Claims().Get("iss") != iss {
-		fmt.Println(iss, j.Claims().Get("iss"))
 		return ErrInvalidISSClaim
 	}
 	if sub, ok := v.Expected.Subject(); ok &&