BUG#AC-9337:Revoking or invalidating previous access tokens upon generating new access token for Restapi

Rachana · Rachana · commit 76d2b7a296f6 · 2024-05-13T22:55:01.000-07:00
diff --git a/app/code/Magento/JwtUserToken/Model/RevokedValidator.php b/app/code/Magento/JwtUserToken/Model/RevokedValidator.php
@@ -40,7 +40,7 @@ public function validate(UserToken $token): void
             (int) $token->getUserContext()->getUserType(),
             (int) $token->getUserContext()->getUserId()
         );
-        if ($revoked && $token->getData()->getIssued()->getTimestamp()-1 <= $revoked->getBeforeTimestamp()) {
+        if ($revoked && $token->getData()->getIssued()->getTimestamp() <= $revoked->getBeforeTimestamp()) {
             throw new AuthorizationException(__('User token has been revoked'));
         }
     }

Original file line number	Diff line number	Diff line change
`@@ -40,7 +40,7 @@ public function validate(UserToken $token): void`
`40`	`40`	`(int) $token->getUserContext()->getUserType(),`
`41`	`41`	`(int) $token->getUserContext()->getUserId()`
`42`	`42`	`);`
`43`		`- if ($revoked && $token->getData()->getIssued()->getTimestamp()-1 <= $revoked->getBeforeTimestamp()) {`
	`43`	`+ if ($revoked && $token->getData()->getIssued()->getTimestamp() <= $revoked->getBeforeTimestamp()) {`
`44`	`44`	`throw new AuthorizationException(__('User token has been revoked'));`
`45`	`45`	`}`
`46`	`46`	`}`