Check float values of time in time_within_drift?/2 (#700)

danglduy · web-flow · commit 3f178c4b8d42 · 2022-06-15T21:00:42.000-07:00
* Check float values of `time` in `time_within_drift?/2`

* Bump version in mix.exs
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,11 @@
 # Changelog
 
+## v2.2.4
+
+### Enhancement
+
+* Check float values of `time` in `time_within_drift?/2`.
+
 ## v2.2.3
 
 ### Enhancement
diff --git a/lib/guardian/token/verify.ex b/lib/guardian/token/verify.ex
@@ -39,7 +39,7 @@ defmodule Guardian.Token.Verify do
     end
   end
 
-  @spec time_within_drift?(mod :: module, time :: pos_integer) :: true | false
+  @spec time_within_drift?(mod :: module, time :: pos_integer | float) :: true | false
   @doc """
   Checks that a time value is within the `allowed_drift` as
   configured for the provided module.
@@ -49,7 +49,7 @@ defmodule Guardian.Token.Verify do
 
   This is to deal with clock skew.
   """
-  def time_within_drift?(mod, time) when is_integer(time) do
+  def time_within_drift?(mod, time) when is_integer(time) or is_float(time) do
     allowed_drift = apply(mod, :config, [:allowed_drift, 0]) / 1000
     diff = abs(time - Guardian.timestamp())
     diff <= allowed_drift
diff --git a/mix.exs b/mix.exs
@@ -2,7 +2,7 @@ defmodule Guardian.Mixfile do
   @moduledoc false
   use Mix.Project
 
-  @version "2.2.3"
+  @version "2.2.4"
   @url "https://github.com/ueberauth/guardian"
   @maintainers [
     "Daniel Neighman",
diff --git a/test/guardian/token/jwt_test.exs b/test/guardian/token/jwt_test.exs
@@ -362,11 +362,21 @@ defmodule Guardian.Token.JwtTest do
       assert {:error, :token_expired} = Jwt.verify_claims(ctx.impl, claims, [])
     end
 
+    test "it is invalid when exp is a float and too early", ctx do
+      claims = Map.put(ctx.claims, "exp", Guardian.timestamp() * 1.0 - 1)
+      assert {:error, :token_expired} = Jwt.verify_claims(ctx.impl, claims, [])
+    end
+
     test "it is invalid when nbf is too late", ctx do
       claims = Map.put(ctx.claims, "nbf", Guardian.timestamp() + 5)
       assert {:error, :token_not_yet_valid} = Jwt.verify_claims(ctx.impl, claims, [])
     end
 
+    test "it is invalid when nbf is a float and too late", ctx do
+      claims = Map.put(ctx.claims, "nbf", Guardian.timestamp() * 1.0 + 5)
+      assert {:error, :token_not_yet_valid} = Jwt.verify_claims(ctx.impl, claims, [])
+    end
+
     test "it is invalid when the issuer is not correct", ctx do
       claims = Map.put(ctx.claims, "iss", "someone-else")
       assert {:error, :invalid_issuer} = Jwt.verify_claims(ctx.impl, claims, [])
