def validate_exp(self, now, leeway):
"""The "exp" (expiration time) claim identifies the expiration time on
or after which the JWT MUST NOT be accepted for processing. The
processing of the "exp" claim requires that the current date/time
MUST be before the expiration date/time listed in the "exp" claim.
Implementers MAY provide for some small leeway, usually no more than
a few minutes, to account for clock skew. Its value MUST be a number
containing a NumericDate value. Use of this claim is OPTIONAL.
"""
if 'exp' in self:
exp = self['exp']
if not _validate_numeric_time(exp):
raise InvalidClaimError('exp')
if exp < (now - leeway):
raise ExpiredTokenError()
def validate_exp(self, now: float = None, leeway: float = 0) -> None:
"""
Overloaded implementation of the 'validate_exp' method in the AuthLib default 'JWTClaims' class.
Differences include:
- providing default parameter values for 'now' and 'leeway' to make it easier to call this method directly
:type now: float
:param now: current time, in the form of seconds past the Unix Epoch
:type leeway: float
:param leeway: a time delta in seconds to allow for clock skew between servers (i.e. a margin of error)
"""
if now is None:
now = int(time.time())
exp = self.get('exp')
if exp:
if not isinstance(exp, int):
raise InvalidClaimError('exp')
if exp < (now - leeway):
raise ExpiredTokenError()
def test_logged_in_expired(self, mock_jwt_decode, mock_get_public_keys, auth):
mock_token = mock.MagicMock()
mock_jwt_decode.return_value = mock_token
mock_token.validate.side_effect = ExpiredTokenError()
auth._session = {"access_token": "my-token"}
assert auth.logged_in() is False