Skip to content

Commit 5e9cdf4

Browse files
lbalmacedalbalmaceda
committed
update readme
1 parent 7760b2d commit 5e9cdf4

1 file changed

Lines changed: 27 additions & 8 deletions

File tree

README.md

Lines changed: 27 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -87,6 +87,33 @@ If the token has an invalid syntax or the header or payload are not JSONs, a `JW
8787
If the token has an invalid signature or the Claim requirement is not met, a `JWTVerificationException` will raise.
8888

8989

90+
#### Time Validation
91+
92+
The JWT token may include DateNumber fields that can be used to validate that:
93+
* The token was issued in a past date `"iat" < TODAY`
94+
* The token hasn't expired yet `"exp" > TODAY` and
95+
* The token can already be used. `"nbf" > TODAY`
96+
97+
When verifying a token the time validation occurs automatically, resulting in a `JWTVerificationException` being throw when the values are invalid. If any of the previous fields are missing they won't be considered in this validation.
98+
99+
To specify a **delta window** or leeway in which the Token should still be considered valid, use the `acceptTimeDelta()` method in the `JWTVerifier` builder and pass a positive milliseconds value. This applies to every item listed above.
100+
101+
```java
102+
JWTVerifier verifier = JWT.require(Algorithm.RSA256(key))
103+
.acceptTimeDelta(100) //nbf, iat and exp
104+
.build();
105+
```
106+
107+
You can also specify a custom value for a given Date claim and override the default one for only that claim.
108+
109+
```java
110+
JWTVerifier verifier = JWT.require(Algorithm.RSA256(key))
111+
.acceptTimeDelta(100) //nbf and iat
112+
.acceptExpiresAt(500) //exp
113+
.build();
114+
```
115+
116+
90117
### Registered Claims
91118

92119
#### Issuer ("iss")
@@ -145,14 +172,6 @@ Returns the JWT ID value or null if it's not defined.
145172
String id = jwt.getId();
146173
```
147174

148-
#### Time Validation
149-
150-
The JWT token may include DateNumber fields that can be used to validate that the token was issued in a past date `"iat" < TODAY` and that the expiration date is in the future `"exp" > TODAY`. This library includes a method that checks both of this fields and returns the validity of the token. If any of the fields is missing they won't be considered.
151-
152-
```java
153-
boolean isExpired = jwt.isExpired();
154-
```
155-
156175
### Private Claims
157176

158177
Additional Claims defined in the token can be obtained by calling `getClaim()` and passing the Claim name. A Claim will always be returned, even if it can't be found.

0 commit comments

Comments
 (0)