Merge pull request auth0#155 from Spyna/master

lbalmaceda · web-flow · commit f5cf048e6362 · 2017-04-12T15:04:25.000-03:00
Add token expiration dedicated exception
diff --git a/lib/src/main/java/com/auth0/jwt/JWTVerifier.java b/lib/src/main/java/com/auth0/jwt/JWTVerifier.java
@@ -5,6 +5,7 @@
 import com.auth0.jwt.exceptions.InvalidClaimException;
 import com.auth0.jwt.exceptions.JWTVerificationException;
 import com.auth0.jwt.exceptions.SignatureVerificationException;
+import com.auth0.jwt.exceptions.TokenExpiredException;
 import com.auth0.jwt.impl.PublicClaims;
 import com.auth0.jwt.interfaces.Claim;
 import com.auth0.jwt.interfaces.Clock;
@@ -417,23 +418,31 @@ private void assertValidStringClaim(String claimName, String value, String expec
     }
 
     private void assertValidDateClaim(Date date, long leeway, boolean shouldBeFuture) {
-        Date today = clock.getToday();
-        today.setTime((long) Math.floor((today.getTime() / 1000) * 1000)); //truncate millis
-        boolean isValid;
-        String errMessage;
-        if (shouldBeFuture) {
-            today.setTime(today.getTime() - leeway * 1000);
-            isValid = date == null || !today.after(date);
-            errMessage = String.format("The Token has expired on %s.", date);
-        } else {
-            today.setTime(today.getTime() + leeway * 1000);
-            isValid = date == null || !today.before(date);
-            errMessage = String.format("The Token can't be used before %s.", date);
-        }
-        if (!isValid) {
-            throw new InvalidClaimException(errMessage);
-        }
-    }
+		Date today = clock.getToday();
+		today.setTime((long) Math.floor((today.getTime() / 1000) * 1000)); // truncate
+																		  // millis
+		if (shouldBeFuture) {
+			assertDateIsFuture(date, leeway, today);
+		} else {
+			assertDateIsPast(date, leeway, today);
+		}
+	}
+
+	private void assertDateIsFuture(Date date, long leeway, Date today) {
+		
+		today.setTime(today.getTime() - leeway * 1000);
+		if (date != null && today.after(date)) {
+			throw new TokenExpiredException(String.format("The Token has expired on %s.", date));
+		}
+	}
+	
+	private void assertDateIsPast(Date date, long leeway, Date today) {
+		today.setTime(today.getTime() + leeway * 1000);
+		if(date!=null && today.before(date)) {
+			throw new InvalidClaimException(String.format("The Token can't be used before %s.", date));
+		}
+		
+	}
 
     private void assertValidAudienceClaim(List<String> audience, List<String> value) {
         if (audience == null || !audience.containsAll(value)) {
diff --git a/lib/src/main/java/com/auth0/jwt/exceptions/TokenExpiredException.java b/lib/src/main/java/com/auth0/jwt/exceptions/TokenExpiredException.java
@@ -0,0 +1,10 @@
+package com.auth0.jwt.exceptions;
+
+public class TokenExpiredException extends JWTVerificationException {
+	
+	private static final long serialVersionUID = -7076928975713577708L;
+
+	public TokenExpiredException(String message) {
+		super(message);
+	}
+}
diff --git a/lib/src/test/java/com/auth0/jwt/JWTVerifierTest.java b/lib/src/test/java/com/auth0/jwt/JWTVerifierTest.java
@@ -3,6 +3,7 @@
 import com.auth0.jwt.algorithms.Algorithm;
 import com.auth0.jwt.exceptions.AlgorithmMismatchException;
 import com.auth0.jwt.exceptions.InvalidClaimException;
+import com.auth0.jwt.exceptions.TokenExpiredException;
 import com.auth0.jwt.interfaces.Clock;
 import com.auth0.jwt.interfaces.DecodedJWT;
 import org.junit.Rule;
@@ -392,7 +393,7 @@ public void shouldValidateExpiresAtIfPresent() throws Exception {
 
     @Test
     public void shouldThrowOnInvalidExpiresAtIfPresent() throws Exception {
-        exception.expect(InvalidClaimException.class);
+        exception.expect(TokenExpiredException.class);
         exception.expectMessage(startsWith("The Token has expired on"));
         Clock clock = mock(Clock.class);
         when(clock.getToday()).thenReturn(new Date(DATE_TOKEN_MS_VALUE + 1000));
