Token constructor method should not throw if token has expired

[NPellet]

So I'm struggling a bit with the general workflow.

I'm trying to recreate the AccessToken from my PHP Session, but when the token is expired, the constructor throws a JWT\ExpiredException

which means I don't have access to the the hasExpired() method, and therefore also not to the refresh token. I can get it from the raw data, but if the implementation of the structure changes my code will break.

IMHO the constructor should not throw when the token is expired.

[hajekj]

I agree that this is definitely incorrect behavior and quite unfortunate. This change would require quite a complex change in the token validation scenario when you receive the token as a result of authorization flow. I will try to look into the ways to improve this.