Allow to Check expiration of JWT Token

gofr-dev / gofr

An opinionated GoLang framework for accelerated microservice development. Built in support for databases and observability.

https://gofr.dev

Apache License 2.0

3.6k stars 236 forks source link

Allow to Check expiration of JWT Token #1226

Open aryanmehrotra opened 3 days ago

aryanmehrotra commented 3 days ago

Currently, Oauth middleware validates if the JWT token received is valid or not but it does not check if it is expired.

As per, RFC-7519 it is optional, but how would user configure the middleware to check? Right Now, user would need to check in handler or write their own middleware - which shouldn't be the case

There should be an option while user set the JWKS url to enable these feature to validate the token expiry.

RahulMohanK commented 1 day ago

@aryanmehrotra I am interested to work on this issue. Could you assign this to me ?

aryanmehrotra commented 1 day ago

Sure, assigning to you, before implementing can you please share the proposed solution and how user would be using it.