search

openwallet-foundation-labs / sd-jwt-kotlin

A Kotlin implementation of the Selective Disclosure JWT (SD-JWT) spec.
Apache License 2.0
23 stars 10 forks source link

Use of LocalDateTime in SD-JWT library #11

Open jbenipal opened 7 months ago

jbenipal commented 7 months ago

Hi,

While experimenting with the SD-JWT library to create and verify presentations, I saw that the library uses LocalDateTime to verify if the JWT was within 30 seconds time period in the method verifyJwtClaims. This verification code works fine if the LocalDateTime creates the object in UTC as the original key binding JWT created using nimbus library (in createPresentation) is in UTC time. However for other time zones, it fails with error JWT not yet valid.

I can put up a fix, if the explanation seems correct.

fabian-hk commented 6 months ago

Sorry for the late reply. That sounds reasonable, but this project is no longer maintained. If you are interested in maintaining it, please contact me. I would recommend using the eudi-lib-jvm-sdjwt-kt library instead.