"NumericDate - A JSON numeric value representing the number of seconds from 1970-01-01T00:00:00Z UTC until the specified UTC date/time, ignoring leap seconds."
and for exp:
"Its value MUST be a number containing a NumericDate value"
But Yoke (com.jetdrone.vertx.yoke.middleware.JWT class) compares is as it was presented in milliseconds, so comparison fails.
final long now = System.currentTimeMillis();
Long exp = jwtToken.getLong("exp");
// expires must be after now
if (now > exp) {
next.handle(new YokeException(401, "Invalid Token!"));
return;
}
JWT spec says:
"NumericDate - A JSON numeric value representing the number of seconds from 1970-01-01T00:00:00Z UTC until the specified UTC date/time, ignoring leap seconds." and for exp:
"Its value MUST be a number containing a NumericDate value"
But Yoke (com.jetdrone.vertx.yoke.middleware.JWT class) compares is as it was presented in milliseconds, so comparison fails.
The same issue is with nbf and iat.