JWT handles exp as milliseconds but should handle as seconds

[kkorsakov]

JWT spec says:

"NumericDate - A JSON numeric value representing the number of seconds from 1970-01-01T00:00:00Z UTC until the specified UTC date/time, ignoring leap seconds." and for exp:

"Its value MUST be a number containing a NumericDate value"

But Yoke (com.jetdrone.vertx.yoke.middleware.JWT class) compares is as it was presented in milliseconds, so comparison fails.

final long now = System.currentTimeMillis();
Long exp = jwtToken.getLong("exp");
// expires must be after now
if (now > exp) {
    next.handle(new YokeException(401, "Invalid Token!"));
    return;
}

The same issue is with nbf and iat.

[pmlopes]

Thanks, for spotting that. I will fix it as soon i've some time!

[pmlopes]

fixed on 2.0.18