this repo has no description
oauth client: Add exp ( expiresat ) claim to client assertions (#1147)
Required according to rfc7523
authored by
David Buchanan
and committed by
GitHub
b4dd6383
cbaa8d37
+6
-5
+6
-5
atproto/auth/oauth/oauth.go
+6
-5
atproto/auth/oauth/oauth.go
···
242
242
}
243
243
claims := clientAssertionClaims{
244
244
RegisteredClaims: jwt.RegisteredClaims{
245
-
Issuer: cfg.ClientID,
246
-
Subject: cfg.ClientID,
247
-
Audience: []string{authURL},
248
-
ID: secureRandomBase64(16),
249
-
IssuedAt: jwt.NewNumericDate(time.Now()),
245
+
Issuer: cfg.ClientID,
246
+
Subject: cfg.ClientID,
247
+
Audience: []string{authURL},
248
+
ID: secureRandomBase64(16),
249
+
IssuedAt: jwt.NewNumericDate(time.Now()),
250
+
ExpiresAt: jwt.NewNumericDate(time.Now().Add(jwtExpirationDuration)),
250
251
},
251
252
}
252
253