Consistent implementation of ValidateExpClaim and ValidateNbfClaim (#397

) * Added TokenNotYetValidException * Updated JwtValidator to throw it * Updated tests * Bumped version to 9.0.2 Co-authored-by: Alexander Batishchev <[email protected]>
jwt-dotnet · May 27, 2022 · 6d14b6d · 6d14b6d
1 parent 7fc7908
commit 6d14b6d
Show file tree

Hide file tree

Showing 4 changed files with 56 additions and 5 deletions.
diff --git a/src/JWT/Exceptions/TokenNotYetValidException.cs b/src/JWT/Exceptions/TokenNotYetValidException.cs
@@ -0,0 +1,47 @@
+using System;
+using System.Collections.Generic;
+
+#if NET35 || NET40
+using IReadOnlyPayloadDictionary = System.Collections.Generic.IDictionary<string, object>;
+#else
+using IReadOnlyPayloadDictionary = System.Collections.Generic.IReadOnlyDictionary<string, object>;
+#endif
+
+namespace JWT.Exceptions
+{
+    /// <summary>
+    /// Represents an exception thrown when a token is not yet valid.
+    /// </summary>
+    public class TokenNotYetValidException : SignatureVerificationException
+    {
+        private const string PayloadDataKey = "PayloadData";
+        private const string NotBeforeKey = "NotBefore";
+
+        /// <summary>
+        /// Creates an instance of <see cref="TokenNotYetValidException" />
+        /// </summary>
+        /// <param name="message">The error message</param>
+        public TokenNotYetValidException(string message)
+             : base(message)
+        {
+        }
+
+        /// <summary>
+        /// The payload.
+        /// </summary>
+        public IReadOnlyPayloadDictionary PayloadData
+        {
+            get => GetOrDefault<Dictionary<string, object>>(PayloadDataKey);
+            internal set => this.Data.Add(PayloadDataKey, value);
+        }
+
+        /// <summary>
+        /// The not before DateTime of the token.
+        /// </summary>
+        public DateTime? NotBefore
+        {
+            get => GetOrDefault<DateTime?>(NotBeforeKey);
+            internal set => this.Data.Add(NotBeforeKey, value);
+        }
+    }
+}
diff --git a/src/JWT/JWT.csproj b/src/JWT/JWT.csproj
@@ -20,7 +20,7 @@
     <Authors>Alexander Batishchev, John Sheehan, Michael Lehenbauer</Authors>
     <PackageTags>jwt;json;authorization</PackageTags>
     <PackageLicense>CC0-1.0</PackageLicense>
-    <Version>9.0.1</Version>
+    <Version>9.0.2</Version>
     <FileVersion>9.0.0.0</FileVersion>
     <AssemblyVersion>9.0.0.0</AssemblyVersion>
     <RootNamespace>JWT</RootNamespace>

diff --git a/src/JWT/JwtValidator.cs b/src/JWT/JwtValidator.cs
@@ -255,10 +255,14 @@ private Exception ValidateNbfClaim(IReadOnlyPayloadDictionary payloadData, doubl
 
             if (secondsSinceEpoch + _valParams.TimeMargin < nbfValue)
             {
-                return new SignatureVerificationException("Token is not yet valid.");
+                return new TokenNotYetValidException("Token is not yet valid.")
+                {
+                    NotBefore = UnixEpoch.Value.AddSeconds(nbfValue),
+                    PayloadData = payloadData
+                };                
             }
 
             return null;
         }
     }
-}
+}
diff --git a/tests/JWT.Tests.Common/JwtValidatorTests.cs b/tests/JWT.Tests.Common/JwtValidatorTests.cs
@@ -315,7 +315,7 @@ public void TryValidate_Should_Return_False_And_Exception_Not_Null_When_Token_Is
 
             ex.Should()
               .NotBeNull("because invalid token should thrown exception")
-              .And.BeOfType(typeof(SignatureVerificationException), "because not yet usable token should thrown SignatureVerificationException");
+              .And.BeOfType(typeof(TokenNotYetValidException), "because not yet usable token should thrown TokenNotYetValidException");
         }
 
         [TestMethod]
@@ -378,4 +378,4 @@ public void TryValidate_Should_Return_True_And_Exception_Null_When_Token_Is_Not_
 
         }
     }
-}
+}