Java Client JWT Validate returns incorrect exp/iat time
-
Hello,
When using the java client library and calling 'fusionAuthClient.validateJWT(accessToken)' an incorrect exp/iat date is returned. When i validate the token using jwt.io for instance the expiration date is correct. This issue is similar to this: https://fusionauth.io/community/forum/topic/204/net-core-client-jwt-validate-returns-incorrect-exp-iat-time?_=1681918914102
Is there any reason why this is happening?
Here is an example of the text token:
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjQ4NmZlNDI0MiJ9.eyJhdWQiOiJlYjM2ZDFhYi00ZmVhLTQ5ZTMtYTI2Ny1jZmZiMTA0MjdhM2UiLCJleHAiOjE2ODE5OTQ4OTIsImlhdCI6MTY4MTk5MTI5MiwiaXNzIjoiYWNtZS5jb20iLCJzdWIiOiI4MGIyNDJlYi0zNmQ5LTRhMTEtODAwOC05YTQxYjc1OTFiMzUiLCJqdGkiOiI3MmRjZDA5My02OWQ0LTQ2Y2UtYTdiZi02NmJmOWM1ZWMzMjIiLCJhdXRoZW50aWNhdGlvblR5cGUiOiJQQVNTV09SRCIsImVtYWlsIjoiYWN0aWVmQGNiLm5sIiwiZW1haWxfdmVyaWZpZWQiOnRydWUsInByZWZlcnJlZF91c2VybmFtZSI6ImFjdGllZkBjYi5ubCIsImFwcGxpY2F0aW9uSWQiOiJlYjM2ZDFhYi00ZmVhLTQ5ZTMtYTI2Ny1jZmZiMTA0MjdhM2UiLCJyb2xlcyI6W10sInNpZCI6IjI5OTNjYTEzLWUwN2MtNDU1NS05ZWM3LWQ4NjU3ZmJlMzQwNSIsImF1dGhfdGltZSI6MTY4MTk5MTI5MiwidGlkIjoiYzNkMDkxODAtNTczNy0yMDcwLWY0NDItOTY0OWQ1ODQwMWM5In0.Sk5tXeDUG_RNhzKThvZkzK-xoQkQA5D62_QZJ-F1OLg -
@ndiarmand Here is the PR that fixed the .net client. I think we need to same logic in the java client, perhaps.
https://github.com/FusionAuth/fusionauth-netcore-client/pull/49
--
FusionAuth - Auth for devs, built by devs.
https://fusionauth.io -
Actually, looks like the java client uses https://github.com/FusionAuth/fusionauth-jwt/blob/master/src/main/java/io/fusionauth/jwt/json/ZonedDateTimeSerializer.java which should give the correct value.
Do you have a unit test you can share that I can take a closer look at?
-
Hi Dan, here is a unit test that fails (JWT is supposed to be valid for 1 hour)
@Test void testJWTValidity() { FusionAuthClient fusionAuthClient = new FusionAuthClient(API_KEY, BASE_URL, TENANT_ID); LoginRequest loginRequest = new io.fusionauth.domain.api.LoginRequest(UUID.fromString(APPLICATION_ID), EMAIL, PASSWORD); ClientResponse<LoginResponse, Errors> loginResponse = fusionAuthClient.login(loginRequest); String token = loginResponse.getSuccessResponse().token; ClientResponse<ValidateResponse, Void> validateResponse = fusionAuthClient.validateJWT(token); assertFalse(validateResponse.getSuccessResponse().jwt.isExpired()); }When i debug i see that the expiration date is wrong:
I am using the latest version of the java client library (1.45.0)
-
@dan added the unit test
-
@ndiarmand Thanks, just saw this now. Filed a bug: https://github.com/FusionAuth/fusionauth-issues/issues/2275
--
FusionAuth - Auth for devs, built by devs.
https://fusionauth.io -
This has been fixed in version 1.46.0, which should be released soon.
You can track it at the issue above.
Thanks for reporting, @ndiarmand !
