Ran
|
Files
102
|
Run time
9s
|
Badge
Embed ▾
README BADGES
|
push
travis-ci
<a href="https://github.com/TykTechnologies/tyk/commit/<a class=hub.com/TykTechnologies/tyk/commit/000bfe4228fdb2d98b9d2f46fc0ca51fee50bbba">000bfe422<a href="https://github.com/TykTechnologies/tyk/commit/000bfe4228fdb2d98b9d2f46fc0ca51fee50bbba">">Add Configured leeway to JWT time validation claims in case of a clock skew (#1741) [This fix ](https://github.com/TykTechnologies/tyk/commit/</a><a class="double-link" href="https://github.com/TykTechnologies/tyk/commit/<a class="double-link" href="https://github.com/TykTechnologies/tyk/commit/abb1b350b7dfdce52901e6e3f730a7fd899fd3f0">abb1b350b</a>">abb1b350b</a><a href="https://github.com/TykTechnologies/tyk/commit/000bfe4228fdb2d98b9d2f46fc0ca51fee50bbba"> )helps to avoid jwt failure but can risk us since it won't validate the time-related claims at all (using disable config fields in api def). I have added a field that gives leeway ,in seconds, in case there is a clock skew times between the signing server (Idp for instance) and the verifying server, i.e. Tyk. Have added tests for both type of fields - disable time claims validation and added leeway to time claims validation.
9251 of 15566 relevant lines covered (59.43%)
0.66 hits per line
Coverage | ∆ | File | Lines | Relevant | Covered | Missed | Hits/Line |
---|