#60 Add validation tests for JWT expiration

Two new tests have been added to DefaultJwtParserTest to validate JWT expiration behavior. The tests ensure that for the 'expireAfter()' method, duration must be more than 0 and timeUnit cannot be null. The error messages for these validation checks have also been modified for clarity.
jwtk · pveeckhout · Dec 25, 2023 · Dec 25, 2023 · Jan 10, 2024 · Jan 10, 2024
commit e91b0425bfcf3604b8b3d25232a8c695b17f1613
diff --git a/impl/src/main/java/io/jsonwebtoken/impl/DefaultJwtBuilder.java b/impl/src/main/java/io/jsonwebtoken/impl/DefaultJwtBuilder.java
@@ -482,8 +482,8 @@ public JwtBuilder id(String jti) {
 
     @Override
     public JwtBuilder expireAfter(long duration, TimeUnit timeUnit) {  // TODO: use java.time for version 1.0?
-        Assert.state(duration > 0, "duration must be a positive value.");
-        Assert.stateNotNull(timeUnit, "timeUnit is required.");
+        Assert.gt(duration, 0L, "duration must be > 0.");
+        Assert.notNull(timeUnit, "timeUnit cannot be null.");
 
         Date exp = Optional.ofNullable(this.claimsBuilder.get(DefaultClaims.ISSUED_AT))
                 .map(Date::getTime)

diff --git a/impl/src/test/groovy/io/jsonwebtoken/impl/DefaultJwtParserTest.groovy b/impl/src/test/groovy/io/jsonwebtoken/impl/DefaultJwtParserTest.groovy
@@ -278,6 +278,31 @@ class DefaultJwtParserTest {
         }
     }
 
+    @Test
+    void testExpiredAfterDurationValidationMessage() {
+        def duration = -1L
+        def timeUnit = TimeUnit.MINUTES
+        try {
+            Jwts.builder().expireAfter(duration, timeUnit).compact()
+        } catch (IllegalArgumentException expected) {
+            String msg = "duration must be > 0."
+            assertEquals msg, expected.message
+        }
+    }
+
+    @Test
+    void testExpiredAfterTimeUnitValidationMessage() {
+        def duration = 15L
+        def timeUnit = null
+        try {
+            Jwts.builder().expireAfter(duration, timeUnit).compact()
+        } catch (IllegalArgumentException expected) {
+            String msg = "timeUnit cannot be null."
+            assertEquals msg, expected.message
+        }
+    }
+
+
     @Test
     void testExpiredAfterExceptionMessage() {
         long differenceMillis = 781 // arbitrary, anything > 0 is fine
@@ -293,7 +318,7 @@ class DefaultJwtParserTest {
             def exp8601 = DateFormats.formatIso8601(expectedExpiry, true)
             def later8601 = DateFormats.formatIso8601(later, true)
             String msg = "JWT expired ${differenceMillis} milliseconds ago at ${exp8601}. " +
-                    "Current time: ${later8601}. Allowed clock skew: 0 milliseconds.";
+                    "Current time: ${later8601}. Allowed clock skew: 0 milliseconds."
             assertEquals msg, expected.message
         }
     }
@@ -317,7 +342,7 @@ class DefaultJwtParserTest {
             def exp8601 = DateFormats.formatIso8601(expectedExpiry, true)
             def later8601 = DateFormats.formatIso8601(later, true)
             String msg = "JWT expired ${differenceMillis} milliseconds ago at ${exp8601}. " +
-                    "Current time: ${later8601}. Allowed clock skew: 0 milliseconds.";
+                    "Current time: ${later8601}. Allowed clock skew: 0 milliseconds."
             assertEquals msg, expected.message
         }
     }
@@ -336,7 +361,7 @@ class DefaultJwtParserTest {
             def nbf8601 = DateFormats.formatIso8601(nbf, true)
             def earlier8601 = DateFormats.formatIso8601(earlier, true)
             String msg = "JWT early by ${differenceMillis} milliseconds before ${nbf8601}. " +
-                    "Current time: ${earlier8601}. Allowed clock skew: 0 milliseconds.";
+                    "Current time: ${earlier8601}. Allowed clock skew: 0 milliseconds."
             assertEquals msg, expected.message
         }
     }