Add extra unit tests for JWT.verify

Blockhacked · Dec 5, 2017 · 7a6776e · 7a6776e
1 parent c8856a6
commit 7a6776e
Showing 1 changed file with 26 additions and 0 deletions.
diff --git a/test/jwt/jsonwebtoken.test.js b/test/jwt/jsonwebtoken.test.js
@@ -115,6 +115,14 @@ describe('JSON Web Token (JWT) RFC7519 implementation', () => {
         }));
     });
 
+    it('nbf accepted within set clock tolerance', () => {
+      const key = keystore.get({ kty: 'oct' });
+      return JWT.sign({ data: true, nbf: epochTime() + 5 }, key, 'HS256')
+        .then(jwt => JWT.verify(jwt, key, {
+          clockTolerance: 10,
+        }));
+    });
+
     it('nbf invalid', () => {
       const key = keystore.get({ kty: 'oct' });
       return JWT.sign({ data: true, nbf: 'not a nbf' }, key, 'HS256')
@@ -153,6 +161,16 @@ describe('JSON Web Token (JWT) RFC7519 implementation', () => {
         }));
     });
 
+    it('iat accepted within set clock tolerance', () => {
+      const key = keystore.get({ kty: 'oct' });
+      return JWT.sign({ data: true, iat: epochTime() + 5 }, key, 'HS256', {
+        noTimestamp: true,
+      })
+        .then(jwt => JWT.verify(jwt, key, {
+          clockTolerance: 10,
+        }));
+    });
+
     it('iat invalid', () => {
       const key = keystore.get({ kty: 'oct' });
       return JWT.sign({ data: true, iat: 'not an iat' }, key, 'HS256', {
@@ -189,6 +207,14 @@ describe('JSON Web Token (JWT) RFC7519 implementation', () => {
         }));
     });
 
+    it('exp accepted within set clock tolerance', () => {
+      const key = keystore.get({ kty: 'oct' });
+      return JWT.sign({ data: true, exp: epochTime() - 5 }, key, 'HS256')
+        .then(jwt => JWT.verify(jwt, key, {
+          clockTolerance: 10,
+        }));
+    });
+
     it('exp invalid', () => {
       const key = keystore.get({ kty: 'oct' });
       return JWT.sign({ data: true, exp: 'not an exp' }, key, 'HS256')