Issue #191: Allow leeway to handle clock skew #248
Conversation
README.md
Outdated
| @@ -88,6 +88,27 @@ var_dump($token->validate($data)); // true, because current time is between "nbf | |||
| $data->setCurrentTime(time() + 4000); // changing the validation time to future | |||
|
|
|||
| var_dump($token->validate($data)); // false, because token is expired since current time is greater than exp | |||
|
|
|||
| // We can also use leeway to deal with clock skew. | |||
There was a problem hiding this comment.
I think most readers of the README.md will unlikely know what leeway or clock skew mean in this context. Also, iat, nbf and exp, while in the spec, need some expansion here.
Is this maybe for a separate documentation page? (README.md should be short and to the point)
There was a problem hiding this comment.
Is this maybe for a separate documentation page? (README.md should be short and to the point)
I agree with you @Ocramius but let's do that as a separate PR, we can keep it on the README.md for now and modify it later.
README.md
Outdated
|
|
||
| var_dump($token->validate($dataWithLeeway)); // false, because token can't be used before now() + 60 and it's now() + 14 | ||
|
|
||
| $dataWithLeeway->setCurrentTime(time() + 51); // changing the validation time to future |
There was a problem hiding this comment.
Use $time = time(), assigned only once to make it clear that we're working within the boundaries of fixed time throughout the example
README.md
Outdated
| @@ -97,6 +118,11 @@ var_dump($token->validate($data)); // false, because token is expired since curr | |||
| configured in ```ValidationData``` they will be ignored by ```Token::validate()```. | |||
| - ```exp```, ```nbf``` and ```iat``` claims are configured by default in ```ValidationData::__construct()``` | |||
| with the current UNIX time (```time()```). | |||
| - The values for the keys in the optional ```$leeway``` array of ```ValidationData``` will add that number of seconds | |||
There was a problem hiding this comment.
Same here about $leeway. A link is required
src/ValidationData.php
Outdated
| @@ -24,24 +24,28 @@ class ValidationData | |||
| */ | |||
| private $items; | |||
|
|
|||
| private $timeFields = ['iat', 'nbf', 'exp']; | |||
There was a problem hiding this comment.
Docblock with @var string[] needed
src/ValidationData.php
Outdated
| @@ -24,24 +24,28 @@ class ValidationData | |||
| */ | |||
| private $items; | |||
|
|
|||
| private $timeFields = ['iat', 'nbf', 'exp']; | |||
|
|
|||
| private $leeways = []; | |||
There was a problem hiding this comment.
Docblock with types needed
src/ValidationData.php
Outdated
| /** | ||
| * Initializes the object | ||
| * | ||
| * @param int $currentTime | ||
| * @param array $leeways |
There was a problem hiding this comment.
Please use type[] (with the correct type) here
There was a problem hiding this comment.
This kind of definition of leeways is a bit squishy and hard to keep in mind, as the user needs to know the keys of the $leeways parameters. An explicit parameter for each of the fields supporting $leeways is more explicit and avoids basic mistakes.
src/ValidationData.php
Outdated
| $this->items['nbf'] = (int) $currentTime; | ||
| $this->items['exp'] = (int) $currentTime; | ||
| foreach ($this->timeFields as $field) { | ||
| if (isset($this->leeways[$field]) && is_int($this->leeways[$field])) { |
There was a problem hiding this comment.
The is_int() is to be avoided here - use an assertion where $this->leeways is being modified instead, and throw if a non-int is passed in.
test/unit/ValidationDataTest.php
Outdated
| 'iss' => $iss !== null ? (string)$iss : null, | ||
| 'aud' => $aud !== null ? (string)$aud : null, | ||
| 'sub' => $sub !== null ? (string)$sub : null, | ||
| 'iat' => (int)$iat, |
There was a problem hiding this comment.
This cast is likely wrong - should never come in as non-integer here
test/unit/ValidationDataTest.php
Outdated
| @@ -200,7 +268,9 @@ public function claimValues() | |||
| * @param string $sub | |||
| * @param string $iss | |||
| * @param string $aud | |||
| * @param int $time | |||
| * @param int $iat | |||
| * @param int $nbf | |||
test/unit/ValidationDataTest.php
Outdated
| * @param int $time | ||
| * @param int $iat | ||
| * @param int $nbf | ||
| * @param int $exp |
There was a problem hiding this comment.
@m777z thanks for your contribution here :)
On top of what @Ocramius said, I think that allowing people to define a leeway per claim might lead us to accidental complexity...
The problem we're trying to solve here is clock skew, and if the "client's" clock is skewed for one field it will definitely be skewed for the others. So, could you please modify things to simplify it?
README.md
Outdated
| @@ -88,6 +88,27 @@ var_dump($token->validate($data)); // true, because current time is between "nbf | |||
| $data->setCurrentTime(time() + 4000); // changing the validation time to future | |||
|
|
|||
| var_dump($token->validate($data)); // false, because token is expired since current time is greater than exp | |||
|
|
|||
| // We can also use leeway to deal with clock skew. | |||
There was a problem hiding this comment.
Is this maybe for a separate documentation page? (README.md should be short and to the point)
I agree with you @Ocramius but let's do that as a separate PR, we can keep it on the README.md for now and modify it later.
|
Thanks for the feedback, guys! Since some pretty big changes are needed, should I continue to send commits to this pull request or just close it and open a new PR when the code is ready? |
|
Sending patches here would give us an idea if thr comments are addressed:
incremental reviews FTW!
…On Sat, 7 Jul 2018, 07:02 m777z, ***@***.***> wrote:
Thanks for the feedback, guys! Since some pretty big changes are needed,
should I continue to send commits to this pull request or just close it and
open a new PR when the code is ready?
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#248 (comment)>, or mute
the thread
<https://github.com/notifications/unsubscribe-auth/AAJakORKzJ6Gn3ws90uQCzWYho1fq4Boks5uEEDvgaJpZM4U-Iw1>
.
|
|
@lcobucci I updated the code to only take one integer parameter for the leeway (which is then applied to each of the time-based checks). @Ocramius The code style changes were reverted. I made some changes to README.md (used your $time = time() suggestion), though as you and @lcobucci said we may eventually want to link to a good explanation elsewhere since I am having trouble succinctly explaining leeway and clock skew. I believe all your comments on src/ValidationData.php have been indirectly addressed by the simplification I made on @lcobucci's suggestion. I also added the |null in test/unit/ValidationDataTest.php and took out the unneeded cast. Please let me know what further changes need to be made. |
|
@m777z awesome, thanks for your work! This week I'll be releasing the last patch on 3.2.x and focus on 3.3, thus your code will be reviewed ASAP |
lcobucci
force-pushed
the
allow-jwt-leeway
branch
from
85e72f3 to
895f95d
Compare
| * The leeway (in seconds) to use when validating time claims | ||
| * @var int | ||
| */ | ||
| private $leeway; |
There was a problem hiding this comment.
I was wondering if it makes sense to have this as a property... I mean, it's only used for configuring the current time, maybe it would be better to simply pass it to ValidationData#setCurrentTime()... @Ocramius any thoughts?
There was a problem hiding this comment.
I'm completely fine with doing it either way. Leaving it as it is makes sense if it's fairly common to use the setCurrentTime() method 1 or more times after initial construction of the object while keeping the same leeway. However, if users would want to keep changing the leeway without constructing a new object, or if they rarely use setCurrentTime() directly at all, then passing leeway as a parameter to setCurrentTime() makes more sense.
There was a problem hiding this comment.
@m777z I'm have no clue on how users are using this object, and since it will be deprecated very soon I don't think we should debate this much. Let's go with your suggested approach and if needed we change it. Thanks!
There was a problem hiding this comment.
@lcobucci I am assuming you mean it is okay to just leave things as they are for this part. If so, are there other changes I need to make before this pull request is merged?
There was a problem hiding this comment.
@m777z that's correct. There're some small CS changes (which I'll handle ASAP), I just didn't manage to work on this. Plan to work on it tomorrow
| 'nbf' => $time, | ||
| 'exp' => $time | ||
| 'iat' => $iat, | ||
| 'nbf' => $nbf !== null ? $nbf: $iat, |
There was a problem hiding this comment.
It's sad that we can't use ?? to simplify this due to PHP 5.x compatibility 😭
lcobucci
force-pushed
the
allow-jwt-leeway
branch
from
895f95d to
38b75a0
Compare
lcobucci
force-pushed
the
allow-jwt-leeway
branch
from
38b75a0 to
78a4b22
Compare
|
@m777z thanks for your contribution (and sorry about the delay!) 😄 |
To address clock skew issues. More info: - lcobucci/jwt#191 - lcobucci/jwt#248
Not sure if I'm doing this right since it's my first real code contribution to an open-source project. I'm sending the PR to 3.3 per @lcobucci's comment on this issue on May 17.
Note that all the whitespace changes were made by my editor (PHPStorm) when set to the "PSR1/PSR2" predefined style.