Commit 4ddc5eb0 authored by rithu leena john's avatar rithu leena john Committed by GitHub

Merge pull request #765 from rithujohn191/bump-oidc

Bump go-oidc package
parents fb5199c9 05cef99a
hash: 723f2faad8f09a97ffb5ce647705b8ee41dbf2f81f91488c60f23d102789a23b
updated: 2016-12-08T11:11:10.172119799-08:00
hash: 22c01c4265c210fbf3cd2d55e9451b924a3301e35053c82ebe35171ab7286c83
updated: 2017-01-06T15:38:29.812891187-08:00
imports:
- name: github.com/cockroachdb/cockroach-go
version: 31611c0501c812f437d4861d87d117053967c955
subpackages:
- crdb
- name: github.com/coreos/go-oidc
version: dedb650fb29c39c2f21aa88c1e4cec66da8754d1
version: 2b5d73091ea4b7ddb15e3ac00077f153120b5b61
- name: github.com/ghodss/yaml
version: bea76d6a4713e18b7f5321a2b020738552def3ea
- name: github.com/go-sql-driver/mysql
......
......@@ -66,7 +66,7 @@ import:
# Used for server integration tests and OpenID Connect connector.
- package: github.com/coreos/go-oidc
version: dedb650fb29c39c2f21aa88c1e4cec66da8754d1
version: 2b5d73091ea4b7ddb15e3ac00077f153120b5b61
- package: github.com/pquerna/cachecontrol
version: c97913dcbd76de40b051a9b4cd827f7eaeb7a868
- package: golang.org/x/oauth2
......
......@@ -145,6 +145,13 @@ func (v *IDTokenVerifier) Verify(ctx context.Context, rawIDToken string) (*IDTok
}
}
// If a checkExpiry is specified, make sure token is not expired.
if v.config.checkExpiry != nil {
if t.Expiry.Before(v.config.checkExpiry()) {
return nil, fmt.Errorf("oidc: token is expired (Token Expiry: %v)", t.Expiry)
}
}
// If a set of required algorithms has been provided, ensure that the signatures use those.
var keyIDs, gotAlgs []string
for _, sig := range jws.Signatures {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment