Merge pull request #202 from yathindrakodithuwakku/handle-nbf-claim-r…

…ejection-error Handle nbf claim rejection error
asgardeo · Apr 21, 2022 · 2896686 · 2896686
2 parents 8c95910 + 2332248
commit 2896686
Show file tree

Hide file tree

Showing 2 changed files with 22 additions and 1 deletion.
diff --git a/lib/src/constants/data.ts b/lib/src/constants/data.ts
@@ -30,3 +30,6 @@ export const PKCE_SEPARATOR = "#";
 export const SUPPORTED_SIGNATURE_ALGORITHMS = [
     "RS256", "RS512", "RS384", "PS256"
 ];
+
+export const CLAIM_VALIDATION_ERROR: string = "ERR_JWT_CLAIM_VALIDATION_FAILED";
+export const NBF_CLAIM: string= "nbf";
diff --git a/lib/src/helpers/crypto-helper.ts b/lib/src/helpers/crypto-helper.ts
@@ -16,7 +16,7 @@
  * under the License.
  */
 
-import { SUPPORTED_SIGNATURE_ALGORITHMS } from "../constants";
+import { CLAIM_VALIDATION_ERROR, NBF_CLAIM, SUPPORTED_SIGNATURE_ALGORITHMS } from "../constants";
 import { AsgardeoAuthException } from "../exception";
 import { CryptoUtils, DecodedIDTokenPayload, JWKInterface } from "../models";
 
@@ -113,6 +113,24 @@ export class CryptoHelper<T = any> {
                         "ID token validation returned false"
                     )
                 );
+            }).catch((error) => {
+                if(error?.code === CLAIM_VALIDATION_ERROR && error?.claim === NBF_CLAIM) {
+                    return Promise.reject(
+                        new AsgardeoAuthException(
+                            "JS-CRYPTO_UTILS-IVIT-IV02",
+                            "JWT NBF CLAIM VALIDATION FAILED",
+                            "JWT NBF claim validation has been failed"
+                        )
+                    );
+                }
+
+                return Promise.reject(
+                    new AsgardeoAuthException(
+                        "JS-CRYPTO_UTILS-IVIT-IV03",
+                        "JWT VALIDATION FAILED",
+                        "JWT validation has been failed"
+                    )
+                );
             });
     }