diff options
| author | Boris Kolpackov <boris@codesynthesis.com> | 2024-02-12 10:53:58 +0200 |
|---|---|---|
| committer | Francois Kritzinger <francois@codesynthesis.com> | 2024-10-15 09:05:27 +0200 |
| commit | 0856f9ad26a8d9679f1fad03f7bf30153d278910 (patch) | |
| tree | 7698fbf1d2debe47d2141288108bf7b95f94718a /mod/jwt.hxx | |
| parent | 1b728e3f3f2c9588b4535cf92e18139ce8eb38c8 (diff) | |
Review
Diffstat (limited to 'mod/jwt.hxx')
| -rw-r--r-- | mod/jwt.hxx | 12 |
1 files changed, 7 insertions, 5 deletions
diff --git a/mod/jwt.hxx b/mod/jwt.hxx index 65ad5c5..25e9c21 100644 --- a/mod/jwt.hxx +++ b/mod/jwt.hxx @@ -10,7 +10,7 @@ namespace brep { - // Generate a JSON Web Token (JWT), defined in RFC 7519. + // Generate a JSON Web Token (JWT), defined in RFC7519. // // A JWT is essentially the token issuer's name along with a number of // claims, signed with a private key. @@ -20,16 +20,18 @@ namespace brep // // The token expires when the validity period has elapsed. // - // Return the token or empty if openssl exited with a non-zero status. + // The backdate argument specifies the number of seconds to subtract from + // the "issued at" time in order to combat potential clock drift (which can + // casue the token to be not valid yet). // - // Throw process_error or io_error (both derived from std::system_error) if - // openssl could not be executed or communication with its process failed. + // Return the token or std::system_error in case if an error. // string gen_jwt (const options::openssl_options&, const path& private_key, const string& issuer, - const std::chrono::minutes& validity_period); + const std::chrono::minutes& validity_period, + const std::chrono::seconds& backdate = 60); } #endif |