diff options
| author | Boris Kolpackov <boris@codesynthesis.com> | 2024-02-12 10:53:58 +0200 |
|---|---|---|
| committer | Francois Kritzinger <francois@codesynthesis.com> | 2024-06-05 09:12:45 +0200 |
| commit | 3d53ca86d53c119e9b937d3a51571127f75b140c (patch) | |
| tree | ab3f06bb73e3b4ca2e1e1d0789a10fb890034d92 /mod/jwt.hxx | |
| parent | a376770e0a8ed304660d911dfc4448aeb8c814b0 (diff) | |
Review
Diffstat (limited to 'mod/jwt.hxx')
| -rw-r--r-- | mod/jwt.hxx | 12 |
1 files changed, 7 insertions, 5 deletions
diff --git a/mod/jwt.hxx b/mod/jwt.hxx index 65ad5c5..25e9c21 100644 --- a/mod/jwt.hxx +++ b/mod/jwt.hxx @@ -10,7 +10,7 @@ namespace brep { - // Generate a JSON Web Token (JWT), defined in RFC 7519. + // Generate a JSON Web Token (JWT), defined in RFC7519. // // A JWT is essentially the token issuer's name along with a number of // claims, signed with a private key. @@ -20,16 +20,18 @@ namespace brep // // The token expires when the validity period has elapsed. // - // Return the token or empty if openssl exited with a non-zero status. + // The backdate argument specifies the number of seconds to subtract from + // the "issued at" time in order to combat potential clock drift (which can + // casue the token to be not valid yet). // - // Throw process_error or io_error (both derived from std::system_error) if - // openssl could not be executed or communication with its process failed. + // Return the token or std::system_error in case if an error. // string gen_jwt (const options::openssl_options&, const path& private_key, const string& issuer, - const std::chrono::minutes& validity_period); + const std::chrono::minutes& validity_period, + const std::chrono::seconds& backdate = 60); } #endif |