private function getAccountFromAccessToken($accessToken)
{
\JWT::$leeway = 10;
$jwt = \JWT::decode($accessToken, config('stormpath.client.apiKey.secret'), ['HS256']);
$expandsArray = [];
$expands = config('stormpath.web.me.expand');
foreach ($expands as $key => $value) {
if ($value == false) {
continue;
}
$expandsArray[] = $key;
}
$toExpand = [];
if (count($expandsArray) > 0) {
$toExpand = ['expand' => implode(',', $expandsArray)];
}
$account = \Stormpath\Resource\Account::get($jwt->sub, $toExpand);
return $account;
}
public function testInvalidTokenWithIatLeeway()
{
JWT::$leeway = 60;
$payload = array("message" => "abc", "iat" => time() + 65);
// issued too far in future
$encoded = JWT::encode($payload, 'my_key');
$this->setExpectedException('BeforeValidException');
$decoded = JWT::decode($encoded, 'my_key', array('HS256'));
JWT::$leeway = 0;
}
public function __construct($key)
{
//allow for 5 seconds of clock skew
TokenLib::$leeway = 5;
$this->key = self::PREPEND_KEY . $key;
}
