/**
* Validate the payload timestamps.
*
* @param array $payload
*
* @throws \Tymon\JWTAuth\Exceptions\TokenExpiredException
* @throws \Tymon\JWTAuth\Exceptions\TokenInvalidException
*
* @return bool
*/
protected function validateTimestamps(array $payload)
{
if (isset($payload['nbf']) && Utils::isFuture($payload['nbf'])) {
throw new TokenInvalidException('Not Before (nbf) timestamp cannot be in the future');
}
if (isset($payload['iat']) && Utils::isFuture($payload['iat'])) {
throw new TokenInvalidException('Issued At (iat) timestamp cannot be in the future');
}
if (isset($payload['exp']) && Utils::isPast($payload['exp'])) {
throw new TokenExpiredException('Token has expired');
}
return true;
}
/**
* Determine whether the token has been blacklisted.
*
* @param \Tymon\JWTAuth\Payload $payload
*
* @return bool
*/
public function has(Payload $payload)
{
$val = $this->storage->get($this->getKey($payload));
// exit early if the token was blacklisted forever
if ($val === 'forever') {
return true;
}
// check whether the expiry + grace has past
return $val !== null && !Utils::isFuture($val['valid_until']);
}
