/** * Get the number of minutes until the token expiry. * * @param \Tymon\JWTAuth\Payload $payload * * @return int */ protected function getMinutesUntilExpired(Payload $payload) { $exp = Utils::timestamp($payload['exp']); $iat = Utils::timestamp($payload['iat']); // get the latter of the two expiration dates and find // the number of minutes until the expiration date, // plus 1 minute to avoid overlap return $exp->max($iat->addMinutes($this->refreshTTL))->addMinute()->diffInMinutes(); }
/** * Determine whether the token has been blacklisted * * @param \Tymon\JWTAuth\Payload $payload * * @return boolean */ public function has(Payload $payload) { $val = $this->storage->get($this->getKey($payload)); // exit early if the token was blacklisted forever if ($val === 'forever') { return true; } // check whether the expiry + grace has past return !(is_null($val) || Utils::timestamp($val['valid_until'])->isFuture()); }
/** * Check the token in the refresh flow context * * @param $payload * * @throws \Tymon\JWTAuth\Exceptions\TokenExpiredException * * @return bool */ protected function validateRefresh(array $payload) { if (isset($payload['iat']) && Utils::timestamp($payload['iat'])->diffInMinutes(Utils::now()) >= $this->refreshTTL) { throw new TokenExpiredException('Token has expired and can no longer be refreshed'); } return true; }