Skip to content

Commit 17af03b

Browse files
committed
Fix bad JWT parsing
1 parent f2c1028 commit 17af03b

File tree

2 files changed

+8
-3
lines changed

2 files changed

+8
-3
lines changed

Firebase/Auth/CHANGELOG.md

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,6 @@
1+
# v5.0.3
2+
- Fix an issue where JWT date timestamps weren't parsed correctly.
3+
14
# v5.0.2
25
- Fix an issue where anonymous accounts weren't correctly promoted to
36
non-anonymous when linked with passwordless email auth accounts.

Firebase/Auth/Source/FIRUser.m

Lines changed: 5 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -890,12 +890,14 @@ - (FIRAuthTokenResult *)parseIDToken:(NSString *)token error:(NSError **)error {
890890
return nil;
891891
}
892892

893+
// These are dates since 00:00:00 January 1 1970, as described by the Terminology section in
894+
// the JWT spec. https://tools.ietf.org/html/rfc7519
893895
NSDate *expDate =
894-
[NSDate dateWithTimeIntervalSinceNow:[tokenPayloadDictionary[@"exp"] doubleValue]];
896+
[NSDate dateWithTimeIntervalSince1970:[tokenPayloadDictionary[@"exp"] doubleValue]];
895897
NSDate *authDate =
896-
[NSDate dateWithTimeIntervalSinceNow:[tokenPayloadDictionary[@"auth_time"] doubleValue]];
898+
[NSDate dateWithTimeIntervalSince1970:[tokenPayloadDictionary[@"auth_time"] doubleValue]];
897899
NSDate *issuedDate =
898-
[NSDate dateWithTimeIntervalSinceNow:[tokenPayloadDictionary[@"iat"] doubleValue]];
900+
[NSDate dateWithTimeIntervalSince1970:[tokenPayloadDictionary[@"iat"] doubleValue]];
899901
FIRAuthTokenResult *result =
900902
[[FIRAuthTokenResult alloc] initWithToken:token
901903
expirationDate:expDate

0 commit comments

Comments
 (0)