Stop rejecting tokens with future 'iat' values

RFC 7519 does not specify or even suggest this type of validation on the 'iat' claim and it has caused issues for several consumers of PyJWT. This change removes the validation on future 'iat' values and leaves such things up to the application developer to implement. Fixes #190.
author: Mark Adams <mark@markadams.me> 2017-04-17 08:22:27 -0500
committer: Mark Adams <mark@markadams.me> 2017-04-17 08:34:04 -0500
commit: 8f3a2a8a4098693357b69d63a1dbec514ed7c701 (patch)
tree: 757c9103c158153dbd8ca57fb9452d2b09c009e3 /jwt
parent: ceff941c705f6e745688a181f917f06e8706413e (diff)
download: pyjwt-8f3a2a8a4098693357b69d63a1dbec514ed7c701.tar.gz
1 files changed, 1 insertions, 5 deletions
diff --git a/jwt/api_jwt.py b/jwt/api_jwt.py
index 9703b8d..059c4a0 100644
--- a/jwt/api_jwt.py
+++ b/jwt/api_jwt.py
@@ -121,14 +121,10 @@ class PyJWT(PyJWS):
 
     def _validate_iat(self, payload, now, leeway):
         try:
-            iat = int(payload['iat'])
+            int(payload['iat'])
         except ValueError:
             raise DecodeError('Issued At claim (iat) must be an integer.')
 
-        if iat > (now + leeway):
-            raise InvalidIssuedAtError('Issued At claim (iat) cannot be in'
-                                       ' the future.')
-
     def _validate_nbf(self, payload, now, leeway):
         try:
             nbf = int(payload['nbf'])
author	Mark Adams <mark@markadams.me>	2017-04-17 08:22:27 -0500
committer	Mark Adams <mark@markadams.me>	2017-04-17 08:34:04 -0500
commit	8f3a2a8a4098693357b69d63a1dbec514ed7c701 (patch)
tree	757c9103c158153dbd8ca57fb9452d2b09c009e3 /jwt
parent	ceff941c705f6e745688a181f917f06e8706413e (diff)
download	pyjwt-8f3a2a8a4098693357b69d63a1dbec514ed7c701.tar.gz