From 299105a51c6c98ad54692fd8c5702062bf11b5ec Mon Sep 17 00:00:00 2001
From: Brent Shaffer <betterbrent@google.com>
Date: Fri, 30 Jun 2023 13:08:13 -0700
Subject: [PATCH] chore: add tests for latest fixes (#512)

---
 tests/JWTTest.php | 80 +++++++++++++++++++++++++++++++++++++++++++----
 1 file changed, 74 insertions(+), 6 deletions(-)

diff --git a/tests/JWTTest.php b/tests/JWTTest.php
index 7d49bf04..5265e471 100644
--- a/tests/JWTTest.php
+++ b/tests/JWTTest.php
@@ -76,6 +76,9 @@ public function testValidToken()
         $this->assertSame($decoded->message, 'abc');
     }
 
+    /**
+     * @runInSeparateProcess
+     */
     public function testValidTokenWithLeeway()
     {
         JWT::$leeway = 60;
@@ -86,9 +89,11 @@ public function testValidTokenWithLeeway()
         $encoded = JWT::encode($payload, 'my_key', 'HS256');
         $decoded = JWT::decode($encoded, new Key('my_key', 'HS256'));
         $this->assertSame($decoded->message, 'abc');
-        JWT::$leeway = 0;
     }
 
+    /**
+     * @runInSeparateProcess
+     */
     public function testExpiredTokenWithLeeway()
     {
         JWT::$leeway = 60;
@@ -100,7 +105,6 @@ public function testExpiredTokenWithLeeway()
         $encoded = JWT::encode($payload, 'my_key', 'HS256');
         $decoded = JWT::decode($encoded, new Key('my_key', 'HS256'));
         $this->assertSame($decoded->message, 'abc');
-        JWT::$leeway = 0;
     }
 
     public function testValidTokenWithNbf()
@@ -116,6 +120,9 @@ public function testValidTokenWithNbf()
         $this->assertSame($decoded->message, 'abc');
     }
 
+    /**
+     * @runInSeparateProcess
+     */
     public function testValidTokenWithNbfLeeway()
     {
         JWT::$leeway = 60;
@@ -126,9 +133,11 @@ public function testValidTokenWithNbfLeeway()
         $encoded = JWT::encode($payload, 'my_key', 'HS256');
         $decoded = JWT::decode($encoded, new Key('my_key', 'HS256'));
         $this->assertSame($decoded->message, 'abc');
-        JWT::$leeway = 0;
     }
 
+    /**
+     * @runInSeparateProcess
+     */
     public function testInvalidTokenWithNbfLeeway()
     {
         JWT::$leeway = 60;
@@ -139,9 +148,45 @@ public function testInvalidTokenWithNbfLeeway()
         $encoded = JWT::encode($payload, 'my_key', 'HS256');
         $this->expectException(BeforeValidException::class);
         JWT::decode($encoded, new Key('my_key', 'HS256'));
-        JWT::$leeway = 0;
     }
 
+    public function testValidTokenWithNbfIgnoresIat()
+    {
+        $payload = [
+            'message' => 'abc',
+            'nbf' => time() - 20, // time in the future
+            'iat' => time() + 20, // time in the past
+        ];
+        $encoded = JWT::encode($payload, 'my_key', 'HS256');
+        $decoded = JWT::decode($encoded, new Key('my_key', 'HS256'));
+        $this->assertEquals('abc', $decoded->message);
+    }
+
+    public function testValidTokenWithNbfMicrotime()
+    {
+        $payload = [
+            'message' => 'abc',
+            'nbf' => microtime(true), // use microtime
+        ];
+        $encoded = JWT::encode($payload, 'my_key', 'HS256');
+        $decoded = JWT::decode($encoded, new Key('my_key', 'HS256'));
+        $this->assertEquals('abc', $decoded->message);
+    }
+
+    public function testInvalidTokenWithNbfMicrotime()
+    {
+        $this->expectException(BeforeValidException::class);
+        $payload = [
+            'message' => 'abc',
+            'nbf' => microtime(true) + 20, // use microtime in the future
+        ];
+        $encoded = JWT::encode($payload, 'my_key', 'HS256');
+        JWT::decode($encoded, new Key('my_key', 'HS256'));
+    }
+
+    /**
+     * @runInSeparateProcess
+     */
     public function testValidTokenWithIatLeeway()
     {
         JWT::$leeway = 60;
@@ -152,9 +197,11 @@ public function testValidTokenWithIatLeeway()
         $encoded = JWT::encode($payload, 'my_key', 'HS256');
         $decoded = JWT::decode($encoded, new Key('my_key', 'HS256'));
         $this->assertSame($decoded->message, 'abc');
-        JWT::$leeway = 0;
     }
 
+    /**
+     * @runInSeparateProcess
+     */
     public function testInvalidTokenWithIatLeeway()
     {
         JWT::$leeway = 60;
@@ -165,7 +212,28 @@ public function testInvalidTokenWithIatLeeway()
         $encoded = JWT::encode($payload, 'my_key', 'HS256');
         $this->expectException(BeforeValidException::class);
         JWT::decode($encoded, new Key('my_key', 'HS256'));
-        JWT::$leeway = 0;
+    }
+
+    public function testValidTokenWithIatMicrotime()
+    {
+        $payload = [
+            'message' => 'abc',
+            'iat' => microtime(true), // use microtime
+        ];
+        $encoded = JWT::encode($payload, 'my_key', 'HS256');
+        $decoded = JWT::decode($encoded, new Key('my_key', 'HS256'));
+        $this->assertEquals('abc', $decoded->message);
+    }
+
+    public function testInvalidTokenWithIatMicrotime()
+    {
+        $this->expectException(BeforeValidException::class);
+        $payload = [
+            'message' => 'abc',
+            'iat' => microtime(true) + 20, // use microtime in the future
+        ];
+        $encoded = JWT::encode($payload, 'my_key', 'HS256');
+        JWT::decode($encoded, new Key('my_key', 'HS256'));
     }
 
     public function testInvalidToken()