From 7089c78c5c4f0d3f015130a27031e7b997ba8a29 Mon Sep 17 00:00:00 2001
From: Nicolas Mora <github@babelouest.org>
Date: Fri, 1 Mar 2024 16:33:39 -0500
Subject: [PATCH] Enforce r_jwt_validate_claims with time claims

---
 src/jwt.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/jwt.c b/src/jwt.c
index 118f543..aa6aa12 100644
--- a/src/jwt.c
+++ b/src/jwt.c
@@ -1796,7 +1796,7 @@ int r_jwt_validate_claims(jwt_t * jwt, ...) {
           i_value = va_arg(vl, int);
           if (i_value == R_JWT_CLAIM_PRESENT && !json_is_integer(json_object_get(jwt->j_claims, "exp"))) {
             ret = RHN_ERROR_PARAM;
-          } else if (json_is_integer(json_object_get(jwt->j_claims, "exp")) && json_integer_value(json_object_get(jwt->j_claims, "exp")) > 0) {
+          } else if (json_is_integer(json_object_get(jwt->j_claims, "exp")) && (time_t)json_integer_value(json_object_get(jwt->j_claims, "exp")) > 0) {
             t_value = (time_t)r_jwt_get_claim_int_value(jwt, "exp");
             if (i_value == R_JWT_CLAIM_NOW) {
               if (t_value < now) {
@@ -1815,7 +1815,7 @@ int r_jwt_validate_claims(jwt_t * jwt, ...) {
           i_value = va_arg(vl, int);
           if (i_value == R_JWT_CLAIM_PRESENT && !json_is_integer(json_object_get(jwt->j_claims, "nbf"))) {
             ret = RHN_ERROR_PARAM;
-          } else if (json_is_integer(json_object_get(jwt->j_claims, "nbf")) && json_integer_value(json_object_get(jwt->j_claims, "nbf")) > 0) {
+          } else if (json_is_integer(json_object_get(jwt->j_claims, "nbf")) && (time_t)json_integer_value(json_object_get(jwt->j_claims, "nbf")) > 0) {
             t_value = (time_t)r_jwt_get_claim_int_value(jwt, "nbf");
             if (i_value == R_JWT_CLAIM_NOW) {
               if (t_value > now) {
@@ -1834,7 +1834,7 @@ int r_jwt_validate_claims(jwt_t * jwt, ...) {
           i_value = va_arg(vl, int);
           if (i_value == R_JWT_CLAIM_PRESENT && !json_is_integer(json_object_get(jwt->j_claims, "iat"))) {
             ret = RHN_ERROR_PARAM;
-          } else if (json_is_integer(json_object_get(jwt->j_claims, "iat")) && json_integer_value(json_object_get(jwt->j_claims, "iat")) > 0) {
+          } else if (json_is_integer(json_object_get(jwt->j_claims, "iat")) && (time_t)json_integer_value(json_object_get(jwt->j_claims, "iat")) > 0) {
             t_value = (time_t)r_jwt_get_claim_int_value(jwt, "iat");
             if (i_value == R_JWT_CLAIM_NOW) {
               if (t_value > now) {