Merge pull request #532 from tanvi029/set-leeway

jwt leeway time added

src/main/java/iudx/resource/server/authenticator/AuthenticationVerticle.java

@@ -75,6 +75,7 @@ public void start() throws Exception {
               binder = new ServiceBinder(vertx);
 
               JWTAuthOptions jwtAuthOptions = new JWTAuthOptions();
+              jwtAuthOptions.getJWTOptions().setLeeway(30);
               jwtAuthOptions.addPubSecKey(
                   new PubSecKeyOptions().setAlgorithm("ES256").setBuffer(cert));
               /*
@@ -84,7 +85,7 @@ public void start() throws Exception {
                   config().getBoolean("jwtIgnoreExpiry") != null
                       && config().getBoolean("jwtIgnoreExpiry");
               if (jwtIgnoreExpiry) {
-                jwtAuthOptions.getJWTOptions().setIgnoreExpiration(true);
+                jwtAuthOptions.getJWTOptions().setIgnoreExpiration(true).setLeeway(30);
                 LOGGER.warn(
                     "JWT ignore expiration set to true, "
                         + "do not set IgnoreExpiration in production!!");

src/main/java/iudx/resource/server/authenticator/Constants.java

@@ -63,4 +63,5 @@ public class Constants {
   public static final String DID = "did";
 
   public static final String REVOKED_CLIENT_SQL = "SELECT * FROM revoked_tokens WHERE _id='$1'";
+  public static final int JWT_LEEWAY_TIME = 30;
 }