github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-20 18:31:15 +00:00
Code Issues Projects Releases Wiki Activity

check jwt timestamp for zero value

Browse Source 
Co-authored-by: Jordan Liggitt <jordan@liggitt.net>
This commit is contained in:
Max Goltzsche 2023-03-02 02:47:23 +01:00 committed by Max Goltzsche
parent df8fa2eab5
commit 031075d149
No known key found for this signature in database
GPG Key ID: 364FA5A62B410BA4
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
pkg/serviceaccount/claims.go
View File

@ -198,7 +198,7 @@ func (v *validator) Validate(ctx context.Context, _ string, public *jwt.Claims,
// Check special 'warnafter' field for projected service account token transition.
warnafter := private.Kubernetes.WarnAfter
if warnafter != nil {
if warnafter != nil && *warnafter != 0 {
if nowTime.After(warnafter.Time()) {
secondsAfterWarn := nowTime.Unix() - warnafter.Time().Unix()
auditInfo := fmt.Sprintf("subject: %s, seconds after warning threshold: %d", public.Subject, secondsAfterWarn)