nginxinc
diff --git a/‎opaque_session_token/openid_connect.js‎
Lines changed: 1 addition & 1 deletion b/‎opaque_session_token/openid_connect.js‎
Lines changed: 1 addition & 1 deletion
@@ -106,7 +106,7 @@ function validateIdToken(req,res) {
  }
  var valid_token = true;
 
- // Check iat is a number
+ // Check iat is a positive integer
  var iat = Math.floor(Number(req.variables.jwt_claim_iat));
  if (String(iat) != req.variables.jwt_claim_iat || iat < 1) {
  req.error("OIDC ID Token validation error: iat claim is not a valid number");
Original file line number	Diff line number	Diff line change
`@@ -106,7 +106,7 @@ function validateIdToken(req,res) {`
`106`	`106`	`}`
`107`	`107`	`var valid_token = true;`
`108`	`108`
`109`		`- // Check iat is a number`
	`109`	`+ // Check iat is a positive integer`
`110`	`110`	`var iat = Math.floor(Number(req.variables.jwt_claim_iat));`
`111`	`111`	`if (String(iat) != req.variables.jwt_claim_iat \|\| iat < 1) {`
`112`	`112`	`req.error("OIDC ID Token validation error: iat claim is not a valid number");`