Added expectIssuedAt convenience method.

src/main/java/io/jsonwebtoken/JwtParser.java

@@ -16,6 +16,7 @@
 package io.jsonwebtoken;
 
 import java.security.Key;
+import java.util.Date;
 
 /**
  * A parser for reading JWT strings, used to convert them into a {@link Jwt} object representing the expanded JWT.
@@ -26,6 +27,14 @@ public interface JwtParser {
 
     public static final char SEPARATOR_CHAR = '.';
 
+    /**
+     * Sets an expected value for the issuedAt claim.
+     *
+     * @param issuedAt
+     * @return the parser for method chaining.
+     */
+    JwtParser expectIssuedAt(Date issuedAt);
+
     /**
      * Sets an expected value for any given claim name.
      *

src/main/java/io/jsonwebtoken/impl/DefaultJwtParser.java

@@ -46,7 +46,6 @@ import java.io.IOException;
 import java.security.Key;
 import java.text.SimpleDateFormat;
 import java.util.Date;
-import java.util.LinkedHashMap;
 import java.util.Map;
 
 @SuppressWarnings("unchecked")
@@ -63,7 +62,16 @@ public class DefaultJwtParser implements JwtParser {
 
     private SigningKeyResolver signingKeyResolver;
 
-    Map<String, Object> expectedClaims = new LinkedHashMap<String, Object>();
+    Claims expectedClaims = new DefaultClaims();
+
+    @Override
+    public JwtParser expectIssuedAt(Date issuedAt) {
+        if (issuedAt != null) {
+            expectedClaims.setIssuedAt(issuedAt);
+        }
+
+        return this;
+    }
 
     @Override
     public JwtParser expect(String claimName, Object value) {
@@ -329,8 +337,16 @@ public class DefaultJwtParser implements JwtParser {
 
     private void validateExpectedClaims(Header header, Claims claims) {
         for (String expectedClaimName : expectedClaims.keySet()) {
-            Object expectedClaimValue = expectedClaims.get(expectedClaimName);
+            Object expectedClaimValue = null;
-            Object actualClaimValue = claims.get(expectedClaimName);
+            Object actualClaimValue = null;
+            if (Claims.ISSUED_AT.equals(expectedClaimName)) {
+                expectedClaimValue = expectedClaims.getIssuedAt();
+                actualClaimValue = claims.getIssuedAt();
+            } else {
+                expectedClaimValue = expectedClaims.get(expectedClaimName);
+                actualClaimValue = claims.get(expectedClaimName);
+            }
+
             InvalidClaimException invalidClaimException = null;
 
             if (actualClaimValue == null) {

src/test/groovy/io/jsonwebtoken/JwtParserTest.groovy

@@ -22,6 +22,8 @@ import javax.crypto.spec.SecretKeySpec
 import java.security.SecureRandom
 
 import static org.junit.Assert.*
+import static ClaimJwtException.INCORRECT_EXPECTED_CLAIM_MESSAGE_TEMPLATE
+import static ClaimJwtException.MISSING_EXPECTED_CLAIM_MESSAGE_TEMPLATE
 
 class JwtParserTest {
 
@@ -819,7 +821,7 @@ class JwtParserTest {
             fail()
         } catch (IncorrectClaimException e) {
             assertEquals(
-                String.format(ClaimJwtException.INCORRECT_EXPECTED_CLAIM_MESSAGE_TEMPLATE, goodClaimName, goodClaimValue, badClaimValue),
+                String.format(INCORRECT_EXPECTED_CLAIM_MESSAGE_TEMPLATE, goodClaimName, goodClaimValue, badClaimValue),
                 e.getMessage()
             )
         }
@@ -843,7 +845,74 @@ class JwtParserTest {
             fail()
         } catch (MissingClaimException e) {
             assertEquals(
-                String.format(ClaimJwtException.MISSING_EXPECTED_CLAIM_MESSAGE_TEMPLATE, claimName, claimValue),
+                String.format(MISSING_EXPECTED_CLAIM_MESSAGE_TEMPLATE, claimName, claimValue),
+                e.getMessage()
+            )
+        }
+    }
+
+    @Test
+    void testParseExpectIssuedAt_Success() {
+        def issuedAt = new Date(System.currentTimeMillis())
+
+        byte[] key = randomKey()
+
+        String compact = Jwts.builder().signWith(SignatureAlgorithm.HS256, key).
+            setIssuedAt(issuedAt).
+            compact()
+
+        Jwt<Header,Claims> jwt = Jwts.parser().setSigningKey(key).
+            expectIssuedAt(issuedAt).
+            parseClaimsJws(compact)
+
+        // system converts to seconds (lopping off millis precision), then returns millis
+        def issuedAtMillis = ((long)issuedAt.getTime() / 1000) * 1000
+
+        assertEquals jwt.getBody().getIssuedAt().getTime(), issuedAtMillis
+    }
+
+    @Test
+    void testParseExpectIssuedAt_Incorrect_Fail() {
+        def goodIssuedAt = new Date(System.currentTimeMillis())
+        def badIssuedAt = new Date(System.currentTimeMillis() - 10000)
+
+        byte[] key = randomKey()
+
+        String compact = Jwts.builder().signWith(SignatureAlgorithm.HS256, key).
+            setIssuedAt(badIssuedAt).
+            compact()
+
+        try {
+            Jwts.parser().setSigningKey(key).
+                expectIssuedAt(goodIssuedAt).
+                parseClaimsJws(compact)
+            fail()
+        } catch(IncorrectClaimException e) {
+            assertEquals(
+                String.format(INCORRECT_EXPECTED_CLAIM_MESSAGE_TEMPLATE, Claims.ISSUED_AT, goodIssuedAt, badIssuedAt),
+                e.getMessage()
+            )
+        }
+    }
+
+    @Test
+    void testParseExpectIssuedAt_Missing_Fail() {
+        def issuedAt = new Date(System.currentTimeMillis() - 10000)
+
+        byte[] key = randomKey()
+
+        String compact = Jwts.builder().signWith(SignatureAlgorithm.HS256, key).
+            setSubject("Dummy").
+            compact()
+
+        try {
+            Jwts.parser().setSigningKey(key).
+                expectIssuedAt(issuedAt).
+                parseClaimsJws(compact)
+            fail()
+        } catch(MissingClaimException e) {
+            assertEquals(
+                String.format(MISSING_EXPECTED_CLAIM_MESSAGE_TEMPLATE, Claims.ISSUED_AT, issuedAt),
                 e.getMessage()
             )
         }