vendor: revendor

9 years ago · 05cef99a31
2 changed files with 10 additions and 3 deletions
--- a/glide.lock
+++ b/glide.lock
@ -1,12 +1,12 @@
-hash: 723f2faad8f09a97ffb5ce647705b8ee41dbf2f81f91488c60f23d102789a23b
-updated: 2016-12-08T11:11:10.172119799-08:00
+hash: 22c01c4265c210fbf3cd2d55e9451b924a3301e35053c82ebe35171ab7286c83
+updated: 2017-01-06T15:38:29.812891187-08:00
 imports:
 - name: github.com/cockroachdb/cockroach-go
  version: 31611c0501c812f437d4861d87d117053967c955
  subpackages:
  - crdb
 - name: github.com/coreos/go-oidc
-  version: dedb650fb29c39c2f21aa88c1e4cec66da8754d1
+  version: 2b5d73091ea4b7ddb15e3ac00077f153120b5b61
 - name: github.com/ghodss/yaml
  version: bea76d6a4713e18b7f5321a2b020738552def3ea
 - name: github.com/go-sql-driver/mysql
--- a/vendor/github.com/coreos/go-oidc/verify.go
+++ b/vendor/github.com/coreos/go-oidc/verify.go
@ -145,6 +145,13 @@ func (v *IDTokenVerifier) Verify(ctx context.Context, rawIDToken string) (*IDTok
 		}
 	}

+	// If a checkExpiry is specified, make sure token is not expired.
+	if v.config.checkExpiry != nil {
+		if t.Expiry.Before(v.config.checkExpiry()) {
+			return nil, fmt.Errorf("oidc: token is expired (Token Expiry: %v)", t.Expiry)
+		}
+	}
+
 	// If a set of required algorithms has been provided, ensure that the signatures use those.
 	var keyIDs, gotAlgs []string
 	for _, sig := range jws.Signatures {