Support for expireIn and other minor cleanup (#351)

implementation/jwt-build/src/main/java/io/smallrye/jwt/build/JwtClaimsBuilder.java

@@ -1,5 +1,6 @@
 package io.smallrye.jwt.build;
 
+import java.time.Duration;
 import java.time.Instant;
 import java.util.Collection;
 import java.util.Map;
@@ -81,19 +82,37 @@ default JwtClaimsBuilder issuedAt(Instant issuedAt) {
     /**
      * Set an expiry 'exp' claim
      * 
-     * @param expiredAt the expiry time in seconds
+     * @param expiresAt the absolute expiry time in seconds
      * @return JwtClaimsBuilder
      */
-    JwtClaimsBuilder expiresAt(long expiredAt);
+    JwtClaimsBuilder expiresAt(long expiresAt);
 
     /**
      * Set an expiry 'exp' claim
      * 
-     * @param expiredAt the expiry time in seconds
+     * @param expiresAt the absolute expiry time in seconds
      * @return JwtClaimsBuilder
      */
-    default JwtClaimsBuilder expiresAt(Instant expiredAt) {
-        return expiresAt(expiredAt.getEpochSecond());
+    default JwtClaimsBuilder expiresAt(Instant expiresAt) {
+        return expiresAt(expiresAt.getEpochSecond());
+    }
+
+    /**
+     * Set an expiry 'exp' claim
+     * 
+     * @param expiresIn the relative expiry time in seconds which will be added to the issuedAt time
+     * @return JwtClaimsBuilder
+     */
+    JwtClaimsBuilder expiresIn(long expiresIn);
+
+    /**
+     * Set an expiry 'exp' claim
+     * 
+     * @param expiresIn the relative expiry duration which will be converted to seconds and added to the issuedAt time
+     * @return JwtClaimsBuilder
+     */
+    default JwtClaimsBuilder expiresIn(Duration expiresIn) {
+        return expiresIn(expiresIn.getSeconds());
     }
 
     /**

implementation/jwt-build/src/main/java/io/smallrye/jwt/build/impl/JwtBuildUtils.java

@@ -20,13 +20,12 @@ private JwtBuildUtils() {
         // no-op: utility class
     }
 
-    static void setDefaultJwtClaims(JwtClaims claims) {
+    static void setDefaultJwtClaims(JwtClaims claims, Long tokenLifespan) {
 
-        long currentTimeInSecs = currentTimeInSecs();
         if (!claims.hasClaim(Claims.iat.name())) {
-            claims.setIssuedAt(NumericDate.fromSeconds(currentTimeInSecs));
+            claims.setIssuedAt(NumericDate.fromSeconds(currentTimeInSecs()));
         }
-        setExpiryClaim(claims);
+        setExpiryClaim(claims, tokenLifespan);
         if (!claims.hasClaim(Claims.jti.name())) {
             claims.setClaim(Claims.jti.name(), UUID.randomUUID().toString());
         }
@@ -77,10 +76,16 @@ static int currentTimeInSecs() {
         return (int) (System.currentTimeMillis() / 1000);
     }
 
-    static void setExpiryClaim(JwtClaims claims) {
+    private static void setExpiryClaim(JwtClaims claims, Long tokenLifespan) {
         if (!claims.hasClaim(Claims.exp.name())) {
-            Long lifespan = getConfigProperty("smallrye.jwt.new-token.lifespan", Long.class, 300L);
-            claims.setExpirationTime(NumericDate.fromSeconds(currentTimeInSecs() + lifespan));
+            Object value = claims.getClaimValue(Claims.iat.name());
+            Long issuedAt = (value instanceof NumericDate) ? ((NumericDate) value).getValue() : (Long) value;
+            Long lifespan = tokenLifespan;
+            if (lifespan == null) {
+                lifespan = getConfigProperty("smallrye.jwt.new-token.lifespan", Long.class, 300L);
+            }
+
+            claims.setExpirationTime(NumericDate.fromSeconds(issuedAt + lifespan));
         }
     }
 

implementation/jwt-build/src/main/java/io/smallrye/jwt/build/impl/JwtClaimsBuilderImpl.java

@@ -128,8 +128,17 @@ public JwtClaimsBuilder issuedAt(long issuedAt) {
      * {@inheritDoc}
      */
     @Override
-    public JwtClaimsBuilder expiresAt(long expiredAt) {
-        claims.setExpirationTime(NumericDate.fromSeconds(expiredAt));
+    public JwtClaimsBuilder expiresAt(long expiresAt) {
+        claims.setExpirationTime(NumericDate.fromSeconds(expiresAt));
+        return this;
+    }
+
+    /**
+     * {@inheritDoc}
+     */
+    @Override
+    public JwtClaimsBuilder expiresIn(long expiresIn) {
+        tokenLifespan = expiresIn;
         return this;
     }
 
@@ -146,7 +155,7 @@ public JwtClaimsBuilder groups(String group) {
      */
     @Override
     public JwtClaimsBuilder groups(Set<String> groups) {
-        claims.setClaim("groups", groups.stream().collect(Collectors.toList()));
+        claims.setClaim(Claims.groups.name(), groups.stream().collect(Collectors.toList()));
         return this;
     }
 
@@ -236,7 +245,7 @@ public JwtEncryptionBuilder innerSign() throws JwtSignatureException {
      */
     @Override
     public String json() {
-        JwtBuildUtils.setDefaultJwtClaims(claims);
+        JwtBuildUtils.setDefaultJwtClaims(claims, tokenLifespan);
         return claims.toJson();
     }
 
@@ -245,7 +254,7 @@ public String json() {
      */
     @Override
     public JwtEncryptionBuilder jwe() {
-        JwtBuildUtils.setDefaultJwtClaims(claims);
+        JwtBuildUtils.setDefaultJwtClaims(claims, tokenLifespan);
         return new JwtEncryptionImpl(claims.toJson());
     }
 

implementation/jwt-build/src/main/java/io/smallrye/jwt/build/impl/JwtSignatureImpl.java

@@ -28,6 +28,7 @@
 class JwtSignatureImpl implements JwtSignature {
     JwtClaims claims = new JwtClaims();
     Map<String, Object> headers = new HashMap<>();
+    Long tokenLifespan;
 
     JwtSignatureImpl() {
     }
@@ -145,7 +146,7 @@ private static boolean signingKeyConfigured() {
     }
 
     private String signInternal(Key signingKey) {
-        JwtBuildUtils.setDefaultJwtClaims(claims);
+        JwtBuildUtils.setDefaultJwtClaims(claims, tokenLifespan);
         JsonWebSignature jws = new JsonWebSignature();
         for (Map.Entry<String, Object> entry : headers.entrySet()) {
             jws.setHeader(entry.getKey(), entry.getValue());

implementation/jwt-build/src/test/java/io/smallrye/jwt/build/JwtSignTest.java

@@ -25,6 +25,7 @@
 import java.security.KeyPairGenerator;
 import java.security.PrivateKey;
 import java.security.PublicKey;
+import java.time.Duration;
 import java.time.Instant;
 import java.util.Arrays;
 import java.util.Collections;
@@ -121,9 +122,34 @@ private JwtClaims signAndVerifyClaims(Long customLifespan, String issuer) throws
     }
 
     @Test
-    public void testCustomIssuedAtExpiresAt() throws Exception {
+    public void testCustomIssuedAtExpiresAtLong() throws Exception {
+        Instant now = Instant.now();
+        String jwt = Jwt.claims().issuedAt(now).expiresAt(now.getEpochSecond() + 3000).sign();
+        verifyJwtCustomIssuedAtExpiresAt(now, jwt);
+    }
+
+    @Test
+    public void testCustomIssuedAtExpiresAtInstant() throws Exception {
         Instant now = Instant.now();
         String jwt = Jwt.claims().issuedAt(now).expiresAt(now.plusSeconds(3000)).sign();
+        verifyJwtCustomIssuedAtExpiresAt(now, jwt);
+    }
+
+    @Test
+    public void testCustomIssuedAtExpiresInLong() throws Exception {
+        Instant now = Instant.now();
+        String jwt = Jwt.claims().issuedAt(now).expiresIn(3000).sign();
+        verifyJwtCustomIssuedAtExpiresAt(now, jwt);
+    }
+
+    @Test
+    public void testCustomIssuedAtExpiresInDuration() throws Exception {
+        Instant now = Instant.now();
+        String jwt = Jwt.claims().issuedAt(now).expiresIn(Duration.ofSeconds(3000)).sign();
+        verifyJwtCustomIssuedAtExpiresAt(now, jwt);
+    }
+
+    private void verifyJwtCustomIssuedAtExpiresAt(Instant now, String jwt) throws Exception {
         JsonWebSignature jws = new JsonWebSignature();
         jws.setKey(KeyUtils.readPublicKey("/publicKey.pem"));
         jws.setCompactSerialization(jwt);