From b6105c79b7adbe830990143f1668f376b76b0a25 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christoph=20R=C3=B6nsch?= <christoph.roensch@arcor.de>
Date: Sun, 5 Mar 2023 16:16:11 +0100
Subject: [PATCH] accept float claims but round down to ignore them

---
 src/JWT.php | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/JWT.php b/src/JWT.php
index 269e8caf..e8d8221c 100644
--- a/src/JWT.php
+++ b/src/JWT.php
@@ -143,18 +143,18 @@ public static function decode(
 
         // Check the nbf if it is defined. This is the time that the
         // token can actually be used. If it's not yet that time, abort.
-        if (isset($payload->nbf) && $payload->nbf > ($timestamp + static::$leeway)) {
+        if (isset($payload->nbf) && floor($payload->nbf) > ($timestamp + static::$leeway)) {
             throw new BeforeValidException(
-                'Cannot handle token prior to ' . \date(DateTime::ISO8601, $payload->nbf)
+                'Cannot handle token prior to ' . \date(DateTime::ISO8601, (int) $payload->nbf)
             );
         }
 
         // Check that this token has been created before 'now'. This prevents
         // using tokens that have been created for later use (and haven't
         // correctly used the nbf claim).
-        if (isset($payload->iat) && $payload->iat > ($timestamp + static::$leeway)) {
+        if (isset($payload->iat) && floor($payload->iat) > ($timestamp + static::$leeway)) {
             throw new BeforeValidException(
-                'Cannot handle token prior to ' . \date(DateTime::ISO8601, $payload->iat)
+                'Cannot handle token prior to ' . \date(DateTime::ISO8601, (int) $payload->iat)
             );
         }