From 9df823d0476d38c4616f87c866f59279a339ab73 Mon Sep 17 00:00:00 2001
From: Matthias Baer <matthiasbaer@bluewin.ch>
Date: Sat, 30 Dec 2023 21:56:07 +0100
Subject: [PATCH] Replace JWTDecoder package with
 System.IdentityModel.Tokens.Jwt (#83)

* Replace JWTDecoder package with System.IdentityModel.Tokens.Jwt

* Update System.IdentityModel.Tokens.Jwt
---
 Gotrue/Client.cs               | 11 ++++++-----
 Gotrue/Gotrue.csproj           |  2 +-
 Gotrue/Session.cs              |  2 +-
 Gotrue/StatelessClient.cs      |  2 +-
 Gotrue/TokenRefresh.cs         |  4 ++--
 Gotrue/User.cs                 |  4 ----
 GotrueTests/GotrueTests.csproj | 10 +++++-----
 7 files changed, 16 insertions(+), 19 deletions(-)

diff --git a/Gotrue/Client.cs b/Gotrue/Client.cs
index dfeefa5..09c8ad8 100644
--- a/Gotrue/Client.cs
+++ b/Gotrue/Client.cs
@@ -1,5 +1,6 @@
 using System;
 using System.Collections.Generic;
+using System.IdentityModel.Tokens.Jwt;
 using System.Threading.Tasks;
 using System.Web;
 using Newtonsoft.Json;
@@ -415,12 +416,12 @@ public async Task<Session> SetSession(string accessToken, string refreshToken, b
 			if (string.IsNullOrEmpty(accessToken) || string.IsNullOrEmpty(refreshToken))
 				throw new GotrueException("`accessToken` and `refreshToken` cannot be empty.", NoSessionFound);
 
-			var payload = JWTDecoder.Decoder.DecodePayload<User>(accessToken);
+			var payload = new JwtSecurityTokenHandler().ReadJwtToken(accessToken).Payload;
 
-			if (payload == null || payload.ExpiresAt() == DateTime.MinValue)
+			if (payload == null || payload.ValidTo == DateTime.MinValue)
 				throw new GotrueException("`accessToken`'s payload was of an unknown structure.", NoSessionFound);
 
-			if (payload.Expired() || forceAccessTokenRefresh)
+			if (payload.ValidTo < DateTime.UtcNow || forceAccessTokenRefresh)
 			{
 				var result = await _api.RefreshAccessToken(accessToken, refreshToken);
 
@@ -437,7 +438,7 @@ public async Task<Session> SetSession(string accessToken, string refreshToken, b
 				AccessToken = accessToken,
 				RefreshToken = refreshToken,
 				TokenType = "bearer",
-				ExpiresIn = payload.Exp!.Value,
+				ExpiresIn = payload.Expiration!.Value,
 				User = await _api.GetUser(accessToken)
 			};
 
@@ -484,7 +485,7 @@ public async Task<Session> SetSession(string accessToken, string refreshToken, b
 			var session = new Session
 			{
 				AccessToken = accessToken,
-				ExpiresIn = int.Parse(expiresIn),
+				ExpiresIn = long.Parse(expiresIn),
 				RefreshToken = refreshToken,
 				TokenType = tokenType,
 				User = user
diff --git a/Gotrue/Gotrue.csproj b/Gotrue/Gotrue.csproj
index ba6250b..b016ecf 100644
--- a/Gotrue/Gotrue.csproj
+++ b/Gotrue/Gotrue.csproj
@@ -52,9 +52,9 @@
         <LangVersion>8.0</LangVersion>
     </PropertyGroup>
     <ItemGroup>
-        <PackageReference Include="JWTDecoder" Version="0.9.2" />
         <PackageReference Include="Newtonsoft.Json" Version="13.0.3" />
         <PackageReference Include="supabase-core" Version="0.0.3" />
+        <PackageReference Include="System.IdentityModel.Tokens.Jwt" Version="7.0.3" />
     </ItemGroup>
     <ItemGroup>
         <None Remove="Exceptions\" />
diff --git a/Gotrue/Session.cs b/Gotrue/Session.cs
index 7e5c185..3f01ae1 100644
--- a/Gotrue/Session.cs
+++ b/Gotrue/Session.cs
@@ -13,7 +13,7 @@ public class Session
         public string? AccessToken { get; set; }
 
         [JsonProperty("expires_in")]
-        public int ExpiresIn { get; set; }
+        public long ExpiresIn { get; set; }
 
         [JsonProperty("refresh_token")]
         public string? RefreshToken { get; set; }
diff --git a/Gotrue/StatelessClient.cs b/Gotrue/StatelessClient.cs
index 253094b..52cbda3 100644
--- a/Gotrue/StatelessClient.cs
+++ b/Gotrue/StatelessClient.cs
@@ -229,7 +229,7 @@ public async Task<bool> DeleteUser(string uid, string serviceRoleToken, Stateles
 			var session = new Session
 			{
 				AccessToken = accessToken,
-				ExpiresIn = int.Parse(expiresIn),
+				ExpiresIn = long.Parse(expiresIn),
 				RefreshToken = refreshToken,
 				TokenType = tokenType,
 				User = user
diff --git a/Gotrue/TokenRefresh.cs b/Gotrue/TokenRefresh.cs
index bbd6200..3721302 100644
--- a/Gotrue/TokenRefresh.cs
+++ b/Gotrue/TokenRefresh.cs
@@ -160,9 +160,9 @@ private TimeSpan GetInterval()
 				return TimeSpan.Zero;
 			}
 
-			var interval = (int)Math.Floor(_client.CurrentSession.ExpiresIn * 4.0f / 5.0f);
+			var interval = (long)Math.Floor(_client.CurrentSession.ExpiresIn * 4.0f / 5.0f);
 
-			var timeoutSeconds = Convert.ToInt32((_client.CurrentSession.CreatedAt.AddSeconds(interval) - DateTime.UtcNow).TotalSeconds);
+			var timeoutSeconds = Convert.ToInt64((_client.CurrentSession.CreatedAt.AddSeconds(interval) - DateTime.UtcNow).TotalSeconds);
 
 			if (timeoutSeconds > _client.Options.MaximumRefreshWaitTime)
 				timeoutSeconds = _client.Options.MaximumRefreshWaitTime;
diff --git a/Gotrue/User.cs b/Gotrue/User.cs
index 881296e..118b8ed 100644
--- a/Gotrue/User.cs
+++ b/Gotrue/User.cs
@@ -68,10 +68,6 @@ public class User
         
         [JsonProperty("exp")]
         internal int? Exp { get; set; }
-
-        internal DateTime ExpiresAt() => Exp.HasValue ? DateTimeOffset.FromUnixTimeSeconds(Exp.Value).UtcDateTime : DateTime.MinValue;
-        
-        internal bool Expired() => ExpiresAt() < DateTime.UtcNow;
     }
 
     /// <summary>
diff --git a/GotrueTests/GotrueTests.csproj b/GotrueTests/GotrueTests.csproj
index c549055..a83d3a2 100644
--- a/GotrueTests/GotrueTests.csproj
+++ b/GotrueTests/GotrueTests.csproj
@@ -7,14 +7,14 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Microsoft.IdentityModel.Tokens" Version="6.29.0" />
+    <PackageReference Include="coverlet.collector" Version="3.2.0">
+      <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
+      <PrivateAssets>all</PrivateAssets>
+    </PackageReference>
     <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.5.0" />
     <PackageReference Include="MSTest.TestAdapter" Version="3.0.2" />
     <PackageReference Include="MSTest.TestFramework" Version="3.0.2" />
-    <PackageReference Include="coverlet.collector" Version="3.2.0"><IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
-<PrivateAssets>all</PrivateAssets>
-</PackageReference>
-    <PackageReference Include="System.IdentityModel.Tokens.Jwt" Version="6.29.0" />
+    <PackageReference Include="System.IdentityModel.Tokens.Jwt" Version="7.0.3" />
   </ItemGroup>
 
   <ItemGroup>