Closed
Description
This file https://github.com/firebase/php-jwt/blob/main/src/CachedKeySet.php#L216 and this function private function rateLimitExceeded(): bool
$cacheItem->expiresAfter(1); // # of calls are cached each minute
, but according to PSR 6 spec (https://www.php-fig.org/psr/psr-6/),public function expiresAfter($time);
=>An integer parameter is understood to be the time in seconds
$this->cache->save($cacheItem);
looks like will overwrite ttl each time. So when ratelimit cache key exists,$cacheItem->expiresAfter()
will not be executed, and lifetime will be overwritten to unlimited.
I thinks all two parts are not expect behaviors.
Metadata
Metadata
Assignees
Labels
No labels