Non-numeric 'iat' now raises InvalidIssuedAtError on decode()

Author: mark-adams

CHANGELOG.md

@@ -11,6 +11,8 @@ This project adheres to [Semantic Versioning](http://semver.org/).
 - Renamed commandline script `jwt` to `jwt-cli` to avoid issues with the script clobbering the `jwt` module in some circumstances.
 - Better error messages when using an algorithm that requires the cryptography package, but it isn't available [#230][230]
 - Tokens with future 'iat' values are no longer rejected [#190][190]
+- Non-numeric 'iat' values now raise InvalidIssuedAtError instead of DecodeError
+
 
 ### Fixed
 

docs/usage.rst

@@ -180,6 +180,8 @@ Issued At Claim (iat)
     This claim can be used to determine the age of the JWT. Its value MUST be a
     number containing a NumericDate value. Use of this claim is OPTIONAL.
 
+    If the `iat` claim is not a number, an `jwt.InvalidIssuedAtError` exception will be raised.
+
 .. code-block:: python
 
     jwt.encode({'iat': 1371720939}, 'secret')

jwt/api_jwt.py

@@ -123,7 +123,7 @@ def _validate_iat(self, payload, now, leeway):
         try:
             int(payload['iat'])
         except ValueError:
-            raise DecodeError('Issued At claim (iat) must be an integer.')
+            raise InvalidIssuedAtError('Issued At claim (iat) must be an integer.')
 
     def _validate_nbf(self, payload, now, leeway):
         try:

tests/test_api_jwt.py

@@ -142,7 +142,7 @@ def test_decode_raises_exception_if_iat_is_not_int(self, jwt):
                        'eyJpYXQiOiJub3QtYW4taW50In0.'
                        'H1GmcQgSySa5LOKYbzGm--b1OmRbHFkyk8pq811FzZM')
 
-        with pytest.raises(DecodeError):
+        with pytest.raises(InvalidIssuedAtError):
             jwt.decode(example_jwt, 'secret')
 
     def test_decode_raises_exception_if_nbf_is_not_int(self, jwt):