From 2ca58cf0a421dc1ba8e356e60b83f323788e64c0 Mon Sep 17 00:00:00 2001
From: Stefan Prodan <stefan.prodan@gmail.com>
Date: Wed, 20 May 2026 11:11:58 +0300
Subject: [PATCH] Migrate JWT to registered claims

Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
---
 pkg/api/grpc/token.go | 14 +++++++-------
 pkg/api/http/token.go | 12 ++++++------
 2 files changed, 13 insertions(+), 13 deletions(-)

diff --git a/pkg/api/grpc/token.go b/pkg/api/grpc/token.go
index b5a7c52..1a48754 100644
--- a/pkg/api/grpc/token.go
+++ b/pkg/api/grpc/token.go
@@ -22,19 +22,19 @@ type TokenServer struct {
 
 type jwtCustomClaims struct {
 	Name string `json:"name"`
-	jwt.StandardClaims
+	jwt.RegisteredClaims
 }
 
 func (s *TokenServer) TokenGenerate(ctx context.Context, req *pb.TokenRequest) (*pb.TokenResponse, error) {
 
 	user := "anonymous"
-	expiresAt := time.Now().Add(time.Minute * 1).Unix()
+	expiresAt := time.Now().Add(time.Minute * 1)
 
 	claims := &jwtCustomClaims{
 		user,
-		jwt.StandardClaims{
+		jwt.RegisteredClaims{
 			Issuer:    "podinfo",
-			ExpiresAt: expiresAt,
+			ExpiresAt: jwt.NewNumericDate(expiresAt),
 		},
 	}
 
@@ -48,7 +48,7 @@ func (s *TokenServer) TokenGenerate(ctx context.Context, req *pb.TokenRequest) (
 
 	var result = pb.TokenResponse{
 		Token:     t,
-		ExpiresAt: time.Unix(claims.StandardClaims.ExpiresAt, 0).String(),
+		ExpiresAt: claims.ExpiresAt.Time.String(),
 		Message:   "Token generated successfully",
 	}
 
@@ -88,12 +88,12 @@ func (s *TokenServer) TokenValidate(ctx context.Context, req *pb.TokenRequest) (
 	}
 
 	if parsed_token.Valid {
-		if claims.StandardClaims.Issuer != "podinfo" {
+		if claims.Issuer != "podinfo" {
 			return nil, status.Errorf(codes.OK, "Invalid issuer")
 		} else {
 			var result = pb.TokenResponse{
 				Token:     claims.Name,
-				ExpiresAt: time.Unix(claims.StandardClaims.ExpiresAt, 0).String(),
+				ExpiresAt: claims.ExpiresAt.Time.String(),
 			}
 			return &result, nil
 		}
diff --git a/pkg/api/http/token.go b/pkg/api/http/token.go
index f5d0e28..d9747a3 100644
--- a/pkg/api/http/token.go
+++ b/pkg/api/http/token.go
@@ -13,7 +13,7 @@ import (
 
 type jwtCustomClaims struct {
 	Name string `json:"name"`
-	jwt.StandardClaims
+	jwt.RegisteredClaims
 }
 
 // Token godoc
@@ -44,9 +44,9 @@ func (s *Server) tokenGenerateHandler(w http.ResponseWriter, r *http.Request) {
 	expiresAt := time.Now().Add(time.Minute * 1)
 	claims := &jwtCustomClaims{
 		user,
-		jwt.StandardClaims{
+		jwt.RegisteredClaims{
 			Issuer:    "podinfo",
-			ExpiresAt: expiresAt.Unix(),
+			ExpiresAt: jwt.NewNumericDate(expiresAt),
 		},
 	}
 
@@ -59,7 +59,7 @@ func (s *Server) tokenGenerateHandler(w http.ResponseWriter, r *http.Request) {
 
 	var result = TokenResponse{
 		Token:     t,
-		ExpiresAt: time.Unix(claims.StandardClaims.ExpiresAt, 0),
+		ExpiresAt: claims.ExpiresAt.Time,
 	}
 
 	s.JSONResponse(w, r, result)
@@ -104,12 +104,12 @@ func (s *Server) tokenValidateHandler(w http.ResponseWriter, r *http.Request) {
 	}
 
 	if token.Valid {
-		if claims.StandardClaims.Issuer != "podinfo" {
+		if claims.Issuer != "podinfo" {
 			s.ErrorResponse(w, r, span, "invalid issuer", http.StatusUnauthorized)
 		} else {
 			var result = TokenValidationResponse{
 				TokenName: claims.Name,
-				ExpiresAt: time.Unix(claims.StandardClaims.ExpiresAt, 0),
+				ExpiresAt: claims.ExpiresAt.Time,
 			}
 			s.JSONResponse(w, r, result)
 		}