Reproduce validate issues

example.go

func TestValidate(t *testing.T) {

	validRawToken := jwtBytes(testJWT())
	expiredToken := testJWT()
	expiredToken.Claims().SetExpiration(time.Now().Add(-24 * time.Hour))
	expiredRawToken := jwtBytes(expiredToken)
	badRawToken := []byte("You know I'm bad, I'm bad - you know it")

	testCases := []struct {
		name          string
		rawJWT        []byte
		expectedError error
	}{
		{"valid JWT", validRawToken, nil},
		{"expired JWT", expiredRawToken, jwt.ErrTokenIsExpired},
		{"malformed JWT", badRawToken, jws.ErrNotCompact}, // this might require fix in jws package
	}

	for _, testCase := range testCases {
		w, err := jws.ParseJWT(testCase.rawJWT)
		if err != nil {
			if err != testCase.expectedError {
				t.Fatal(err)
			}
		}

    // see ValidateJWT below in the gist.
		if err = ValidateJWT(w); err != testCase.expectedError {
			t.Fatalf("%s: expected error: %#v got: %#v", testCase.name, testCase.expectedError, err)
		}
	}
}


// ValidateJWT checks whether our required fields exist on the JWT.
// The signature is also verified (uses RS384 signing method).
// It uses the public key set by UseRSAPublicKey.
func ValidateJWT(token jwt.JWT) (err error) {

	defer func() {
		if r := recover(); r != nil {
			err = errors.New(fmt.Sprint(r))
		}
	}()

	claims := token.Claims()

	// is expired?
	err = claims.Validate(time.Now().UTC(), Expiration, 0)
	if err != nil {
		return err
	}

	validator := jws.NewValidator(nil, time.Duration(0), 0, hasRequiredKeys)
	return token.Validate(rsaPub, crypto.SigningMethodRS384, validator)

}