owasp-zap-jwt-addon
owasp-zap-jwt-addon copied to clipboard
[Analysis] Adding a rule which checks the difference between current time and token's expiry time and raise an alert if difference is more than X minutes
Is your feature request related to a problem? Please describe. As JWT's should not be very long lived because of revocation issue hence an alert of low priority can be raised if such a case is found. Need to analyse more on this and check if any other such validations are needed.