f34d5aaadb1a06d77193bf274078fce47020a39c,rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/jwt/JwtAccessTokenUtils.java,JwtAccessTokenUtils,toAccessToken,#JwtToken#Client#String#,67
Before Change
private static ServerAccessToken toAccessToken(JwtToken jwt,
Client client,
String tokenId) {
Long issuedAt = jwt.getClaims().getIssuedAt();
Long notBefore = jwt.getClaims().getNotBefore();
if (issuedAt == null) {
issuedAt = System.currentTimeMillis();
notBefore = null;
After Change
private static ServerAccessToken toAccessToken(JwtToken jwt,
Client client,
String tokenId) {
JwtClaims claims = jwt.getClaims();
validateJwtSubjectAndAudience(claims, client);
Long issuedAt = claims.getIssuedAt();
Long notBefore = claims.getNotBefore();