Bird
0
0

Consider this code snippet for JWT validation in a microservice:

medium📝 Analysis Q4 of 15
Microservices - Authentication and Authorization
Consider this code snippet for JWT validation in a microservice:
if verify_jwt(token):
    grant_access()
else:
    reject_request()

What is the expected behavior if the JWT token's "exp" claim indicates it has expired?
AThe token will be refreshed automatically
BThe token will be accepted but with limited permissions
CThe token will be accepted without any checks
DThe token will be rejected and access denied
Step-by-Step Solution
Solution:

  1. Step 1: Understand JWT expiration

    The "exp" claim defines token expiry time; expired tokens are invalid.

  2. Step 2: Effect on validation

    verify_jwt() should fail if token is expired.

  3. Final Answer:

    The token will be rejected and access denied -> Option D

  4. Quick Check:

    Expired tokens are invalid [OK]
Quick Trick: Expired JWT tokens are always rejected [OK]
Common Mistakes:
MISTAKES
  • Assuming expired tokens grant limited access
  • Believing tokens refresh automatically without explicit logic
  • Ignoring expiration during validation

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions
More Microservices Quizzes
Authentication and Authorization - OAuth 2.0 for microservices - Quiz 13medium Event-Driven Architecture - Event store concept - Quiz 4medium Monitoring and Observability - Why observability is critical in distributed systems - Quiz 1easy Monitoring and Observability - Correlation IDs - Quiz 13medium Orchestration with Kubernetes - Kubernetes basics review - Quiz 11easy Orchestration with Kubernetes - Horizontal Pod Autoscaler - Quiz 8hard Orchestration with Kubernetes - ConfigMaps and Secrets - Quiz 7medium Resilience Patterns - Timeout pattern - Quiz 9hard Resilience Patterns - Fallback pattern - Quiz 14medium Service Mesh - Why service mesh manages inter-service traffic - Quiz 1easy