You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cxf.apache.org by "Colm O hEigeartaigh (JIRA)" <ji...@apache.org> on 2017/11/15 10:25:00 UTC
[jira] [Assigned] (FEDIZ-214) OIDC generated already expired
id_token
[ https://issues.apache.org/jira/browse/FEDIZ-214?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Colm O hEigeartaigh reassigned FEDIZ-214:
-----------------------------------------
Assignee: (was: Colm O hEigeartaigh)
> OIDC generated already expired id_token
> ---------------------------------------
>
> Key: FEDIZ-214
> URL: https://issues.apache.org/jira/browse/FEDIZ-214
> Project: CXF-Fediz
> Issue Type: Bug
> Components: OIDC
> Affects Versions: 1.4.2
> Reporter: gonzalad
> Priority: Minor
> Fix For: 1.4.3
>
>
> id_token expiry claim was is computed from SAML token expiry.
> Since SAML token is generated once per OIDC httpSession
> and can be reused for generating multiple id_token, there can be cases
> where the id_token is generated with an already expired claim.
> id_token expiry claim should be computed at id_token generation time.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)