You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cxf.apache.org by "ASF GitHub Bot (JIRA)" <ji...@apache.org> on 2017/05/25 20:23:04 UTC
[jira] [Commented] (CXF-7201) Incorrect JSON return in openId
connect UserInfo when no signature or encryption
[ https://issues.apache.org/jira/browse/CXF-7201?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16025332#comment-16025332 ]
ASF GitHub Bot commented on CXF-7201:
-------------------------------------
Github user deki commented on the issue:
https://github.com/apache/cxf/pull/218
CXF-7201 is resolved so this should be closed as well, shouldn't it?
> Incorrect JSON return in openId connect UserInfo when no signature or encryption
> --------------------------------------------------------------------------------
>
> Key: CXF-7201
> URL: https://issues.apache.org/jira/browse/CXF-7201
> Project: CXF
> Issue Type: Improvement
> Components: JAX-RS Security
> Affects Versions: 3.1.9
> Reporter: Jose Escobar
> Assignee: Sergey Beryozkin
> Priority: Minor
> Labels: jwt, openid
> Fix For: 3.1.10, 3.2.0
>
>
> Hello,
> I'm using your org.apache.cxf.rs.security.oidc.idp.UserInfoService tu publish an OpenId connect UserInfo service. When returned JWT requires signature or encryption I get a correctly formatted JWT, but when no signature or encryption is required, returned JSON is not correctly formatted.
> Problem occurs because on the second scenario, JSON marshal is done out of scope of cxf jose jwt (by default json marshaller). On signature or encrypted JWT, JwtUtils.claimsToJson is used and result is OK.
> I've resolve this using a custom UserInfoService. I'm going to send a pull request with a fix hoping it could be useful.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)