You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@oltu.apache.org by "Ralf Riedel (JIRA)" <ji...@apache.org> on 2017/08/31 13:18:00 UTC

[jira] [Created] (OLTU-208) use of outdated + broken version of org.apache.oltu.commons.encodedtoken

Ralf Riedel created OLTU-208:
--------------------------------

             Summary: use of outdated + broken version of org.apache.oltu.commons.encodedtoken
                 Key: OLTU-208
                 URL: https://issues.apache.org/jira/browse/OLTU-208
             Project: Apache Oltu
          Issue Type: Bug
          Components: JWT
            Reporter: Ralf Riedel


The most recent artifact for *org.apache.oltu.oauth2.jwt* published in maven central repository 

{code:xml}
<dependency>
    <groupId>org.apache.oltu.oauth2</groupId>
    <artifactId>org.apache.oltu.oauth2.jwt</artifactId>
    <version>1.0.3</version>
</dependency>
{code}

uses version *[1.0.0|https://mvnrepository.com/artifact/org.apache.oltu.commons/org.apache.oltu.commons.encodedtoken/1.0.0]* of *org.apache.oltu.commons.encodedtoken*, see [https://mvnrepository.com/artifact/org.apache.oltu.oauth2/org.apache.oltu.oauth2.jwt/1.0.3]

There is already a newer Version *[1.0.1|https://mvnrepository.com/artifact/org.apache.oltu.commons/org.apache.oltu.commons.encodedtoken/1.0.1]* available, which includes a fix for a bug that currently hits us: A wrong regexp pattern for base64url encoded strings makes 

{code:java}org.apache.oltu.commons.encodedtoken.TokenReader{code}

rejecting valid Tokens we receive from a third party software.

Could you please update the dependencies for  *org.apache.oltu.oauth2.jwt* to use Version 1.0.1 instead of 1.0.0 of *org.apache.oltu.commons.encodedtoken*?



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)