You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@oltu.apache.org by "Ralf Riedel (JIRA)" <ji...@apache.org> on 2017/08/31 13:18:00 UTC
[jira] [Created] (OLTU-208) use of outdated + broken version of
org.apache.oltu.commons.encodedtoken
Ralf Riedel created OLTU-208:
--------------------------------
Summary: use of outdated + broken version of org.apache.oltu.commons.encodedtoken
Key: OLTU-208
URL: https://issues.apache.org/jira/browse/OLTU-208
Project: Apache Oltu
Issue Type: Bug
Components: JWT
Reporter: Ralf Riedel
The most recent artifact for *org.apache.oltu.oauth2.jwt* published in maven central repository
{code:xml}
<dependency>
<groupId>org.apache.oltu.oauth2</groupId>
<artifactId>org.apache.oltu.oauth2.jwt</artifactId>
<version>1.0.3</version>
</dependency>
{code}
uses version *[1.0.0|https://mvnrepository.com/artifact/org.apache.oltu.commons/org.apache.oltu.commons.encodedtoken/1.0.0]* of *org.apache.oltu.commons.encodedtoken*, see [https://mvnrepository.com/artifact/org.apache.oltu.oauth2/org.apache.oltu.oauth2.jwt/1.0.3]
There is already a newer Version *[1.0.1|https://mvnrepository.com/artifact/org.apache.oltu.commons/org.apache.oltu.commons.encodedtoken/1.0.1]* available, which includes a fix for a bug that currently hits us: A wrong regexp pattern for base64url encoded strings makes
{code:java}org.apache.oltu.commons.encodedtoken.TokenReader{code}
rejecting valid Tokens we receive from a third party software.
Could you please update the dependencies for *org.apache.oltu.oauth2.jwt* to use Version 1.0.1 instead of 1.0.0 of *org.apache.oltu.commons.encodedtoken*?
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)