You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@oltu.apache.org by "Antonio Sanso (JIRA)" <ji...@apache.org> on 2014/09/16 11:32:34 UTC
[jira] [Commented] (OLTU-161) JWTClaimsSetParser fails when aud is
an array
[ https://issues.apache.org/jira/browse/OLTU-161?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14135192#comment-14135192 ]
Antonio Sanso commented on OLTU-161:
------------------------------------
[~bodewig] thanks for reporting the issue.
Would you be able to provide a patch ? :)
> JWTClaimsSetParser fails when aud is an array
> ---------------------------------------------
>
> Key: OLTU-161
> URL: https://issues.apache.org/jira/browse/OLTU-161
> Project: Apache Oltu
> Issue Type: Bug
> Components: oauth2-jwt
> Affects Versions: oauth2-1.0.0
> Reporter: Stefan Bodewig
>
> JWTClaimsSetParser contains
> {code}
> if (AUDIENCE.equals(key)) {
> getBuilder().setClaimsSetAudience(String.valueOf(value));
> {code}
> which leads to something like {{"aud": "[Ljava.lang.Object;@34657d74"}} when the audience provided by the server is a JSON array - which is the canonical representation and a single string is only the exception according to http://openid.net/specs/openid-connect-core-1_0.html#IDToken
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)