oscerd opened a new pull request, #23204: URL: https://github.com/apache/camel/pull/23204
## Backport of #23197 Cherry-pick of #23197 onto `camel-4.18.x`. **Original PR:** #23197 — CAMEL-23504: camel-keycloak - include IS_ACTIVE check in parseAndVerifyAccessToken **Original author:** @oscerd **Target branch:** `camel-4.18.x` **Tracking issue:** https://issues.apache.org/jira/browse/CAMEL-23504 The bug exists on `camel-4.18.x` with the same code shape as on `main` — `KeycloakSecurityHelper.parseAndVerifyAccessToken` builds a `TokenVerifier` with only `SUBJECT_EXISTS_CHECK` and a `RealmUrlCheck`, and Keycloak's `TokenVerifier.withChecks(...)` appends rather than replacing defaults, so `TokenVerifier.IS_ACTIVE` (the `exp`/`nbf` predicate) is never applied. Cherry-pick applied cleanly with auto-merge. `camel-4.14.x` is not affected because the `camel-keycloak` component does not exist on that line (it was introduced in 4.15.0). ### Verification - [x] `git cherry-pick 82fd4094b70` — clean auto-merge, no manual conflict resolution - [x] `mvn clean install -DskipTests -Dquickly` from repo root — BUILD SUCCESS ### Original description See #23197. --- _Claude Code on behalf of Andrea Cosentino_ -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
