[
https://issues.apache.org/jira/browse/KNOX-3270?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Tamás Marcinkovics updated KNOX-3270:
-------------------------------------
Description:
We don't filter for invalid type when issuing a token.
Once we create a token with an invalid md_type for a user (with or without
doAs=anotherUser), for example, using knoxtoken/api/v2/token?md_type=dummy, and
we want to issue a new token for the same user, we'll get an internal server
error.
Requests to the knoxtoken service should validate the md_type parameter and if
invalid, respond with a 400 Bad Request instead of issuing a token.
was:
We don't filter for invalid type when issuing a token.
Once we create a token with an invalid md_type for a user (with or without
doAs=anotherUser) and we want to issue a new token for the same user, we'll get
an internal server error.
Requests to the knoxtoken service should validate the md_type parameter and if
invalid, respond with a 400 Bad Request instead of issuing a token.
> Validate md_type parameter in TokenResource
> -------------------------------------------
>
> Key: KNOX-3270
> URL: https://issues.apache.org/jira/browse/KNOX-3270
> Project: Apache Knox
> Issue Type: Task
> Components: JWT
> Affects Versions: 2.1.0, 3.0.0
> Reporter: Tamás Marcinkovics
> Priority: Major
> Attachments: get-token-from-homepage.sh, output.txt, stacktrace.log
>
>
> We don't filter for invalid type when issuing a token.
> Once we create a token with an invalid md_type for a user (with or without
> doAs=anotherUser), for example, using knoxtoken/api/v2/token?md_type=dummy,
> and we want to issue a new token for the same user, we'll get an internal
> server error.
> Requests to the knoxtoken service should validate the md_type parameter and
> if invalid, respond with a 400 Bad Request instead of issuing a token.
>
>
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
