[jira] [Resolved] (OLTU-172) Handle invalid JWT exp field more gracefully

Simone Tripodi (JIRA) Wed, 25 Oct 2017 07:38:15 -0700

     [ 
https://issues.apache.org/jira/browse/OLTU-172?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Simone Tripodi resolved OLTU-172.
---------------------------------
       Resolution: Fixed
    Fix Version/s: oauth2-1.0.3

Looks like this was resolved via OLTU-196, thanks anyway for your help, very 
appreciated!

> Handle invalid JWT exp field more gracefully
> --------------------------------------------
>
>                 Key: OLTU-172
>                 URL: https://issues.apache.org/jira/browse/OLTU-172
>             Project: Apache Oltu
>          Issue Type: Bug
>          Components: oauth2-jwt
>            Reporter: Thomas Meyer
>            Assignee: Antonio Sanso
>            Priority: Minor
>              Labels: review
>             Fix For: oauth2-1.0.3
>
>         Attachments: JWTClaimsSetParser-Number-Cast-v1.patch
>
>
> Hi,
> Sadly WSO2 create invalid JW tokens with an "exp" field with millisecond 
> resolution. According to the spec the field "exp" should only contain second 
> resolution.
> When JWTReader tries to parse the exp field a ClassCastException will occur, 
> becaue a Long object is returned and not an Integer.
> Attached patch casts to the super class method to cover Long and Integer 
> values correctly.
> What do you think about this patch? Okay to go in?



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Resolved] (OLTU-172) Handle invalid JWT exp field more gracefully

Reply via email to