This has been fixed in public branch and will be available with 5.1.0 release.
On Wed, Nov 26, 2014 at 8:49 AM, Udara Liyanage <[email protected]> wrote: > Hi, > > Below is an sample token response I received when I generated a token with > *scope=openid.* > The format of the JWT as I understood is > base64(headers).base64(claims).signature > > However below response seems not to include signature. What is the cause > for this? > > When I decode the headers, it shows alg as "none". Does this has an impact > on the scenario. > {"alg":"none","typ":"JWT"} > > Note that algorithm is specified in identity.xml > <SignatureAlgorithm>SHA256withRSA</SignatureAlgorithm> > > > curl --user BcNIficDsmuTutxLMdnpx7TFJDAa:fMl07neyfjKcN1ZckD1DpTh5UVMa > -k -d "grant_type=password&username=admin&password=admin&scope=openid" -H > "Content-Type: application/x-www-form-urlencoded" > https://localhost:9443/oauth2/token | python -m json.tool > > { > "access_token": "b1d5fd3729d9f11ec081d8ef951dde4", > "expires_in": 3299, > "id_token": > "eyJhbGciOiJub25lIiwidHlwIjoiSldUIn0=\r\n.eyJleHAiOi0zNjQxNzY3MDMsImF6cCI6IkJjTklmaWNEc211VHV0eExNZG5weDdURkpEQWEiLCJz\r\ndWIiOiJhZG1pbkBjYXJib24uc3VwZXIiLCJhdWQiOiJCY05JZmljRHNtdVR1dHhMTWRucHg3VEZK\r\nREFhIiwiaXNzIjoiaHR0cHM6XC9cL2xvY2FsaG9zdDo5NDQzXC9vYXV0aDJlbmRwb2ludHNcL3Rv\r\na2VuIiwiaWF0IjotMzY3Nzc2NzAzfQ==\r\n.", > "refresh_token": "9b2c195841c4777d8113fccb4386c57", > "scope": "openid", > "token_type": "bearer" > } > > > > -- > > Udara Liyanage > Software Engineer > WSO2, Inc.: http://wso2.com > lean. enterprise. middleware > > web: http://udaraliyanage.wordpress.com > phone: +94 71 443 6897 > -- Thanks & Regards, *Johann Dilantha Nallathamby* Associate Technical Lead & Product Lead of WSO2 Identity Server Integration Technologies Team WSO2, Inc. lean.enterprise.middleware Mobile - *+94777776950* Blog - *http://nallaa.wordpress.com <http://nallaa.wordpress.com>*
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
