cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sergey Beryozkin (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (CXF-7115) Issuer in TokenIntrospection should be quoted in JSON
Date Tue, 01 Nov 2016 13:20:58 GMT

    [ https://issues.apache.org/jira/browse/CXF-7115?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15625423#comment-15625423
] 

Sergey Beryozkin commented on CXF-7115:
---------------------------------------

Thanks for spotting it, it was a copy and paste issue. FYI, ATs can be now represented as
JWTs by the default Ehcache/JCache providers which may offer an option to validate them locally
at the RS side

> Issuer in TokenIntrospection should be quoted in JSON
> -----------------------------------------------------
>
>                 Key: CXF-7115
>                 URL: https://issues.apache.org/jira/browse/CXF-7115
>             Project: CXF
>          Issue Type: Bug
>          Components: JAX-RS Security
>    Affects Versions: 3.1.8
>            Reporter: Svein Otto Solem
>            Assignee: Sergey Beryozkin
>            Priority: Trivial
>             Fix For: 3.2.0, 3.1.9
>
>
> See line 118 in OauthJSONProvider :
> appendJsonPair(sb, "iss", obj.getIss(), false);
> it should be 
> appendJsonPair(sb, "iss", obj.getIss(), true );
> in my opinion since the issuer typically is a uri.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message