cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jose Escobar (JIRA)" <j...@apache.org>
Subject [jira] [Created] (CXF-7201) Incorrect JSON return in openId connect UserInfo when no signature or encryption
Date Fri, 30 Dec 2016 09:52:58 GMT
Jose Escobar created CXF-7201:
---------------------------------

             Summary: Incorrect JSON return in openId connect UserInfo when no signature or
encryption
                 Key: CXF-7201
                 URL: https://issues.apache.org/jira/browse/CXF-7201
             Project: CXF
          Issue Type: Improvement
          Components: JAX-RS Security
    Affects Versions: 3.1.9
            Reporter: Jose Escobar
            Priority: Minor


Hello,
I'm using your org.apache.cxf.rs.security.oidc.idp.UserInfoService tu publish an OpenId connect
UserInfo service. When returned JWT requires signature or encryption I get a correctly formatted
JWT, but when no signature or encryption is required, returned JSON is not correctly formatted.


Problem occurs because on the second scenario, JSON marshal is done out of scope of cxf jose
jwt (by default json marshaller). On signature or encrypted JWT, JwtUtils.claimsToJson is
used and result is OK.

I've resolve this using a custom UserInfoService. I'm going to send a pull request with a
fix hoping it could be useful.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message