oltu-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Antonio Sanso (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (OLTU-208) use of outdated + broken version of org.apache.oltu.commons.encodedtoken
Date Wed, 25 Oct 2017 08:34:00 GMT

    [ https://issues.apache.org/jira/browse/OLTU-208?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16218251#comment-16218251
] 

Antonio Sanso commented on OLTU-208:
------------------------------------

[~rriedel] is still an issue? Do you have in mind a patch ?

> use of outdated + broken version of org.apache.oltu.commons.encodedtoken
> ------------------------------------------------------------------------
>
>                 Key: OLTU-208
>                 URL: https://issues.apache.org/jira/browse/OLTU-208
>             Project: Apache Oltu
>          Issue Type: Bug
>          Components: JWT
>            Reporter: Ralf Riedel
>            Assignee: Antonio Sanso
>
> The most recent artifact for *org.apache.oltu.oauth2.jwt* published in maven central
repository 
> {code:xml}
> <dependency>
>     <groupId>org.apache.oltu.oauth2</groupId>
>     <artifactId>org.apache.oltu.oauth2.jwt</artifactId>
>     <version>1.0.3</version>
> </dependency>
> {code}
> uses version *[1.0.0|https://mvnrepository.com/artifact/org.apache.oltu.commons/org.apache.oltu.commons.encodedtoken/1.0.0]*
of *org.apache.oltu.commons.encodedtoken*, see [https://mvnrepository.com/artifact/org.apache.oltu.oauth2/org.apache.oltu.oauth2.jwt/1.0.3]
> There is already a newer Version *[1.0.1|https://mvnrepository.com/artifact/org.apache.oltu.commons/org.apache.oltu.commons.encodedtoken/1.0.1]*
available, which includes a fix for a bug that currently hits us: A wrong regexp pattern for
base64url encoded strings makes 
> {code:java}org.apache.oltu.commons.encodedtoken.TokenReader{code}
> rejecting valid Tokens we receive from a third party software.
> Could you please update the dependencies for  *org.apache.oltu.oauth2.jwt* to use Version
1.0.1 instead of 1.0.0 of *org.apache.oltu.commons.encodedtoken*?



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message