[CXF-6984] OAuthJSonProvider mixes expirytime and issuer in writeTokenIntrospection. - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Minor
Resolution: Fixed
Affects Version/s: 3.1.6
Fix Version/s: 3.1.8, 3.2.0
Component/s: JAX-RS Security
Labels:
None

Estimated Complexity:
Unknown

Description

Checks that Issuer is nonnull but outputs expiry value instead of issuer.

org.apache.cxf.rs.security.oauth2.provider.OAuthJSONProvider.java

// From line 116, version 3.1.6 
if (obj.getIss() != null) {
  sb.append(",");
  appendJsonPair(sb, "iss", obj.getExp(), false); // Wrong value, shoud be obj.getIss()
}

Attachments

Activity

People

Assignee:: Sergey Beryozkin

Reporter:: Svein Otto Solem

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 01/Aug/16 09:47

Updated:: 21/Oct/16 18:45

Resolved:: 02/Aug/16 12:04