Details
-
Bug
-
Status: Closed
-
Major
-
Resolution: Fixed
-
3.1.13
-
None
-
Unknown
Description
When using the JwsCompactConsumer with a compact JWT whose kid contains a slash, the json parser escapes it, which causes issues later on while matching the kid to the one specified in the JWKS. For example:
Header:
{ "kid": "4pZbe4shQQGzZXHbeIlbDvmHOc1/H6jH6oBk3nUrcZE=", "alg": "RS256" }