[OLTU-172] Handle invalid JWT exp field more gracefully - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Minor
Resolution: Fixed
Affects Version/s: None
Fix Version/s: oauth2-1.0.3
Component/s: oauth2-jwt
Labels:
- review

Flags:

Patch

Description

Hi,

Sadly WSO2 create invalid JW tokens with an "exp" field with millisecond resolution. According to the spec the field "exp" should only contain second resolution.

When JWTReader tries to parse the exp field a ClassCastException will occur, becaue a Long object is returned and not an Integer.

Attached patch casts to the super class method to cover Long and Integer values correctly.

What do you think about this patch? Okay to go in?

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

JWTClaimsSetParser-Number-Cast-v1.patch
22/Apr/15 09:27
1 kB
Thomas Meyer

Activity

People

Assignee:: Antonio Sanso

Reporter:: Thomas Meyer

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 22/Apr/15 09:23

Updated:: 25/Oct/17 14:37

Resolved:: 25/Oct/17 14:37