[OLTU-208] use of outdated + broken version of org.apache.oltu.commons.encodedtoken - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Open
Priority: Major
Resolution: Unresolved
Affects Version/s: None
Fix Version/s: None
Component/s: JWT
Labels:
None

Description

The most recent artifact for org.apache.oltu.oauth2.jwt published in maven central repository

<dependency>
    <groupId>org.apache.oltu.oauth2</groupId>
    <artifactId>org.apache.oltu.oauth2.jwt</artifactId>
    <version>1.0.3</version>
</dependency>

uses version 1.0.0 of org.apache.oltu.commons.encodedtoken, see https://mvnrepository.com/artifact/org.apache.oltu.oauth2/org.apache.oltu.oauth2.jwt/1.0.3

There is already a newer Version 1.0.1 available, which includes a fix for a bug that currently hits us: A wrong regexp pattern for base64url encoded strings makes

org.apache.oltu.commons.encodedtoken.TokenReader

rejecting valid Tokens we receive from a third party software.

Could you please update the dependencies for org.apache.oltu.oauth2.jwt to use Version 1.0.1 instead of 1.0.0 of org.apache.oltu.commons.encodedtoken?

Attachments

Activity

People

Assignee:: Antonio Sanso

Reporter:: Ralf Riedel

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 31/Aug/17 13:17

Updated:: 26/Oct/17 13:43