[ https://issues.apache.org/jira/browse/OLTU-161?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14135285#comment-14135285
]
Stefan Bodewig commented on OLTU-161:
-------------------------------------
May give it a try, yes. Don't hold your breath, though.
> JWTClaimsSetParser fails when aud is an array
> ---------------------------------------------
>
> Key: OLTU-161
> URL: https://issues.apache.org/jira/browse/OLTU-161
> Project: Apache Oltu
> Issue Type: Bug
> Components: oauth2-jwt
> Affects Versions: oauth2-1.0.0
> Reporter: Stefan Bodewig
>
> JWTClaimsSetParser contains
> {code}
> if (AUDIENCE.equals(key)) {
> getBuilder().setClaimsSetAudience(String.valueOf(value));
> {code}
> which leads to something like {{"aud": "[Ljava.lang.Object;@34657d74"}} when the audience
provided by the server is a JSON array - which is the canonical representation and a single
string is only the exception according to http://openid.net/specs/openid-connect-core-1_0.html#IDToken
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
|