[jboss-jira] [JBoss JIRA] (WFWIP-293) Current implementation of MP-JWT doesn't require claims which should be required

Tuesday, 7 January 2020

Jan Kasik created WFWIP-293:
-------------------------------

             Summary: Current implementation of MP-JWT doesn't require claims which
should be required
                 Key: WFWIP-293
                 URL: https://issues.redhat.com/browse/WFWIP-293
             Project: WildFly WIP
          Issue Type: Bug
          Components: MP JWT
            Reporter: Jan Kasik
            Assignee: Darran Lofthouse

Chapter 4.1 of MP-JWT 1.1 recommends minimal set of JWT claims which should be required.

Current implementation doesn't check for following claims and returns 200/OK if they
are missing:

* {{upn}}
* {{jti}}
* {{groups}}
* {{iat}}
* {{sub}}

--
This message was sent by Atlassian Jira
(v7.13.8#713008)

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

[jboss-jira] [JBoss JIRA] (WFWIP-293) Current implementation of MP-JWT doesn't require claims which should be required