]
Jan Kasik commented on WFLY-13164:
----------------------------------
Raising priority to blocker since this issue is a regression when compared against state
when the feature was being merged.
When "corrupted" public key is supplied to server, user is
not informed
-----------------------------------------------------------------------
Key: WFLY-13164
URL:
https://issues.redhat.com/browse/WFLY-13164
Project: WildFly
Issue Type: Bug
Components: MP JWT
Affects Versions: 19.0.0.Beta2, 20.0.0.Beta1
Reporter: Jan Kasik
Assignee: Darran Lofthouse
Priority: Blocker
Attachments: CorruptedKeyTest.war
When corrupted public key (a valid key cannot be extracted from the string value) is
supplied to JWT verifier, user is not informed since there is no error message in log and
clients receives 401 status code in response instead of an error code of 500.