[jboss-jira] [Red Hat JIRA] (ELY-2069) JWT token validation uses int instead of long for the expiration (exp) value

Tuesday, 12 January 2021

Chris Dolphy created ELY-2069:
---------------------------------

             Summary: JWT token validation uses int instead of long for the expiration
(exp) value
                 Key: ELY-2069
                 URL: https://issues.redhat.com/browse/ELY-2069
             Project: WildFly Elytron
          Issue Type: Feature Request
            Reporter: Chris Dolphy
            Assignee: Darran Lofthouse

JwtValidator is reading the exp field as a Java int instead of long:

[https://github.com/wildfly-security/wildfly-elytron/blob/master/auth/real...]

This means the maximum expiration date is ~January 18, 2038.  Also, with Javascript a
NumericDate this would be a 64-bit value.  The JWT spec also leaves open the possibility
of a decimal value so that should possibly be accounted for.

--
This message was sent by Atlassian Jira
(v8.13.1#813001)

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

[jboss-jira] [Red Hat JIRA] (ELY-2069) JWT token validation uses int instead of long for the expiration (exp) value