]
Darran Lofthouse reassigned WFLY-12978:
---------------------------------------
Assignee: (was: Darran Lofthouse)
Current implementation of MP-JWT doesn't require claims which
should be required
--------------------------------------------------------------------------------
Key: WFLY-12978
URL:
https://issues.redhat.com/browse/WFLY-12978
Project: WildFly
Issue Type: Bug
Components: MP JWT
Reporter: Jan Kasik
Priority: Major
Chapter 4.1 of MP-JWT 1.1 recommends minimal set of JWT claims which should be required.
Current implementation doesn't check for following claims and returns 200/OK if they
are missing:
* {{upn}}
* {{jti}}
* {{groups}}
* {{iat}}
* {{sub}}