[jboss-jira] [JBoss JIRA] (WFWIP-293) Current implementation of MP-JWT doesn't require claims which should be required
Jan Kasik (Jira)
issues at jboss.org
Tue Jan 7 05:52:57 EST 2020
Jan Kasik created WFWIP-293:
-------------------------------
Summary: Current implementation of MP-JWT doesn't require claims which should be required
Key: WFWIP-293
URL: https://issues.redhat.com/browse/WFWIP-293
Project: WildFly WIP
Issue Type: Bug
Components: MP JWT
Reporter: Jan Kasik
Assignee: Darran Lofthouse
Chapter 4.1 of MP-JWT 1.1 recommends minimal set of JWT claims which should be required.
Current implementation doesn't check for following claims and returns 200/OK if they are missing:
* {{upn}}
* {{jti}}
* {{groups}}
* {{iat}}
* {{sub}}
--
This message was sent by Atlassian Jira
(v7.13.8#713008)
More information about the jboss-jira
mailing list