[jboss-jira] [JBoss JIRA] (WFLY-12978) Current implementation of MP-JWT doesn't require claims which should be required
Darran Lofthouse (Jira)
issues at jboss.org
Wed Jul 8 09:34:11 EDT 2020
[ https://issues.redhat.com/browse/WFLY-12978?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Darran Lofthouse reassigned WFLY-12978:
---------------------------------------
Assignee: (was: Darran Lofthouse)
> Current implementation of MP-JWT doesn't require claims which should be required
> --------------------------------------------------------------------------------
>
> Key: WFLY-12978
> URL: https://issues.redhat.com/browse/WFLY-12978
> Project: WildFly
> Issue Type: Bug
> Components: MP JWT
> Reporter: Jan Kasik
> Priority: Major
>
> Chapter 4.1 of MP-JWT 1.1 recommends minimal set of JWT claims which should be required.
> Current implementation doesn't check for following claims and returns 200/OK if they are missing:
> * {{upn}}
> * {{jti}}
> * {{groups}}
> * {{iat}}
> * {{sub}}
--
This message was sent by Atlassian Jira
(v7.13.8#713008)
More information about the jboss-jira
mailing list