Antonio Sanso created OLTU-201:
----------------------------------
Summary: Issue in JWS validation
Key: OLTU-201
URL: https://issues.apache.org/jira/browse/OLTU-201
Project: Apache Oltu
Issue Type: Bug
Components: JWT
Reporter: Antonio Sanso
Assignee: Antonio Sanso
The JWS validation is currently broken.
The validation fails in certain cases even if the jwt is valid.
The problem is due to some json reordering on reconstructing the jws to
validate.
E.g. if the header of the JWS is
{code}
{"kid":"[email protected]", "alg":"RS256"}
{code}
the validation algorithm reconstruct the jws upon validation as
{code}
{ "alg":"RS256", "kid":"[email protected]"}
{code}
and consequently the signature would not match any longer
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
