Jose Escobar created CXF-7201: --------------------------------- Summary: Incorrect JSON return in openId connect UserInfo when no signature or encryption Key: CXF-7201 URL: https://issues.apache.org/jira/browse/CXF-7201 Project: CXF Issue Type: Improvement Components: JAX-RS Security Affects Versions: 3.1.9 Reporter: Jose Escobar Priority: Minor
Hello, I'm using your org.apache.cxf.rs.security.oidc.idp.UserInfoService tu publish an OpenId connect UserInfo service. When returned JWT requires signature or encryption I get a correctly formatted JWT, but when no signature or encryption is required, returned JSON is not correctly formatted. Problem occurs because on the second scenario, JSON marshal is done out of scope of cxf jose jwt (by default json marshaller). On signature or encrypted JWT, JwtUtils.claimsToJson is used and result is OK. I've resolve this using a custom UserInfoService. I'm going to send a pull request with a fix hoping it could be useful. -- This message was sent by Atlassian JIRA (v6.3.4#6332)