jenkins-bot has submitted this change and it was merged.
Change subject: Make iat timestamp an int instead of string
......................................................................
Make iat timestamp an int instead of string
Bug: 65260
Change-Id: Ieafccfdf68be8339e3641dc67c2d0ff4abf30250
---
M frontend/specialpages/SpecialMWOAuth.php
1 file changed, 1 insertion(+), 1 deletion(-)
Approvals:
Anomie: Looks good to me, approved
jenkins-bot: Verified
diff --git a/frontend/specialpages/SpecialMWOAuth.php
b/frontend/specialpages/SpecialMWOAuth.php
index 6e6eccf..6332813 100644
--- a/frontend/specialpages/SpecialMWOAuth.php
+++ b/frontend/specialpages/SpecialMWOAuth.php
@@ -228,7 +228,7 @@
// Expiration time on or after which the ID Token MUST NOT be
accepted for processing.
$statement['exp'] = wfTimestamp() + 100;
// Time at which the JWT was issued.
- $statement['iat'] = wfTimestamp();
+ $statement['iat'] = (int)wfTimestamp();
// String value used to associate a Client session with an ID
Token, and to mitigate
// replay attacks. The value is passed through unmodified from
the Authorization Request.
$statement['nonce'] = $request->get_parameter( 'oauth_nonce' );
--
To view, visit https://gerrit.wikimedia.org/r/133588
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: Ieafccfdf68be8339e3641dc67c2d0ff4abf30250
Gerrit-PatchSet: 2
Gerrit-Project: mediawiki/extensions/OAuth
Gerrit-Branch: master
Gerrit-Owner: CSteipp <[email protected]>
Gerrit-Reviewer: Anomie <[email protected]>
Gerrit-Reviewer: Halfak <[email protected]>
Gerrit-Reviewer: jenkins-bot <>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
