andrasbacsai opened a new issue #2931:
URL: https://github.com/apache/couchdb/issues/2931
[NOTE]: # ( ^^ Provide a general summary of the issue in the title above. ^^
)
## Description
When using JWT authentication with only `exp` as `required_claims` , but
`iss` is provided in the JWT token, CouchDB responses with:
```
{
"error": "bad_request",
"reason": "Invalid iss claim"
}
```
[NOTE]: # ( Describe the problem you're encountering. )
[TIP]: # ( Do NOT give us access or passwords to your actual CouchDB! )
## Steps to Reproduce
- Use v3.1.0
- Set `{chttpd_auth, jwt_authentication_handler}` in
`authentication_handlers` & add public key
- Set `required_claims = exp`
- Generate JWT with any `iss` claim
- Try to use the token for any request
[NOTE]: # ( Include commands to reproduce, if possible. curl is preferred. )
## Expected Behaviour
- It should work
[NOTE]: # ( Tell us what you expected to happen. )
## Your Environment
[TIP]: # ( Include as many relevant details about your environment as
possible. )
[TIP]: # ( You can paste the output of curl http://YOUR-COUCHDB:5984/ here.
)
* CouchDB version used: 3.1.0
* Browser name and version: Chrome Version 83.0.4103.97 (Official Build)
(64-bit)
* Operating system and version: ubunut 20.04
## Additional Context
Slac [chat](https://couchdb.slack.com/archives/C49LEE7NW/p1590665851371600)
about the problem.
[TIP]: # ( Add any other context about the problem here. )
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
