OIDCProviderSignedJwksUri and mandatory exp claim #1182
psteniusubi
started this conversation in
General
Replies: 1 comment
-
|
thanks for spotting this, please create the PR and I'll merge it before the next release |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Hi Hans & co,
We have run into an interop issue with Signed JWKS: in the mod_auth_openidc implementation the "exp" claim is mandatory and must always be present.
The specification for Signed JWKS in OpenID Federation defines the "exp" claim is optional.
I have implemented a fix that resolves the interop issue. The exp claim is still validated if it's present. I can create a PR if you agree.
Petteri
Beta Was this translation helpful? Give feedback.
All reactions