api-manager icon indicating copy to clipboard operation
api-manager copied to clipboard
verified publisher icon wso2

x5t value in JWT tokens is not correct as per the specifications

Open cbabey opened this issue 1 year ago • 2 comments

Description

The x5t value generated by the APIM resident key manager in the JWT token due to an additional hexify step[1]. This hexify process is not in line with the specification[2].

Please refer to the product-is[1] issue for more details on this

[1] https://github.com/wso2-extensions/identity-inbound-auth-oauth/blob/v6.9.6/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/util/OAuth2Util.java#L2978 [2] https://datatracker.ietf.org/doc/html/rfc7515#section-4.1.7

Steps to Reproduce

N/A

Affected Component

APIM

Version

4.2.0

Environment Details (with versions)

No response

Relevant Log Output

No response

Related Issues

No response

Suggested Labels

No response

cbabey avatar Apr 16 '24 12:04 cbabey

Fixed by https://github.com/wso2-extensions/identity-inbound-auth-oauth/pull/2400

AnuGayan avatar Jul 09 '24 04:07 AnuGayan

Need to send this fix to the correct branch

RakhithaRR avatar Aug 12 '24 03:08 RakhithaRR