Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Issue 1480 fix claims validation aud array #1481

Closed

Conversation

nholik
Copy link
Contributor

@nholik nholik commented Dec 18, 2023

This addresses issue #1480 where claims validation fails when a token has an array of values in the aud claim. Per the issue, this should be considered valid per the spec and as implemented only the special case is.

I have added unit tests verifying the behavior. Further this change is backward compatible and does not cause anything that would currently validate to fail

Per the openid spec, aud can be an array and in special cases a single
string.  This fixes a bug where the array case is not handled.  This is
a non breaking change.

Resolves: Issue [okta#1480](okta#1480)
Tests for the following scenarios:
- aud is an array but does NOT contain the clientId throws an error
- aud is an array and does contain the clientId validates with no error

Resolves: [1480](okta#1480)
@jaredperreault-okta
Copy link
Contributor

@nholik nholik deleted the issue-1480-fix-claims-validation-aud-array branch January 26, 2024 18:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants