Include user name in CWWKS1773E error message TS003412433 #11927
Labels
bug
This bug is not present in a released version of Open Liberty
release bug
This bug is present in a released version of Open Liberty
release:20006
serviceability
Label used to track serviceability related issues
team:Security SSO
Milestone
When the OpenID Connect runtime receives a JWT that is expires, an error similar to the following is be emitted:
WWKS1737E: The OpenID Connect client [client123] failed to validate the JSON Web Token. The cause of the error was: [CWWKS1773E: Validation failed for the token requested by [client123] because the token is outside of its valid range. This might have been caused by either the current time [2020-04-23T11:22:10.733Z] being after the token expiration time [2020-04-22T17:37:26.000Z] or the issue time [2020-01-01T00:00:00.000Z] being too far away from the current time [2020-04-23T11:22:10.733Z].]
It would be helpful to include the username associated with the JWT so that the administrator can more easily fix the problem.
For instance:
CWWKS1773E: Validation failed for the token with subject [tom@example.com] requested by [client123] because the token is outside of its valid range.
Diagnostic information:
The text was updated successfully, but these errors were encountered: