Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Jwt.id (jti) isn't been populated with OpenIdClaims.jti value #35

Closed
SrMouraSilva opened this issue Dec 21, 2021 · 5 comments
Closed

Jwt.id (jti) isn't been populated with OpenIdClaims.jti value #35

SrMouraSilva opened this issue Dec 21, 2021 · 5 comments
Assignees
@ch4mpy
Labels
bug Something isn't working

Comments

@SrMouraSilva
Copy link

Describe the bug

Jwt.id (jti) isn't been populated with OpenIdClaims.jti value

Code sample

@WithMockJwtAuth(
	claims=OpenIdClaims(
		sub="00000000-0000-0000-0000-000000000000", jti="00000000-0000-0000-0000-000000000000", sessionState="00000000-0000-0000-0000-000000000000",
		otherClaims=Claims(stringClaims=[StringClaim(name="id_institucional", value="aa91613e-34b2-488a-94ef-09ac5bef1904")])
	)
)
fun sampleTest() {}

If I check the id of Jwt, it appears null:

val authenticationJwt = authentication as JwtAuthenticationToken
val principal = authenticationJwtprincipal as Jwt

principal.id == null

Tested in

  • Spring Boot 2.6.1
  • com.c4-soft.springaddons:spring-security-oauth2-test-webmvc-addons:3.1.7-jdk17
  • org.springframework.boot:spring-boot-starter-oauth2-resource-server (the version is based on Spring Boot version)

Expected behavior
Jwt.id be populated based in jti value.
@SrMouraSilva SrMouraSilva added the bug Something isn't working label Dec 21, 2021
@SrMouraSilva
Copy link
Author

Note: If I use a (redudant) definition in otherClaims, then will works

@WithMockJwtAuth(
	claims=OpenIdClaims(
		sub="00000000-0000-0000-0000-000000000000", jti="00000000-0000-0000-0000-000000000000", sessionState="00000000-0000-0000-0000-000000000000",
		otherClaims=Claims(stringClaims=[StringClaim(name="id_institucional", value="aa91613e-34b2-488a-94ef-09ac5bef1904"), StringClaim(name="jti", value="00000000-0000-0000-0000-000000000000")])
	)
)

@ch4mpy
Copy link
Owner

ch4mpy commented Dec 21, 2021

This looks like a bug. Will have a look ASAP.

ch4mpy added a commit that referenced this issue Dec 21, 2021
@ch4mpy
gh-35
de878f7
@ch4mpy
Copy link
Owner

ch4mpy commented Dec 21, 2021

@SrMouraSilva thank you for taking time to report.

I just fogot JTI when extracting annotation value. Sorry about that

This bug affects all @WithMock..., but the fix works for all of it too.
You can have a look at the commit linked above, it demoes your use-case in a new test.

Release onging. Please comment or re-open if the solution is not what you expected.

@ch4mpy
Copy link
Owner

ch4mpy commented Dec 21, 2021

@SrMouraSilva release 3.1.8 done.

It usually takes about two hours for the libs to be transfered to https://repo1.maven.org/maven2/com/c4-soft/springaddons/spring-security-oauth2-test-addons/

@ch4mpy ch4mpy closed this as completed Dec 21, 2021
@SrMouraSilva
Copy link
Author

@ch4mpy. Tested. Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ch4mpy ch4mpy

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@SrMouraSilva @ch4mpy