wso2is id_token containes not allowed new line characters

0
votes

I'm trying to use wso2is server v5.0.0 to authenticate users using OpenId Connect protocol.

After access token request server creates JSON object according to the spec: http://openid.net/specs/openid-connect-core-1_0.html#TokenResponse

I have noticed that id_token filed is not valid. It contains new line characters: \r\n which are not allowed in this field, see: https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-31#section-7.2 p.9.

This is not a problem when client uses Java language, since org.apache.commons.codec.binary.Base64 decoder can handle such token. However python parser is more restrictive.

Is this a known bug in the wso2is v5.0.0? Is there any patch or fix available for this issue?

regards Marcin

1
pythonaccess-tokenwso2isjwtopenid-connect

1 Answers

1
votes

Yes. It is a bug in IS 5.0.0. You can find the public jira from here. Actually not only it, there are some other issues with OpenID-connect implementation with IS 5.0.0. id_Token is not signed, none issues and so on. I guess all there are fixed now and will be available with next release.