Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Single use tokens, like action tokens, has a claim expiration #31171

New issue
New issue
Closed
#31172
Closed
Single use tokens, like action tokens, has a claim expiration#31171
#31172
Assignees
knutz3nahus1
Labels
area/corekind/bugCategorizes a PR related to a bugpriority/importantMust be worked on very soonrelease/25.0.2release/26.0.0team/core-shared
Milestone
26.0.0
@knutz3n

Description

@knutz3n
knutz3n
opened on Jul 9, 2024

Before reporting an issue

  • I have read and understood the above terms for submitting issues, and I understand that my issue may be closed without action if I do not follow them.

Area

core

Describe the bug

When the return type of getExp() in org.keycloak.models.SingleUseObjectKeyModel was changed from an int to a Long, the old int behaviour was kept as a getter getExpiration() which has a default implementation to get the int value from getExp().

This causes the JSON serialization to include the value from getExpiration() as a claim expiration. Since the DefaultActionToken extends DefaultActionTokenKey which implements SingleUseObjectKeyModel, a `expiration claim is now included in all action tokens.

Version

25.0.1

Regression

  • The issue is a regression

Expected behavior

Action tokens should have a claim exp for expiration.

Actual behavior

Action tokens has both exp and expiration claims for expiration.

How to Reproduce?

Use the forgotten password method and decode the reset password token. It has both exp and expiration.

Anything else?

No response

Metadata

Metadata

Assignees

Labels

area/corekind/bugCategorizes a PR related to a bugpriority/importantMust be worked on very soonrelease/25.0.2release/26.0.0team/core-shared

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions