Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-12477

id_token requested using grant_type=authorization_code returns auth_time in milliseconds

    XMLWordPrintable

    Details

    • Rank:
      1|hzvbyv:
    • Yes
    • Yes
    • No
    • Yes and I used the same an in the description

      Description

      Bug description

      Requesting an id_token using grant_type=authorization_code sets the auth_time within the id_token in milliseconds. The spec (http://openid.net/specs/openid-connect-core-1_0.html) says this should be in seconds. It only returns in milliseconds for this grant_type.

      How to reproduce the issue

      Details steps outlining how to recreate the issue (remove this text)

      1. Configure OpenID Connect service
      2. Configure OAuth2/OpenID Connect Agent
      3. Get code - http://openam.example.com:8080/openam/oauth2/authorize?response_type=code&client_id=myOAuth2Client&scope=openid&redirect_uri=http://www.google.co.uk
      4. Get access_token - http://openam.example.com:8080/openam/oauth2/access_token?grant_type=authorization_code&redirect_uri=http://www.google.co.uk&code=\code
      5. Decode the id_token jwt, auth_time shows in milliseconds
      Expected behaviour
      auth_time returns in seconds
      Current behaviour
      auth_time returns in milliseconds

      Work around

      Could use another flow but that's not ideal.

       

        Attachments

          Activity

            People

            dipu.seminlal Dipu Seminlal
            aaron.haskins Aaron Haskins
            Votes:
            2 Vote for this issue
            Watchers:
            7 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: