[OPENAM-12759] During authorization code grant flow - max_age should be a number, not a string - ForgeRock JIRA

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 5.5.1, 6.0.0, 6.5.0, 6.5.0.1, 6.0.0.7, 6.5.1, 6.5.0.2, 6.5.2, 6.5.2.1, 6.5.2.2, 6.5.2.3
Fix Version/s: 5.5.3, 6.0.1, 7.0.0, 6.5.3
Component/s: OpenID Connect
Labels:
- EDISON
- FIN-PSD2-OB
- Must-Fix
- OpenBanking
- PSD2
- VERT-FIN

Target Version/s:

5.5.3, 7.0.0, 6.5.3

Sprint:
AM Sustaining Sprint 73, AM Sustaining Sprint 74
Story Points:
3
Needs backport:

Yes

Support Ticket IDs:

Verified Version/s:

6.5.3
Needs QA verification:

Yes
Functional tests:

Yes
Are the reproduction steps defined?:

Yes and I used the same an in the description

Description

Bug description

When doing an authorization code flow, you can specify an option call max_age.
Currently, AM is expecting this value to be a String but the standard says it should be a number.

How to reproduce the issue

Do an authorization code grant flow with the option max_age.

Expected behaviour

the login page

Current behaviour

An internal server error that is actually catch up and returned as "The request requires login" which makes completely no sense.

Work around

Use max age as a string

Attachments

Issue Links

is related to

OPENAM-16395 HTTP 302 error=login_required instead of consent approval when in authorization code flow with max_age=""

Open

Activity

People

Assignee:

C-Weng C

Reporter:

Quentin CASTEL [X] (Inactive)

Votes:

0 Vote for this issue

Watchers:

4 Start watching this issue

Dates

Created:

28/Mar/18 2:24 PM

Updated:

15/Sep/20 12:51 PM

Resolved:

05/May/20 11:59 AM