Uploaded image for project: 'Identity Gateway'
  1. Identity Gateway
  2. OPENIG-418

Accepts OAuth Access Token Response with 'expires_in' field expressed as String

    XMLWordPrintable

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 3.1.0, 3.1.1
    • 3.1.0, 3.1.1
    • OAuth 2.0
    • None
    • 3.1 - final QA sprint

    Description

      With its new OAuth 2.0 REST Service (v3), Google seems to send that kind of response for a request to the token endpoint (https://www.googleapis.com/oauth2/v3/token obtained from OpenID Connect well-known endpoint):

      {
        "access_token": "ya29.1gD5 ...... h_RGTJw", 
        "token_type": "Bearer", 
        "expires_in": "3600", 
        "refresh_token": "1/dGjGYC7sDFa .... TU8HAh7T6szsKGYTs"
      }
      

      Notice that expires_in is expressed as a String where the OAuth 2.0 spec mandates a JSON Number.

      Attachments

        Issue Links

          Activity

            People

              guillaume.sauthier Guillaume Sauthier
              guillaume.sauthier Guillaume Sauthier
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: