[OPENAM-5396] Malformed exp parameter in ID token Created: 05/Jan/15  Updated: 15/Dec/15  Resolved: 02/Feb/15

Status: Resolved
Project: OpenAM
Component/s: OpenID Connect
Affects Version/s: 12.0.0
Fix Version/s: 12.0.1, 13.0.0

Type: Bug Priority: Major
Reporter: Benjamin Mantei Assignee: kohei
Resolution: Fixed Votes: 0
Labels: release-notes
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

OpenAM 12


Issue Links:
Relates
relates to OPENAM-7048 coreTokenExpirationDate for OIDC toke... Resolved
Target Version/s:
QA Assignee: Garyl Erickson

 Description   

If OpenAM acts as an OpenID Connect provider, the "exp" parameter in the ID token is specified in milliseconds instead of seconds (defined in the OpenID Connect specification). The parameters "iat" and "auth_time" on the other hand are correctly specified in seconds.

{
	"tokenName": "id_token",
	"azp": "portalapp",
	"sub": "google-101619612293088813422",
	"at_hash": "PzNCyzs8Sqo2u18tbRT3VQ",
	"iss": "https://cmopenam1.net:8443/openam",
	"iat": 1420464997,
	"auth_time": 1420464997,
	"exp": 1420465597000,
	"tokenType": "JWTToken",
	"realm": "/",
	"aud": ["portalapp"],
	"c_hash": "i3O7PF4Fj_SbWDoD5OAHyw",
	"ops": "0e0bfd03-4848-49c7-841d-979a0855f4cb"
}


 Comments   
Comment by Peter Major [X] (Inactive) [ 06/Mar/15 ]

Fixed in 12.0.1 with R12870

Generated at Tue Oct 27 06:49:06 UTC 2020 using Jira 7.13.12#713012-sha1:6e07c38070d5191bbf7353952ed38f111754533a.