miniOrange OIDC jira plugin failed to decode id_token

  • westwin
    # 2 days, 19 hours ago

    The “name” claim in id_token is Chinese character, “Test Configuration” failed.

    I checked the class of JwtIDToken.class, and found it uses a Standard Base64 decoder rather than a URLBase64 decoder. I guess this might be the root cause of my failure. Could you please help feedback ?

    public JwtIDToken(String token) throws JSONException {
    String[] arr = StringUtils.split(token, “.”);
    this.encodedHeader = arr[0];
    this.payload = arr[1];
    this.signature = arr[2];
    Decoder base64Decoder = Base64.getDecoder();
    this.header = new String(base64Decoder.decode(arr[0]));
    this.payload = new String(base64Decoder.decode(arr[1]));
    }

    shradha
    Participant
    # 2 days, 9 hours ago

    Hi Westwin,

    Thanks for pointing out the issue.
    This could be because of using the Standard Base64 Decoder class.

    We are trying to reproduce the issue on our end.

    Could you please attach plugin logs at atlassiansupport@xecurify.com?
    This will help us to check the id_token response and parse it in the plugin.

    Steps to fetch logs are provided under the Troubleshooting section.

    Looking forward to hearing from you.

    Thanks,
    Shradha

Viewing 2 posts - 1 through 2 (of 2 total)

Reply