Uploaded image for project: 'Grouper'
  1. Grouper
  2. GRP-5389

jwt puts member_id in wrong column

    XMLWordPrintable

Details

    • New Feature
    • Resolution: Unresolved
    • Minor
    • None
    • None
    • None
    • None

    Description

      Jonathan Zhao
      1 day ago
      Another finding, grouper treats grouper_password.username, rather than grouper_password.member_id as the member_id part in bearer token.
      When creating a JWT key from UI, a new row is automatically created in table grouper_password with column "username" and "member_id" set to the same value.
      If we change the value of grouper_password.member_id to anything different, the authn still works well;
      But if we change the value of grouper_password.username to a different value, the authn fails, and reports error "cannot find public key for ...".
      It's very confusing that the member_id in bearer token (also the one in UI) is not saved in column grouper_password.member_id but in column grouper_password.username.

      Attachments

        Activity

          People

            chris.hyzer@at.internet2.edu Chris Hyzer (upenn.edu)
            chris.hyzer@at.internet2.edu Chris Hyzer (upenn.edu)
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated: