Skip to content

Add missing IssuerKeyIdValidationRule #4853

New issue
New issue
Closed
#4854
Closed
Add missing IssuerKeyIdValidationRule#4853
#4854
Labels
bugSomething isn't working
@wolf4ood

Description

@wolf4ood
wolf4ood
opened on Mar 6, 2025

Bug Report

Describe the Bug

Currently we are missing IssuerKeyIdValidationRule in the token validation

This will add additional checks against malicious request that does not have a correlation between kid header and iss claim

Expected Behavior

A clear and concise description of what you expected to happen.

Observed Behavior

A clear and concise description of what happened instead.

Steps to Reproduce

Steps to reproduce the behavior:

  1. Go to '...'
  2. Click on '....'
  3. Scroll down to '....'
  4. See error

Context Information

Add any other context about the problem here.

  • Used version [e.g. EDC v1.0.0]
  • OS: [e.g. iOS, Windows]
  • ...

Detailed Description

If applicable, add screenshots and logs to help explain your problem.

Possible Implementation

You already know the root cause of the erroneous state and how to fix it? Feel free to share your thoughts.

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugSomething isn't working

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions