Closed nikosft closed 4 years ago
If a token does not contain the exp claim, then authorization is not completed (Check starts at line 1165 of mod_authnz_jwt.c. However, JWT RFC clearly states the exp claim is optional (https://tools.ietf.org/html/rfc7519#section-4.1.4)
If a token does not contain the exp claim, then authorization is not completed (Check starts at line 1165 of mod_authnz_jwt.c. However, JWT RFC clearly states the exp claim is optional (https://tools.ietf.org/html/rfc7519#section-4.1.4)