Closed QiAnXinCodeSafe closed 4 years ago
hi @QiAnXinCodeSafe,
what would be your proposal? I think in this context it is uncritical, as we need to generate a unique key for the cache, which itself is private.
Best regards
close due to inactivity. Do not hesitate to re-open again... Thanks!
https://github.com/SAP/cloud-security-xsuaa-integration/blob/c426e8dfa3cef9406364cfe4413189767d09dd2a/spring-xsuaa/src/main/java/com/sap/cloud/security/xsuaa/extractor/TokenBrokerResolver.java#L244-L248 The code misses invoking a required step during the process of generating a cryptographic hash.