Closed newtork closed 4 years ago
I just realized, you didn't use the lambda notation for the else statements. All else conditions are evaluated prematurely. This leads to misleading error messages.
hi @newtork
thanks for reporting and all the details! We also recognized and fixed it yesterday. https://github.com/SAP/cloud-security-xsuaa-integration/pull/290
The fix will be provided with version 2.7.3
Observed in version 2.5.3
The following message is logged in customer application runtime:
I did not debug the issue, but I found the following matching source code:
I do not understand how the above message can be logged. From what I can tell,
JwtAudienceValidator#validateDefault
should return a non-null value, already in the first loop iteration. What do you think? Is there something else I should check for?