Currently, validating a JWT expecting an empty string array fails with a NPE, instead of an InvalidClaimException, as discussed in #674. This change fixes that.
It also includes a small refactor to the audience validation logic, replacing the terse conditional with clearer and more extendable logic. That change was done in a commit prior to making any logic changes to ensure no unintended changes.
Changes
Currently, validating a JWT expecting an empty string array fails with a NPE, instead of an
InvalidClaimException, as discussed in #674. This change fixes that.It also includes a small refactor to the audience validation logic, replacing the terse conditional with clearer and more extendable logic. That change was done in a commit prior to making any logic changes to ensure no unintended changes.
Fixes #674.