Closed maennchen closed 11 months ago
3.1.2-beta.1
26.2
1.15.7
oidcc should validate / cast token responses as it does for the provider metadata.
oidcc
Given an Azure AD token response, the #oidcc_token_access.expires_in is a string and not a number as expected.
#oidcc_token_access.expires_in
Request token from Azure AD and check response.
The fields of the token response should be cast and validated.
oidcc version
3.1.2-beta.1
Erlang version
26.2
Elixir version
1.15.7
Summary
oidccshould validate / cast token responses as it does for the provider metadata.Current behavior
Given an Azure AD token response, the
#oidcc_token_access.expires_inis a string and not a number as expected.How to reproduce
Request token from Azure AD and check response.
Expected behavior
The fields of the token response should be cast and validated.