Closed matteo-s closed 6 months ago
Various fields which are supposed to contain JWTs are set to a maxLength of 2048 which is too small for any real usage. For example in fetched entity https://github.com/italia/spid-cie-oidc-django/blob/2b0c2eff271ef290f90f62ba8b7a3d508b887543/spid_cie_oidc/entity/migrations/0008_fetchedentitystatement_jwt.py#L16
The smallest valid JWT we can build which contains federation metadata + rp metadata is 2083, but also the examples you distribute with this project are "over quota", like the one for relying-party.org:8001 which is 4218 characters.
If you copy/paste the jwt in the form at http://trust-anchor.org:8000/admin/spid_cie_oidc_entity/fetchedentitystatement/add/ the backend app will break, because the input field will just truncate the JWT at 2048 and thus produce garbage which the backend tries to read as JWT, failing.
it should be changed to models.TextField
models.TextField
good catch @matteo-s
fixed in https://github.com/italia/spid-cie-oidc-django/pull/291
Various fields which are supposed to contain JWTs are set to a maxLength of 2048 which is too small for any real usage. For example in fetched entity https://github.com/italia/spid-cie-oidc-django/blob/2b0c2eff271ef290f90f62ba8b7a3d508b887543/spid_cie_oidc/entity/migrations/0008_fetchedentitystatement_jwt.py#L16
The smallest valid JWT we can build which contains federation metadata + rp metadata is 2083, but also the examples you distribute with this project are "over quota", like the one for relying-party.org:8001 which is 4218 characters.
If you copy/paste the jwt in the form at http://trust-anchor.org:8000/admin/spid_cie_oidc_entity/fetchedentitystatement/add/ the backend app will break, because the input field will just truncate the JWT at 2048 and thus produce garbage which the backend tries to read as JWT, failing.