Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-87330

Accept JWKSets with non-RSA keys

    • Type: Icon: Bug Bug
    • Resolution: Fixed
    • Priority: Icon: Critical - P2 Critical - P2
    • 8.0.0-rc0, 7.0.7, 7.3.0-rc5
    • Affects Version/s: None
    • Component/s: None
    • None
    • Server Security
    • Fully Compatible
    • ALL
    • v7.3, v7.0
    • Security 2024-03-18

      OIDC currently rejects a JWK set if it contains any non-RSA keys.
      We should ignore these (with a log message), but continue to ingest RSA keys from the same file.

            Assignee:
            erwin.pe@mongodb.com Erwin Pe
            Reporter:
            sara.golemon@mongodb.com Sara Golemon
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

              Created:
              Updated:
              Resolved: