connect2id / Nimbus-JOSE-JWT / issues / #317 - "Exp" field before "iat" field — Bitbucket

Issue #317 invalid

Former user created an issue 2019-07-02

The fact that the exp field comes before the iat field creates verification problems of the JWT .

My JWT is created with your library and has exp before iat. When signing the signature is different from th ones of other libraries (i.e. NodeJs libraries) and fields order is different.

Cristian

Comments (2)

Vladimir Dzhuvinov
The JWT spec doesn’t mandate any field order. Also, not all types of digital signature algorithms are deterministic.
- 2019-07-13T16:19:18+00:00
Vladimir Dzhuvinov
- changed status to invalid
Fields can be in any order, canonicalization not expected.
- 2019-07-17T08:18:16+00:00
Log in to comment

Assignee: –

Type: bug

Priority: major

Status: invalid

Component: JWT

Milestone: –

Votes: 0

Watchers: None

Jira Software: the preferred issue tracker for Bitbucket. Join the team!