Token response token_type value should be parsed case-insensitively
Issue #78
resolved
The SDK cannot successfully parse a successful token response from an authorization server if the 'token_type' value is 'bearer' instead of 'Bearer'. In such cases, a ParseException will be thrown by BearerAccessToken.parse(...).
Both 'Bearer' and 'bearer' should be treated as valid values for 'token_type', as token type values are case insensitive. See RFC 6479, section 5.1:
token_type REQUIRED. The type of the token issued as described in Section 7.1. Value is case insensitive.
Comments (2)
-
-
- changed status to resolved
Fixed in commit 10967e6.
- Log in to comment
Thanks for spotting this!