Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Docs should state default value for Resource Server validation clock skew is 60 seconds #6611

Closed
Thopap opened this issue Mar 13, 2019 · 1 comment
Closed

Docs should state default value for Resource Server validation clock skew is 60 seconds #6611

Thopap opened this issue Mar 13, 2019 · 1 comment
Assignees
@eleftherias
Labels
in: docs An issue in Documentation or samples status: backported An issue that has been backported to maintenance branches type: bug A general bug
Milestone
5.6.0-M1

Comments

@Thopap
Copy link

Thopap commented Mar 13, 2019
edited
Loading

The documentation for the Oauth2 Resource Server validation (https://docs.spring.io/spring-security/site/docs/current/reference/htmlsingle/#oauth2resourceserver-validation) contain a remark that the default configuration of 30 seconds clock is configured.

Two remarks on this:

  1. The current implemented default seems to 60 seconds JwtTimestampValidator
    Either the documenation or the code need be changed.
  2. When using the spring boot starter, a configuration property to change the default might make sense.
@jzheaux
Copy link
Contributor

jzheaux commented Mar 14, 2019

Good catch, @Thopap! I realize the chance is pretty quick; would you be interested in submitting a PR?

@spring-projects-issues spring-projects-issues added the status: waiting-for-triage An issue we've not yet triaged label May 7, 2019
@eleftherias eleftherias self-assigned this Jun 2, 2021
@eleftherias eleftherias added in: docs An issue in Documentation or samples type: bug A general bug and removed status: waiting-for-triage An issue we've not yet triaged labels Jun 2, 2021
@eleftherias eleftherias added this to the 5.6.0-M1 milestone Jun 2, 2021
@eleftherias eleftherias changed the title OIDC Resource Server Timestamp Validation clock skew default 60 instead of 30 seconds Docs should state default value for Resource Server validation clock skew is 60 seconds Jun 2, 2021
eleftherias added a commit that referenced this issue Jun 2, 2021
@eleftherias
Fix Resource Server clock skew default value in docs
82d471a 
Closes gh-6611
eleftherias added a commit that referenced this issue Jun 2, 2021
@eleftherias
Fix Resource Server clock skew default value in docs
43f3de7 
Closes gh-6611
@spring-projects-issues spring-projects-issues added the status: backported An issue that has been backported to maintenance branches label Jun 2, 2021
Closed
@eleftherias eleftherias added for: backport-to-5.5.x and removed status: backported An issue that has been backported to maintenance branches labels Jun 2, 2021
@spring-projects-issues spring-projects-issues added status: backported An issue that has been backported to maintenance branches and removed for: backport-to-5.5.x labels Jun 2, 2021
Closed
eleftherias added a commit that referenced this issue Jun 2, 2021
@eleftherias
Fix Resource Server clock skew default value in docs
5b802a4 
Closes gh-6611
Closed
eleftherias added a commit that referenced this issue Jun 2, 2021
@eleftherias
Fix Resource Server clock skew default value in docs
898bdeb 
Closes gh-6611
Closed
akohli96 pushed a commit to akohli96/spring-security that referenced this issue Aug 25, 2021
@eleftherias
Fix Resource Server clock skew default value in docs
a525eb7 
Closes spring-projectsgh-6611
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@eleftherias eleftherias

Labels
in: docs An issue in Documentation or samples status: backported An issue that has been backported to maintenance branches type: bug A general bug
Projects
None yet
Milestone
5.6.0-M1
Development

No branches or pull requests
4 participants
@jzheaux @eleftherias @Thopap @spring-projects-issues