-
Notifications
You must be signed in to change notification settings - Fork 538
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Apple: Log Message Parameters have incorrect order #381
Comments
martincostello
added a commit
to martincostello/AspNet.Security.OAuth.Providers
that referenced
this issue
Feb 13, 2020
Fix the issuer and audience parameters in log message being the wrong way around. Log the Apple ID that failed token validation at trace, rather than in the error log message. Resolves aspnet-contrib#381.
Thanks for reporting this @sawcmk - I've opened #382 to fix this as part of the next release. |
martincostello
added a commit
that referenced
this issue
Feb 13, 2020
Fix the issuer and audience parameters in log message being the wrong way around. Log the Apple ID that failed token validation at trace, rather than in the error log message. Resolves #381.
This fix is now available from NuGet.org: https://www.nuget.org/packages/AspNet.Security.OAuth.Apple/3.1.0 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the bug
Log message has parameters in wrong order in class DefaultAppleIdTokenValidator
parameters.ValidAudience
andparameters.ValidIssuer
is swappedAlso it is logging PII data because of
context.IdToken
Steps To reproduce
Cause a validation error
Expected behaviour
Log message is correctly formatted
Actual behaviour
System information:
Additional context
This was seen when Apple rotated keys. cause the and error so the log message was triggeren
The text was updated successfully, but these errors were encountered: