nginx_phantom_token_module icon indicating copy to clipboard operation
nginx_phantom_token_module copied to clipboard

Published 20 hours ago verified publisher icon curityio

Metadata

NGINX module that introspects phantom access tokens according to RFC 7662

Results 5 nginx_phantom_token_module issues
Sort by recently updated
recently updated
newest added

Fix or remove intermittent failing test that uses ngx_debug_log

This code at the start of the handler is working fine, but the debug line does not always come out in test logs when I run it, causing TEST 5...

gary-archer avatar gary-archer

$request_body overwritten

7 comment

Nginx $request_body is being overwritten with “token=…” when I try to inspect it in the logs. Any workaround?

gsahbi avatar gsahbi

Truncated JWT when caching is diabled

This issue is related to issue #50. That issue fixed a problem with large JWTs when caching was enabled. When caching is not enabled though and a large JWT is...

travisspencer avatar travisspencer

When multiple Accept headers are sent, some are transferred in the introspection request.

If the calling client sends more than one Accept header, i.e `Accept: application/json` `Accept: application/json`, the request to the introspection endpoint done by the module will also include an extra...

anestos avatar anestos

Investigate authorization header null termination

This came up during the development of another plugin and is a code safety issue that only applies in particular circumstances. It was suggested that the [code to form the...

gary-archer avatar gary-archer

Metadata

61
Stars
14
Forks
Watchers

Owner

verified publisher icon curityio

Metadata

NGINX module that introspects phantom access tokens according to RFC 7662

Back