JWT local validation

[Tomas Habarta]

Hello,

I have a working setup with Roundcube using OAuth2 -- introspection works without any problem, unfortunately local validation does not as tokens are missing "typ" header (seems that one is indeed optional per RFC7519 and therefore not present in the implementation in place).
Is there any parameter to assert the token type or any other workaround to make local validation work as it currently fails with: oauth2 failed: Local validation failed: Cannot find 'typ' field.

dovecot v2.3.15
Roundcube 1.5beta
CentOS 8


Thanks, regards
Tomas