JWT local validation

Tomas Habarta lists+dovecot at tocc.cz
Thu Jun 24 09:19:23 EEST 2021


Hello,

I have a working setup with Roundcube using OAuth2 -- introspection works without any problem, unfortunately local validation does not as tokens are missing "typ" header (seems that one is indeed optional per RFC7519 and therefore not present in the implementation in place).
Is there any parameter to assert the token type or any other workaround to make local validation work as it currently fails with: oauth2 failed: Local validation failed: Cannot find 'typ' field.

dovecot v2.3.15
Roundcube 1.5beta
CentOS 8


Thanks, regards
Tomas


More information about the dovecot mailing list