Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Potentially insecure token refresh #515

Closed
klcium opened this issue Apr 9, 2024 · 1 comment
Closed

Potentially insecure token refresh #515

klcium opened this issue Apr 9, 2024 · 1 comment
Assignees
@jdaugherty

Comments

@klcium
Copy link

klcium commented Apr 9, 2024

Hello,

I found that, in the "access_token" function (from RestOauthController.groovy) in charge of generating a new access token when a user povides a refresh token does not check the type of the passed token before parsing its details (loaduserbytoken)

As a result, one may provide an access token instead of a refresh token. The user will be sent back a fresh access token.

The security risk here is that a leaked access token (if stolen before expiration) may be renewed by an attacker to persist indefinitely in the system.
@jdaugherty jdaugherty self-assigned this Oct 22, 2024
@jdaugherty
Copy link
Contributor

This is fixed in 6.0.x.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jdaugherty jdaugherty

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jdaugherty @klcium