Bug ID 1351493: Invalid JSON node type while support-introspection enabled

Last Modified: Dec 05, 2024

Affected Product(s):
BIG-IP APM(all modules)

Known Affected Versions:
16.1.0, 16.1.1, 16.1.2, 16.1.2.1, 16.1.2.2, 16.1.3, 16.1.3.1, 16.1.3.2, 16.1.3.3, 16.1.3.4, 16.1.3.5, 16.1.4, 16.1.4.1, 16.1.4.2, 16.1.4.3

Fixed In:
17.1.2, 16.1.5

Opened: Sep 13, 2023

Severity: 4-Minor

Symptoms

As per RFC 7519, the expected value “exp” in the JWT token is a numerical value. JSON itself does not have a native type for integers, so all numerical values are represented as either numbers (without quotes) or strings (with quotes). In our case, we throw an exception if it is not a number to consider the string value. We also have an additional check to ensure it is a valid type.

Impact

Support-introspection cannot be enabled.

Conditions

The issue occurs only when support-introspection is enabled.

Workaround

Disable support-introspection.

Fix Information

None

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips