Bug ID 783233: OAuth puts quotation marks around claim values that are not string type

Last Modified: Jul 12, 2023

Affected Product(s):
BIG-IP APM(all modules)

Known Affected Versions:
14.0.0, 14.0.0.1, 14.0.0.2, 14.0.0.3, 14.0.0.4, 14.0.0.5, 14.0.1, 14.0.1.1, 14.1.0, 14.1.0.1, 14.1.0.2, 14.1.0.3, 14.1.0.5, 14.1.0.6, 14.1.2, 14.1.2.1, 14.1.2.2, 14.1.2.3, 14.1.2.4, 14.1.2.5, 14.1.2.6, 14.1.2.7, 14.1.2.8, 14.1.3, 14.1.3.1, 14.1.4, 14.1.4.1, 15.0.0, 15.0.1, 15.0.1.1, 15.0.1.2, 15.0.1.3, 15.0.1.4

Fixed In:
15.1.0, 14.1.4.2

Opened: May 17, 2019

Severity: 2-Critical

Symptoms

When you define a claim to use with OAuth, and the claim-type setting is set to something other than String, the claim value is treated as a string anyway and encapsulated in quotation marks.

Impact

The claim value is encapsulated in quotation marks and processed as a string.

Conditions

-- OAuth is configured. -- The oauth claim value being used is not of type string (i.e. array, or boolean, or number)

Workaround

None.

Fix Information

OAuth no longer puts quotation marks around claim values that are not string type.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips