diff --git a/src/FoxIDs.Control/FoxIDs.Control.csproj b/src/FoxIDs.Control/FoxIDs.Control.csproj index 1e9bdf4fc..a63489a41 100644 --- a/src/FoxIDs.Control/FoxIDs.Control.csproj +++ b/src/FoxIDs.Control/FoxIDs.Control.csproj @@ -2,7 +2,7 @@ net7.0 - 1.1.4.0 + 1.1.5.0 FoxIDs Anders Revsgaard ITfoxtec diff --git a/src/FoxIDs.ControlClient/FoxIDs.ControlClient.csproj b/src/FoxIDs.ControlClient/FoxIDs.ControlClient.csproj index 1554207e1..e02757322 100644 --- a/src/FoxIDs.ControlClient/FoxIDs.ControlClient.csproj +++ b/src/FoxIDs.ControlClient/FoxIDs.ControlClient.csproj @@ -2,7 +2,7 @@ net7.0 - 1.1.4.0 + 1.1.5.0 FoxIDs.Client Anders Revsgaard ITfoxtec diff --git a/src/FoxIDs.ControlShared/FoxIDs.ControlShared.csproj b/src/FoxIDs.ControlShared/FoxIDs.ControlShared.csproj index dc556d966..6fa404ce9 100644 --- a/src/FoxIDs.ControlShared/FoxIDs.ControlShared.csproj +++ b/src/FoxIDs.ControlShared/FoxIDs.ControlShared.csproj @@ -2,7 +2,7 @@ net7.0 - 1.1.4.0 + 1.1.5.0 FoxIDs Anders Revsgaard ITfoxtec diff --git a/src/FoxIDs.Shared/FoxIDs.Shared.csproj b/src/FoxIDs.Shared/FoxIDs.Shared.csproj index bc308b63a..a751e2ccc 100644 --- a/src/FoxIDs.Shared/FoxIDs.Shared.csproj +++ b/src/FoxIDs.Shared/FoxIDs.Shared.csproj @@ -2,7 +2,7 @@ net7.0 - 1.1.4.0 + 1.1.5.0 FoxIDs Anders Revsgaard ITfoxtec diff --git a/src/FoxIDs.Shared/Models/Tracks/ClaimAndValues.cs b/src/FoxIDs.Shared/Models/Tracks/ClaimAndValues.cs index c184b689c..aaae1c3ba 100644 --- a/src/FoxIDs.Shared/Models/Tracks/ClaimAndValues.cs +++ b/src/FoxIDs.Shared/Models/Tracks/ClaimAndValues.cs @@ -21,9 +21,9 @@ public class ClaimAndValues : IValidatableObject public IEnumerable Validate(ValidationContext validationContext) { var results = new List(); - if (Claim.Length > Constants.Models.Claim.ValueLength) + if (Claim.Length > Constants.Models.Claim.ProcessValueLength) { - results.Add(new ValidationResult($"Claim '{Claim}' value is too long, maximum length of '{Constants.Models.Claim.ValueLength}'.")); + results.Add(new ValidationResult($"Claim '{Claim}' value is too long, maximum length of '{Constants.Models.Claim.ProcessValueLength}'.")); } return results; } diff --git a/src/FoxIDs.SharedBase/Constants.cs b/src/FoxIDs.SharedBase/Constants.cs index 85d4bd836..9c1552fad 100644 --- a/src/FoxIDs.SharedBase/Constants.cs +++ b/src/FoxIDs.SharedBase/Constants.cs @@ -293,7 +293,10 @@ public static class Claim /// /// JWT and SAML claim value max length. /// - public const int ValueLength = 8000; + public const int ValueLength = 4000; + public const int ProcessValueLength = 10000; + + public const int IdTokenLimitedHintValueLength = 8000; public const int MapIdLength = 90; public const int MapMin = 0; diff --git a/src/FoxIDs.SharedBase/FoxIDs.SharedBase.csproj b/src/FoxIDs.SharedBase/FoxIDs.SharedBase.csproj index 499732f6c..9586f9913 100644 --- a/src/FoxIDs.SharedBase/FoxIDs.SharedBase.csproj +++ b/src/FoxIDs.SharedBase/FoxIDs.SharedBase.csproj @@ -2,7 +2,7 @@ net7.0 - 1.1.4.0 + 1.1.5.0 FoxIDs Anders Revsgaard ITfoxtec @@ -11,7 +11,7 @@ - + diff --git a/src/FoxIDs/FoxIDs.csproj b/src/FoxIDs/FoxIDs.csproj index ac249e511..7a6277162 100644 --- a/src/FoxIDs/FoxIDs.csproj +++ b/src/FoxIDs/FoxIDs.csproj @@ -1,7 +1,7 @@  net7.0 - 1.1.4.0 + 1.1.5.0 FoxIDs Anders Revsgaard ITfoxtec @@ -31,7 +31,7 @@ - + diff --git a/src/FoxIDs/Logic/Oidc/OidcRpInitiatedLogoutDownLogic.cs b/src/FoxIDs/Logic/Oidc/OidcRpInitiatedLogoutDownLogic.cs index 8a13ab296..ec0a068ae 100644 --- a/src/FoxIDs/Logic/Oidc/OidcRpInitiatedLogoutDownLogic.cs +++ b/src/FoxIDs/Logic/Oidc/OidcRpInitiatedLogoutDownLogic.cs @@ -61,7 +61,7 @@ public async Task EndSessionRequestAsync(string partyId) try { - if (party.Client.ResponseMode == IdentityConstants.ResponseModes.Query && rpInitiatedLogoutRequest.IdTokenHint?.Count() > Constants.Models.Claim.ValueLength) + if (party.Client.ResponseMode == IdentityConstants.ResponseModes.Query && rpInitiatedLogoutRequest.IdTokenHint?.Count() > Constants.Models.Claim.IdTokenLimitedHintValueLength) { throw new Exception("The ID Token hint length is close to the maximum allowed limit and may be truncated. If this happens the ID Token become invalid and is not accepted."); } diff --git a/src/FoxIDs/Logic/Saml/SamlAuthnUpLogic.cs b/src/FoxIDs/Logic/Saml/SamlAuthnUpLogic.cs index 9ebe12946..d5ce3581c 100644 --- a/src/FoxIDs/Logic/Saml/SamlAuthnUpLogic.cs +++ b/src/FoxIDs/Logic/Saml/SamlAuthnUpLogic.cs @@ -317,9 +317,9 @@ private IEnumerable ValidateClaims(SamlUpParty party, IEnumerable throw new SamlRequestException($"Claim '{claim.Type.Substring(0, Constants.Models.Claim.SamlTypeLength)}' is too long, maximum length of '{Constants.Models.Claim.SamlTypeLength}'.") { RouteBinding = RouteBinding, Status = Saml2StatusCodes.Responder }; } - if (claim.Value?.Length > Constants.Models.Claim.ValueLength) + if (claim.Value?.Length > Constants.Models.Claim.ProcessValueLength) { - throw new SamlRequestException($"Claim '{claim.Type}' value is too long, maximum length of '{Constants.Models.Claim.ValueLength}'.") { RouteBinding = RouteBinding, Status = Saml2StatusCodes.Responder }; + throw new SamlRequestException($"Claim '{claim.Type}' value is too long, maximum length of '{Constants.Models.Claim.ProcessValueLength}'.") { RouteBinding = RouteBinding, Status = Saml2StatusCodes.Responder }; } } return claims; diff --git a/src/FoxIDs/Logic/Tracks/ClaimValidationLogic.cs b/src/FoxIDs/Logic/Tracks/ClaimValidationLogic.cs index b83245a17..21a47fd94 100644 --- a/src/FoxIDs/Logic/Tracks/ClaimValidationLogic.cs +++ b/src/FoxIDs/Logic/Tracks/ClaimValidationLogic.cs @@ -31,9 +31,9 @@ public List ValidateUpPartyClaims(List upPartyClaims, List throw new OAuthRequestException($"Claim '{claim.Type.Substring(0, Constants.Models.Claim.JwtTypeLength)}' is too long, maximum length of '{Constants.Models.Claim.JwtTypeLength}'.") { RouteBinding = RouteBinding, Error = IdentityConstants.ResponseErrors.InvalidToken }; } - if (claim.Value?.Length > Constants.Models.Claim.ValueLength) + if (claim.Value?.Length > Constants.Models.Claim.ProcessValueLength) { - throw new OAuthRequestException($"Claim '{claim.Type}' value is too long, maximum length of '{Constants.Models.Claim.ValueLength}'.") { RouteBinding = RouteBinding, Error = IdentityConstants.ResponseErrors.InvalidToken }; + throw new OAuthRequestException($"Claim '{claim.Type}' value is too long, maximum length of '{Constants.Models.Claim.ProcessValueLength}'.") { RouteBinding = RouteBinding, Error = IdentityConstants.ResponseErrors.InvalidToken }; } } return claims; diff --git a/src/FoxIDs/Logic/Tracks/ClaimsDownLogic.cs b/src/FoxIDs/Logic/Tracks/ClaimsDownLogic.cs index 4549cc103..4c22d13fb 100644 --- a/src/FoxIDs/Logic/Tracks/ClaimsDownLogic.cs +++ b/src/FoxIDs/Logic/Tracks/ClaimsDownLogic.cs @@ -190,9 +190,9 @@ private List TruncateJwtClaimValues(IEnumerable jwtClaims) var truncateClaims = new List(); foreach (var claim in jwtClaims) { - if (claim.Value?.Length > Constants.Models.Claim.ValueLength) + if (claim.Value?.Length > Constants.Models.Claim.ProcessValueLength) { - truncateClaims.AddClaim(claim.Type, claim.Value.Substring(0, Constants.Models.Claim.ValueLength), claim.ValueType, claim.Issuer); + truncateClaims.AddClaim(claim.Type, claim.Value.Substring(0, Constants.Models.Claim.ProcessValueLength), claim.ValueType, claim.Issuer); } else {