Remove second surrogate layer in StatusListTokenPayload serialization#542
Remove second surrogate layer in StatusListTokenPayload serialization#542
Conversation
|
Codex usage limits have been reached for code reviews. Please check with the admins of this repo to increase the limits by adding credits. |
|
@codex review |
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 24ae10f192
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
|
Codex usage limits have been reached for code reviews. Please check with the admins of this repo to increase the limits by adding credits. |
|
@codex review |
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 8151494c04
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| ) | ||
|
|
||
| init { | ||
| require(statusList == null || identifierList == null) { "Either StatusList or IdentifierList must be present" } |
There was a problem hiding this comment.
The invariant check currently uses statusList == null || identifierList == null, which allows both fields to be null. That means malformed payloads without either status_list or identifier_list pass construction and only fail later in toStatusListTokenPayload() via a generic Exception, instead of being rejected immediately as a serialization/validation error. This weakens input validation for untrusted JWT/CWT payloads and changes failure behavior compared to the prior model where missing required claims were rejected during decode.
Useful? React with 👍 / 👎.
2 participants
Building on #497. Removes second surrogate layer which used to differentiate between JWS and CWT serialization shape by leveraging the
preferCborLabelsOverNamescbor serializer flag which is already required by the repository (seeIdentifier.kt)A lot of value classes became unused as part of this change. I have removed them for now but can deprecate instead if wanted.