Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Parsing fails on android platform #31

Closed
mikosik opened this issue Jun 24, 2015 · 4 comments
Closed

Parsing fails on android platform #31

mikosik opened this issue Jun 24, 2015 · 4 comments
Milestone

Comments

@mikosik
Copy link

mikosik commented Jun 24, 2015

Parsin JWT string using jjwt-0.5 fails on android platform.
jjwt library is added to android project as gradle dependency.

compile 'io.jsonwebtoken:jjwt:0.5'

Following code

    String json = "{ \"name\" : \"John\"}";
    String jwt = Jwts.builder().setPayload(json).compact();
    System.out.println("JWT = " + jwt);
    String name = Jwts.parser().parseClaimsJwt(jwt).getBody().get("name").toString();
    System.out.println("name = " + name);

works correctly on desktop JDK producing following output

JWT = eyJhbGciOiJub25lIn0.eyAibmFtZSIgOiAiSm9obiJ9.
name = John

However when the same code is run on android (Nexus-5 device running android 5.1.1) if fails with exception thrown from parseClaimsJwt method:

JWT = eyJhbGciOiJub25lIn0.eyAibmFtZSIgOiAiSm9obiJ9.

 Caused by: io.jsonwebtoken.UnsupportedJwtException: Signed JWSs are not supported.
    at io.jsonwebtoken.impl.DefaultJwtParser.parseClaimsJwt(DefaultJwtParser.java:365)
    at com.example.MainActivity.onCreate(MainActivity.java:53)
    at android.app.Activity.performCreate(Activity.java:5990)
    at android.app.Instrumentation.callActivityOnCreate(Instrumentation.java:1106)
    at android.app.ActivityThread.performLaunchActivity(ActivityThread.java:2278)
    ... 10 more
 Caused by: java.lang.IllegalArgumentException: bad base-64
    at android.util.Base64.decode(Base64.java:161)
    at android.util.Base64.decode(Base64.java:136)
    at android.util.Base64.decode(Base64.java:118)
    at io.jsonwebtoken.impl.AndroidBase64Codec.decode(AndroidBase64Codec.java:28)
    at io.jsonwebtoken.impl.Base64UrlCodec.decode(Base64UrlCodec.java:78)
    at io.jsonwebtoken.impl.AbstractTextCodec.decodeToString(AbstractTextCodec.java:36)
    at io.jsonwebtoken.impl.DefaultJwtParser.parse(DefaultJwtParser.java:161)
    at io.jsonwebtoken.impl.DefaultJwtParser.parse(DefaultJwtParser.java:325)
    at io.jsonwebtoken.impl.DefaultJwtParser.parseClaimsJwt(DefaultJwtParser.java:358)

It looks to me that android.util.Base64.decode() method (that is used internally by jjwt) requires input to contain padding characters (=) (or it just needs to be configured/called different way).
If I modify JWT string passed to parseClaimsJwt method by adding missing padding character (=) then it works correctly on android. Following code (with = added in proper place inside JWT string)

    String jwt = "eyJhbGciOiJub25lIn0=.eyAibmFtZSIgOiAiSm9obiJ9.";
    String name = Jwts.parser().parseClaimsJwt(jwt).getBody().get("name").toString();
    System.out.println("name = " + name);

... produces expected result:

name = John

I glimpsed quickly through the jjwt code and line https://github.com/mikosik/jjwt/blob/master/src/main/java/io/jsonwebtoken/impl/Base64UrlCodec.java#L85 looks fishy to me.
It is:

  int paddingCount = chars.length % 4;

but I guess it should be

  int paddingCount = 4 - chars.length % 4;
@lhazlewood
Copy link
Contributor

Thanks for the report! This should be relatively easy to fix.

lhazlewood added a commit that referenced this issue Jun 26, 2015
lhazlewood added a commit that referenced this issue Jun 26, 2015
#31: fixed base64 url padding bug
@lhazlewood lhazlewood added this to the 0.5.1 milestone Jun 26, 2015
@lhazlewood
Copy link
Contributor

The PR for this was successful and merged to master. The fix will be in the 0.5.1 release.

@lhazlewood
Copy link
Contributor

This has been released as 0.5.1. Please allow 1 to 2 hours for the release artifact to appear in Maven Central. Cheers!

@mikosik
Copy link
Author

mikosik commented Jun 28, 2015

@lhazlewood Great! Thanks for a quick response and fix. 🙇

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants