You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@oltu.apache.org by "Khoa Nguyen (JIRA)" <ji...@apache.org> on 2015/12/22 09:12:46 UTC
[jira] [Updated] (OLTU-184) Failed to parse generated Base64 JWT
back
[ https://issues.apache.org/jira/browse/OLTU-184?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Khoa Nguyen updated OLTU-184:
-----------------------------
Description:
The TokenReader can't parse a JWT with a dash ('-') due to the validation pattern failed to match.
The TokenDecoder uses a URL Base64 encoder/decoder which replaces "+" and "/" into "-" & "_". However, in the TokenReader, the validation pattern is:
```
private final Pattern base64urlTokenPattern = Pattern.compile("([a-zA-Z0-9/+=]+)\\.([a-zA-Z0-9/+=]+)\\.(.+)");
```
... which doesn't allow "-" or "_" and causes the IllegalArgumentException.
was:
The TokenReader can't parse a JWT with a dash ('-') due to the validation pattern failed to match.
The TokenDecoder uses a URL Base64 encoder/decoder which replaces "+" and "/" into "-" & "_". However, in the TokenReader, the validation pattern is:
```
private final Pattern base64urlTokenPattern = Pattern.compile("([a-zA-Z0-9/+=]+)\\.([a-zA-Z0-9/+=]+)\\.(.+)");
```
... which doesn't allow "-" or "_" and cause the IllegalArgumentException.
> Failed to parse generated Base64 JWT back
> -----------------------------------------
>
> Key: OLTU-184
> URL: https://issues.apache.org/jira/browse/OLTU-184
> Project: Apache Oltu
> Issue Type: Bug
> Reporter: Khoa Nguyen
>
> The TokenReader can't parse a JWT with a dash ('-') due to the validation pattern failed to match.
> The TokenDecoder uses a URL Base64 encoder/decoder which replaces "+" and "/" into "-" & "_". However, in the TokenReader, the validation pattern is:
> ```
> private final Pattern base64urlTokenPattern = Pattern.compile("([a-zA-Z0-9/+=]+)\\.([a-zA-Z0-9/+=]+)\\.(.+)");
> ```
> ... which doesn't allow "-" or "_" and causes the IllegalArgumentException.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)