We are using auth0 java library for JWT generation and validation. The problem is it throws exceptions for the same string at random times. I am not exactly sure what is causing this issue. Below is my code-
final static String secret = "some random key";
final static JWTSigner signer = new JWTSigner(secret);
final static JWTVerifier verifier = new JWTVerifier(secret);
public String gen(UUID id) {
final long iat = System.currentTimeMillis() / 1000l; // issued at claim
final HashMap<String, Object> claims = new HashMap<String, Object>();
claims.put("id", id.toString());
claims.put("iat", iat);
final String jwt = signer.sign(claims);
return jwt;
}
/** This method checks Bearer <jwt> and <jwt> both type of tokens */
protected UUID authenticate(String jwt) {
UUID userId = null;
try {
try { // Getting the token
String[] ar = jwt.split(Constants.WHITE_SPACE);
final Map<String, Object> claims = verifier.verify(ar[1].trim());
userId = UUID.fromString((String) claims.get("id"));
} catch (ArrayIndexOutOfBoundsException aie) {
final Map<String, Object> claims = verifier.verify(jwt.trim());
userId = UUID.fromString((String) claims.get("id"));
}
return userId;
} catch (Exception e) {
log.debug("Not a valid JWT string:" + jwt, e);
return null;
}
}
Not a valid JWT string:Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpYXQiOjE0NzM4NTE5NjQsImlkIjoiMmMwMTBiNTAtODhiNC00NWMxLWI4OGItOGY2ZDNmMzFkZjdlIn0.CHRsJxuTZe7y1VQikP9a0_-nWVA-TMundam506VTGx4
com.auth0.jwt.internal.com.fasterxml.jackson.core.JsonParseException: Unexpected close marker ']': expected '}' (for ROOT starting at [Source: java.io.StringReader@11c289a2; line: 1, column: 0])
at [Source: java.io.StringReader@11c289a2; line: 1, column: 2]
Not a valid JWT string:Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpYXQiOjE0NzM4NTE5NjQsImlkIjoiMmMwMTBiNTAtODhiNC00NWMxLWI4OGItOGY2ZDNmMzFkZjdlIn0.CHRsJxuTZe7y1VQikP9a0_-nWVA-TMundam506VTGx4
com.auth0.jwt.internal.com.fasterxml.jackson.databind.JsonMappingException: Can not deserialize instance of java.util.LinkedHashMap out of VALUE_NUMBER_INT token
at [Source: N/A; line: -1, column: -1]
After a lot of struggle, we switched to another library and so far we didn't face any issue.
<!-- JWT -->
<dependency>
<groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt</artifactId>
<version>0.7.0</version>
</dependency>