X Tutup
Skip to content

Commit fea14f2

Browse files
author
Justin Dahmubed
committed
Add support for url encoding for base16 and 32
1 parent c135304 commit fea14f2

File tree

7 files changed

+50
-28
lines changed

7 files changed

+50
-28
lines changed

lib/src/main/java/com/auth0/jwt/JWTDecoder.java

Lines changed: 7 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -15,6 +15,8 @@
1515
import org.apache.commons.codec.binary.Hex;
1616
import org.apache.commons.codec.binary.StringUtils;
1717

18+
import java.net.URLDecoder;
19+
import java.net.URLEncoder;
1820
import java.util.Date;
1921
import java.util.List;
2022
import java.util.Map;
@@ -36,15 +38,14 @@ public JWTDecoder(String jwt, EncodeType encodeType) throws Exception {
3638
String payloadJson = null;
3739
switch (encodeType) {
3840
case Base16:
39-
headerJson = StringUtils.newStringUtf8(Hex.decodeHex(parts[0]));
40-
payloadJson = StringUtils.newStringUtf8(Hex.decodeHex(parts[1]));
41+
headerJson = URLDecoder.decode(new String(Hex.decodeHex(parts[0])), "UTF-8");
42+
payloadJson = URLDecoder.decode(new String(Hex.decodeHex(parts[1])), "UTF-8");
4143
break;
42-
case Base32: {
44+
case Base32:
4345
Base32 base32 = new Base32();
44-
headerJson = StringUtils.newStringUtf8(base32.decode(parts[0]));
45-
payloadJson = StringUtils.newStringUtf8(base32.decode(parts[1]));
46+
headerJson = URLDecoder.decode(new String(base32.decode(parts[0]), "UTF-8"));
47+
payloadJson = URLDecoder.decode(new String(base32.decode(parts[1]), "UTF-8"));
4648
break;
47-
}
4849
case Base64:
4950
headerJson = StringUtils.newStringUtf8(Base64.decodeBase64(parts[0]));
5051
payloadJson = StringUtils.newStringUtf8(Base64.decodeBase64(parts[1]));

lib/src/main/java/com/auth0/jwt/algorithms/ECDSAAlgorithm.java

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -54,6 +54,9 @@ public void verify(DecodedJWT jwt, EncodeType encodeType) throws Exception {
5454
case Base64:
5555
signatureBytes = Base64.decodeBase64(signature);
5656
break;
57+
case JsonEncode:
58+
signatureBytes = Base64.decodeBase64(signature);
59+
break;
5760
}
5861

5962
try {

lib/src/main/java/com/auth0/jwt/algorithms/HMACAlgorithm.java

Lines changed: 5 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -11,8 +11,11 @@
1111
import org.apache.commons.codec.binary.Base32;
1212
import org.apache.commons.codec.binary.Base64;
1313
import org.apache.commons.codec.binary.Hex;
14+
import org.apache.commons.codec.binary.StringUtils;
1415

1516
import java.io.UnsupportedEncodingException;
17+
import java.net.URLDecoder;
18+
import java.nio.charset.Charset;
1619
import java.nio.charset.StandardCharsets;
1720
import java.security.InvalidKeyException;
1821
import java.security.NoSuchAlgorithmException;
@@ -64,13 +67,12 @@ public void verify(DecodedJWT jwt, EncodeType encodeType) throws Exception {
6467
case Base64:
6568
signatureBytes = Base64.decodeBase64(signature);
6669
break;
67-
case JsonEncode: {
70+
case JsonEncode:
6871
signatureBytes = Base64.decodeBase64(signature);
6972
break;
70-
}
7173

7274
}
73-
75+
String signatureFirst = new String(signatureBytes);
7476
try {
7577
boolean valid = crypto.verifySignatureFor(getDescription(), secret, contentBytes, signatureBytes);
7678
if (!valid) {

lib/src/main/java/com/auth0/jwt/algorithms/NoneAlgorithm.java

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -22,14 +22,16 @@ public void verify(DecodedJWT jwt, EncodeType encodeType) throws Exception {
2222
case Base16:
2323
signatureBytes = Hex.decodeHex(signature);
2424
break;
25-
case Base32: {
25+
case Base32:
2626
Base32 base32 = new Base32();
2727
signatureBytes = base32.decode(signature);
2828
break;
29-
}
3029
case Base64:
3130
signatureBytes = Base64.decodeBase64(signature);
3231
break;
32+
case JsonEncode:
33+
signatureBytes = Base64.decodeBase64(signature);
34+
break;
3335
}
3436
if (signatureBytes.length > 0) {
3537
throw new SignatureVerificationException(this);

lib/src/main/java/com/auth0/jwt/algorithms/RSAAlgorithm.java

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -44,14 +44,16 @@ public void verify(DecodedJWT jwt, EncodeType encodeType) throws Exception {
4444
case Base16:
4545
signatureBytes = Hex.decodeHex(signature);
4646
break;
47-
case Base32: {
47+
case Base32:
4848
Base32 base32 = new Base32();
4949
signatureBytes = base32.decode(signature);
5050
break;
51-
}
5251
case Base64:
5352
signatureBytes = Base64.decodeBase64(signature);
5453
break;
54+
case JsonEncode:
55+
signatureBytes = Base64.decodeBase64(signature);
56+
break;
5557
}
5658

5759
try {

lib/src/main/java/com/auth0/jwt/creators/JWTCreator.java

Lines changed: 27 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -22,6 +22,7 @@
2222
import org.apache.commons.codec.binary.Base32;
2323
import org.apache.commons.codec.binary.Base64;
2424
import org.apache.commons.codec.binary.Hex;
25+
import org.apache.commons.codec.binary.StringUtils;
2526

2627
import java.io.*;
2728
import java.net.URLDecoder;
@@ -410,11 +411,11 @@ private void addClaim(String name, Object value) {
410411
}
411412

412413
private String signJsonEncode(Schema schemaForHeader, Schema schemaForPayload) throws Exception {
413-
byte[] header = jsonToAvro(headerJson, schemaForHeader.toString());
414-
schemaToHeaderAndPayloadByteArray.put(schemaForHeader, header);
415-
byte[] payload = jsonToAvro(payloadJson, schemaForPayload.toString());
416-
schemaToHeaderAndPayloadByteArray.put(schemaForPayload, payload);
417-
String content = String.format("%s.%s", new String(header), new String(payload));
414+
byte[] bHeader = jsonToAvro(headerJson, schemaForHeader.toString());
415+
schemaToHeaderAndPayloadByteArray.put(schemaForHeader, bHeader);
416+
byte[] bPayload = jsonToAvro(payloadJson, schemaForPayload.toString());
417+
schemaToHeaderAndPayloadByteArray.put(schemaForPayload, bPayload);
418+
String content = String.format("%s.%s", new String(bHeader), new String(bPayload));
418419

419420
byte[] signatureBytes = algorithm.sign(content.getBytes(StandardCharsets.UTF_8));
420421
String signature = Base64.encodeBase64URLSafeString(signatureBytes);
@@ -466,23 +467,35 @@ public static byte[] jsonToAvro(String json, String schemaStr) throws Exception
466467
}
467468
}
468469

469-
private String signBase16Encoding() {
470-
String header = Hex.encodeHexString(headerJson.getBytes(StandardCharsets.UTF_8));
471-
String payload = Hex.encodeHexString(payloadJson.getBytes(StandardCharsets.UTF_8));
472-
String content = String.format("%s.%s", header, payload);
470+
private String signBase16Encoding() throws UnsupportedEncodingException {
471+
String header = URLEncoder.encode(headerJson, "UTF-8");
472+
String payload = URLEncoder.encode(payloadJson, "UTF-8");
473+
474+
byte[] bHeader = header.getBytes("UTF-8");
475+
String encodedHeader = Hex.encodeHexString(bHeader);
476+
477+
byte[] bPayload = payload.getBytes("UTF-8");
478+
String encodedPayload = Hex.encodeHexString(bPayload);
473479

480+
String content = String.format("%s.%s", encodedHeader, encodedPayload);
474481
byte[] signatureBytes = algorithm.sign(content.getBytes(StandardCharsets.UTF_8));
475-
String signature = Hex.encodeHexString((signatureBytes));
482+
String signature = Hex.encodeHexString(signatureBytes);
476483

477484
return String.format("%s.%s", content, signature);
478485
}
479486

480-
private String signBase32Encoding() {
487+
private String signBase32Encoding() throws UnsupportedEncodingException{
481488
Base32 base32 = new Base32();
482-
String header = base32.encodeAsString(headerJson.getBytes(StandardCharsets.UTF_8));
483-
String payload = base32.encodeAsString(payloadJson.getBytes(StandardCharsets.UTF_8));
484-
String content = String.format("%s.%s", header, payload);
489+
String header = URLEncoder.encode(headerJson, "UTF-8");
490+
String payload = URLEncoder.encode(payloadJson, "UTF-8");
491+
492+
byte[] bHeader = header.getBytes("UTF-8");
493+
String encodedHeader = base32.encodeAsString(bHeader);
494+
495+
byte[] bPayload = payload.getBytes("UTF-8");
496+
String encodedPayload = base32.encodeAsString(bPayload);
485497

498+
String content = String.format("%s.%s", encodedHeader, encodedPayload);
486499
byte[] signatureBytes = algorithm.sign(content.getBytes(StandardCharsets.UTF_8));
487500
String signature = base32.encodeAsString(signatureBytes);
488501

lib/src/test/java/com/auth0/jwt/creators/ImplicitJwtCreatorTest.java

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,6 @@
33
import com.auth0.jwt.TimeUtil;
44
import static com.auth0.jwt.TimeUtil.generateRandomIatDateInPast;
55
import com.auth0.jwt.algorithms.Algorithm;
6-
import com.auth0.jwt.creators.ImplicitJwtCreator;
76
import com.auth0.jwt.exceptions.InvalidClaimException;
87
import com.auth0.jwt.impl.PublicClaims;
98
import com.auth0.jwt.interfaces.Claim;

0 commit comments

Comments
 (0)
X Tutup