`Streams.bytes` requires an add-opens, manifests as "Invalid Base64Url protected header" error
plantexchen opened this issue · 7 comments
I tried to update today from 0.11.5 to 0.12.0. Essentially I changed my code from this
JwtParser jwtParser = Jwts.parserBuilder()
.setSigningKey(publicKey)
.build();
return Optional.of(jwtParser.parseClaimsJws(authToken)
.getBody());
to this
JwtParser jwtParser = Jwts.parser()
.verifyWith(publicKey)
.build();
return Optional.of(jwtParser.parseSignedClaims(authToken)
.getPayload());
I'm getting the error
Invalid Base64Url protected header: eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJtdEo1YnpQWVJ2T3Z4MWNCMVVFbnJ1UnBCMU5ZMjhMRFFRUjhoeVY3cFBRIn0
It works fine with 0.11.5, what's the problem here? I can't find useful notes on this topic in the changelog, just tried to follow the migration instructions.
@plantexchen can you include the stacktrace?
Good idea. Java Version is 17.0.7+8-LTS-224 on JBoss EAP 7.4.0. I had to shorten the stacktrace:
io.jsonwebtoken.MalformedJwtException: Invalid Base64Url protected header: eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJtdEo1YnpQWVJ2T3Z4MWNCMVVFbnJ1UnBCMU5ZMjhMRFFRUjhoeVY3cFBRIn0
at deployment.my.project.war//io.jsonwebtoken.impl.DefaultJwtParser.decode(DefaultJwtParser.java:883)
at deployment.my.project.war//io.jsonwebtoken.impl.DefaultJwtParser.parse(DefaultJwtParser.java:380)
at deployment.my.project.war//io.jsonwebtoken.impl.DefaultJwtParser.parse(DefaultJwtParser.java:363)
at deployment.my.project.war//io.jsonwebtoken.impl.DefaultJwtParser.parse(DefaultJwtParser.java:95)
at deployment.my.project.war//io.jsonwebtoken.impl.io.AbstractParser.parse(AbstractParser.java:36)
at deployment.my.project.war//io.jsonwebtoken.impl.io.AbstractParser.parse(AbstractParser.java:29)
at deployment.my.project.war//io.jsonwebtoken.impl.DefaultJwtParser.parseSignedClaims(DefaultJwtParser.java:822)
at
[...]
Caused by: io.jsonwebtoken.io.DecodingException: Unable to Base64Url-decode InputStream: Unable to read field java.io.ByteArrayInputStream#buf: Unable to make field protected byte[] java.io.ByteArrayInputStream.buf accessible: module java.base does not "opens java.io" to unnamed module @42001667
at deployment.my.project.war//io.jsonwebtoken.impl.io.DelegateStringDecoder.decode(DelegateStringDecoder.java:44)
at deployment.my.project.war//io.jsonwebtoken.impl.io.DelegateStringDecoder.decode(DelegateStringDecoder.java:26)
at deployment.my.project.war//io.jsonwebtoken.impl.DefaultJwtParser.decode(DefaultJwtParser.java:877)
... 175 more
Caused by: java.lang.IllegalStateException: Unable to read field java.io.ByteArrayInputStream#buf: Unable to make field protected byte[] java.io.ByteArrayInputStream.buf accessible: module java.base does not "opens java.io" to unnamed module @42001667
at deployment.my.project.war//io.jsonwebtoken.lang.Classes.getFieldValue(Classes.java:352)
at deployment.my.project.war//io.jsonwebtoken.impl.io.Streams.bytes(Streams.java:47)
at deployment.my.project.war//io.jsonwebtoken.impl.io.DelegateStringDecoder.decode(DelegateStringDecoder.java:39)
... 177 more
Caused by: java.lang.reflect.InaccessibleObjectException: Unable to make field protected byte[] java.io.ByteArrayInputStream.buf accessible: module java.base does not "opens java.io" to unnamed module @42001667
at java.base/java.lang.reflect.AccessibleObject.checkCanSetAccessible(AccessibleObject.java:354)
at java.base/java.lang.reflect.AccessibleObject.checkCanSetAccessible(AccessibleObject.java:297)
at java.base/java.lang.reflect.Field.checkCanSetAccessible(Field.java:178)
at java.base/java.lang.reflect.Field.setAccessible(Field.java:172)
at deployment.my.project.war//io.jsonwebtoken.lang.Classes.getFieldValue(Classes.java:346)
... 179 more
It seems that I need to add-opens
somewhere. The error on the surface hides the real cause pretty well.
Try adding something like:
--add-opens=java.base/java.io=ALL-UNNAMED
We will try to get this fixed for the next release.
Just a note: so we don't have 'me too' issues and comments, I'll be closing this in favor of #849 since this is a duplicate of the same underlying issue.
@plantexchen this issue has been resolved and released in 0.12.1. Please allow 30 minutes from the time of this post for the release to be in Maven Central. Thank you for reporting the issue!
@lhazlewood Thanks for your fast reaction! I will check it later.
The 0.12.1 release only addressed projects that did not have a module-info.java
and failed for those that did. 0.12.2 has been released and should work in all projects now. You shouldn't need --add-opens
now (at least not for JJWT)