Provide more clear error response when "cty" header is provided with invalid JWT

The error from jose4j is not very helpful when a JWT with "cty":"JWT" is in the header and the JWT is not using nested signing.

Example JWT:

eyJhbGciOiJIUzI1NiIsImN0eSI6IkpXVCJ9.eyJzdWIiOiIxMjM0IiwiaXNzIjoiYWJjZCIsImF1ZCI6Imh0dHBzOi8vZXhhbXBsZS5jb20vYXMiLCJpYXQiOjE3MDI0OTc5MTgsImV4cCI6MTcwMjQ5ODIxOH0.zq1HwolPl4WgnkggSe9_BaF8rM9LkkMPkhT50CXOsTw

The error occurs at this line in JwtConsumer:

joseObject = JsonWebStructure.fromCompactSerialization(workingJwt);

Error:

Caused by: org.jose4j.jwt.consumer.InvalidJwtException: JWT processing failed. Additional details: [[17] Unable to process nested JOSE object (cause: org.jose4j.lang.JoseException: Parsing error: org.jose4j.json.internal.json_simple.parser.ParseException: Unexpected character (�) at position 0.): {"sub":"1234","iss":"abcd","aud":"https://example.com/as","iat":1702497918,"exp":1702498218}

‌

Comments (2)