SignedJWT.serialize() garbles UTF-8 strings from ClaimsSet
When a Claim that uses extended ASCII characters is specified, e.g.:
claimsSet.setClaim("fullName", "João")
SignedJWT.serialize() produces encoded text that, when decoded, results in garbled text for the aforementioned Claim:
{
...
"fullName": "João",
...
}
All the Java source files are encoded in UTF-8 (which is also specified as the default encoding in the Gradle build).
Comments (4)
-
-
reporter Thank you! Is there any estimate on when this might receive some attention? Currently, this issue is a showstopper that might make us have to switch to another library until a fix is found.
-
We're not able to reproduce this bug with extended chars, see the tests in commit 60170b1.
Are you certain you're inputting the strings in UTF-8?
-
- changed status to invalid
We're going to close this issue. Should you think it has not been resolved feel free to reopen it.
As a side note, multi-byte characters can also be passed escaped in a JSON string.
- Log in to comment
Thanks for reporting this.
While JSON [1] permits UTF-8, UTF-16, or UTF-32, the JWT spec [2] requires claims to be in UTF-8. We'll re-examine the encoding implementation in the library as this was done a long time ago.
The Java source file UTF-8 encoding should not affect this anyway.
[1] https://tools.ietf.org/html/rfc7159#section-8.1 [2] http://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-7.1