Compact serialization fails on complex claims
Issue #244
invalid
Hello everybody
we are working on code for supporting rfc7800 on Android.
We try to build a JWS that contains a cnf claim with a jwk sub claim using the JwtBuilder class.
We build a JSONObject that contains the JWK, which in turn has been extracted from a JWKSet object as shown below.
try {
JSONObject cnf = new JSONObject();
JWK jwk = JWKSet.parse(publicKey).getKeys().get(0);
cnf.put("jwk", jwk.toJSONObject());
builder.claim("cnf", cnf);
} catch (ParseException e) {
System.out.println("Error parsing JWK object");
} catch (JSONException e) {
System.out.println("Error creating JSON object");
}
builder = builder.signWith(SignatureAlgorithm.RS256, key);
String serialization = builder.compact(); // crashes here
The code crashes on the last line when converting into the compact serialization with the message: "Unable to serialize claims object to json".
The crash disappears when the JWK is added directly to the claim.
We isolated the issue to the compact()-method and find that it has trouble with complex sub-claims.
We confirmed this behavior with the latest 5.1 jar from the Maven repository.
Comments (2)
-
-
- changed status to invalid
Closing because ticket apparently not related to this project.
- Log in to comment
Hi,
Could you provide a more complete snippet?
The Nimbus lib doesn't have classes with methods
signWith
,compact
, etc. Where does that code come from?