- edited description
getClaims method returns different output between 9.10 and 9.31 versions
Issue #524
wontfix
When trying to get claims from a Signed JWT the output we receive is different in 9.10 and 9.31 and above (probably due to Gson usage). Attached is sample program which gives different output for getClaims call when using nimbus-jose-jwt-9.10.jar and nimbus-jose-jwt-9.31.jar
Note: getPayload and getJWTClaimsSet methods print same results for both versions which are correct / valid
Output
nimbus-jose-jwt-9.10.jar
java -cp .;./nimbus-jose-jwt-9.10.jar NimbusIssue
Token verified
payload: {"iss":"admin.com","sub":"user5","exp":1697334362,"pClaim":{"levelone":{"leveltwo":{"levelthree":{"emailAddress":"user3","levelfour":{"levelfive":{"levelsix":{"emailAddress":"user3","levelseven":{"leveleight":{"levelnine":{"emailAddress":"user3","levelten":{"emailAddress":"user3","salary":600000.0,"age":27},"salary":600000.0,"age":27}}},"salary":600000.0,"age":27}}},"salary":600000.0,"age":27}}}}}
ClaimsSet: {"sub":"user5","iss":"admin.com","exp":1697334362,"pClaim":{"levelone":{"leveltwo":{"levelthree":{"emailAddress":"user3","levelfour":{"levelfive":{"levelsix":{"emailAddress":"user3","levelseven":{"leveleight":{"levelnine":{"emailAddress":"user3","levelten":{"emailAddress":"user3","salary":600000.0,"age":27},"salary":600000.0,"age":27}}},"salary":600000.0,"age":27}}},"salary":600000.0,"age":27}}}}}
Claims: {sub=user5, iss=admin.com, exp=Sun Oct 15 07:16:02 IST 2023, pClaim={"levelone":{"leveltwo":{"levelthree":{"emailAddress":"user3","levelfour":{"levelfive":{"levelsix":{"emailAddress":"user3","levelseven":{"leveleight":{"levelnine":{"emailAddress":"user3","levelten":{"emailAddress":"user3","salary":600000.0,"age":27},"salary":600000.0,"age":27}}},"salary":600000.0,"age":27}}},"salary":600000.0,"age":27}}}}}
nimbus-jose-jwt-9.31.jar
java -cp .;./nimbus-jose-jwt-9.31.jar NimbusIssue
Token verified
payload: {"iss":"admin.com","sub":"user5","exp":1697334362,"pClaim":{"levelone":{"leveltwo":{"levelthree":{"emailAddress":"user3","levelfour":{"levelfive":{"levelsix":{"emailAddress":"user3","levelseven":{"leveleight":{"levelnine":{"emailAddress":"user3","levelten":{"emailAddress":"user3","salary":600000.0,"age":27},"salary":600000.0,"age":27}}},"salary":600000.0,"age":27}}},"salary":600000.0,"age":27}}}}}
ClaimsSet: {"sub":"user5","iss":"admin.com","exp":1697334362,"pClaim":{"levelone":{"leveltwo":{"levelthree":{"emailAddress":"user3","levelfour":{"levelfive":{"levelsix":{"emailAddress":"user3","levelseven":{"leveleight":{"levelnine":{"emailAddress":"user3","levelten":{"emailAddress":"user3","salary":600000.0,"age":27},"salary":600000.0,"age":27}}},"salary":600000.0,"age":27}}},"salary":600000.0,"age":27}}}}}
Claims: {iss=admin.com, sub=user5, exp=Sun Oct 15 07:16:02 IST 2023, pClaim={levelone={leveltwo={levelthree={emailAddress=user3, levelfour={levelfive={levelsix={emailAddress=user3, levelseven={leveleight={levelnine={emailAddress=user3, levelten={emailAddress=user3, salary=600000.0, age=27}, salary=600000.0, age=27}}}, salary=600000.0, age=27}}}, salary=600000.0, age=27}}}}}
Comments (7)
-
reporter
-
reporter
- edited description
-
reporter
- edited description
-
reporter
- marked as critical
-
In what regards are the
getClaimsoutputs different? -
reporter
In the output mentioned above under claims if you observe
pClaimattribute earlier versions used to provide proper json format (i.e., keys with doublequotes and string values with doublequotes), but new versions are not maintaining / returning proper json fields -
- changed status to wontfix
Use the
JWTClaimsSet.toString()to get a JSON object string representation.The
getClaims()returns ajava.util.Map.The
getClaims().toString()changed because the underlying JSON lib was replaced. - Log in to comment
