Reflection access problems with 0.12.0 on JDK 17+ #849
Comments
|
@unrealwork thanks so much for opening this issue. Unfortunately this is due to the Java 9+ module system not liking reflection. As a workaround, you'll have to add the following to your build and/or app configuration: I'm unaware of what other |
|
@lhazlewood Yeah, I got it. It works with |
|
@unrealwork I found these three allowed me to run the JavaReadmeTest: I'll try to find a native/automatic solution for this as soon as possible. Thanks again! |
|
Yes please a fix is needed. It should be fully compatible with java 9+. The version 0.11.5 is. |
|
I've got a similar issue (JDK 17.0.7): I don't like the idea of 'hacking' a JVM. Seems, I'd better postpone the upgrade of jjwt 0.11.5 to more recent version until this issues is fixed. |
|
I ran into this issue when using the HmacSHA512 algorithm with v. 0.12.0. The same problem occurs regardless of whether I use the new APIs or the APIs that are deprecated in v. 0.12.0. Here's a test case for both APIs import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import io.jsonwebtoken.security.Keys;
import org.junit.jupiter.api.Test;
import java.sql.Timestamp;
import java.time.LocalDateTime;
import java.util.Map;
import static java.nio.charset.StandardCharsets.UTF_8;
public class JwtTests {
private final byte[] secret = "?Ka}SqPl][^s*(dFerF]fEOpz#F~4P.x{/|#0!NtvlYUhW(hun2TQt}3+'f{|A8t:z7QzI_E:{^6bv".getBytes(UTF_8);
@Test
void generateSignedJwt_V_0_12() {
var signingKey = Keys.hmacShaKeyFor(secret);
LocalDateTime tokenExpirationTime = LocalDateTime.now().plusMinutes(15);
Jwts.builder()
.signWith(signingKey, Jwts.SIG.HS512)
.header().add("typ", "JWT").and()
.issuer("secure-api")
.audience().add("secure-app").and()
.subject("foo@bar.com")
.expiration(Timestamp.valueOf(tokenExpirationTime))
.claims(Map.of("key", "value"))
.compact();
}
@Test
void generateSignedJwt_V_0_11_5() {
var signingKey = Keys.hmacShaKeyFor(secret);
LocalDateTime tokenExpirationTime = LocalDateTime.now().plusMinutes(15);
Jwts.builder()
.signWith(signingKey, SignatureAlgorithm.HS512)
.setHeaderParam("typ", "JWT")
.setIssuer("secure-api")
.setAudience("secure-app")
.setSubject("foo@bar.com")
.setExpiration(Timestamp.valueOf(tokenExpirationTime))
.addClaims(Map.of("key", "value"))
.compact();
}
}In both cases, the test fails under version 0.12.0 with the following exception The second test case |
|
@donalmurtagh the cause is in the exception message:
Try adding the corresponding |
lhazlewood
changed the title
lhazlewood
changed the title
lhazlewood
changed the title
|
Hi folks, this has been resolved and released in 0.12.1. Please allow 30 minutes from the time of this post for the release to be in Maven Central. If anyone has any other issues, please do let us know by opening a new issue/ticket. Thank you! |
|
The 0.12.1 release only addressed projects that did not have a |
|
v. 0.12.2 fixes the problem for me, thanks @lhazlewood for resolving this so quickly |
Hi @lhazlewood, thank you for your hard work during this release.
I've had some problems using the new API. I tried to sign a
JWTtoken usingJwts.SIG.RS256algo and gotio.jsonwebtoken.security.SignatureException.Environment
JDK: 17
Version:
0.12.0Minimal test to reproduce
Result
Stacktrace
The text was updated successfully, but these errors were encountered: