From 935b8e33526bb6e835cc94b8f1d57374739e4e3b Mon Sep 17 00:00:00 2001 From: Stefan Ranoszek Date: Wed, 4 Mar 2026 11:18:13 +0000 Subject: [PATCH 1/3] fix: graceful handling --- src/main/java/apiCalls/Utils/generic/BaseAPI.java | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/src/main/java/apiCalls/Utils/generic/BaseAPI.java b/src/main/java/apiCalls/Utils/generic/BaseAPI.java index 812c644..76c58fd 100644 --- a/src/main/java/apiCalls/Utils/generic/BaseAPI.java +++ b/src/main/java/apiCalls/Utils/generic/BaseAPI.java @@ -49,6 +49,15 @@ private boolean isTokenExpired(String token) { } catch (JWTDecodeException e) { LOGGER.error("Error decoding token: {}", e.getMessage()); return true; + } catch (Exception e) { + // Handle signature verification errors that may come from different JWT libraries or validators + if (e.getMessage() != null && e.getMessage().contains("Cannot verify JWS signature")) { + LOGGER.warn("JWT signature verification failed - token may be from different service. Treating as expired."); + return true; + } else { + LOGGER.error("Error decoding token: {}", e.getMessage()); + return true; + } } } From ebabf19d12cae25b7a3ea9945301af74599c5373 Mon Sep 17 00:00:00 2001 From: Stefan Ranoszek Date: Wed, 4 Mar 2026 11:42:17 +0000 Subject: [PATCH 2/3] fix: handle tokens --- .../java/apiCalls/Utils/generic/BaseAPI.java | 36 +++++++++++-------- 1 file changed, 21 insertions(+), 15 deletions(-) diff --git a/src/main/java/apiCalls/Utils/generic/BaseAPI.java b/src/main/java/apiCalls/Utils/generic/BaseAPI.java index a5946c3..434329d 100644 --- a/src/main/java/apiCalls/Utils/generic/BaseAPI.java +++ b/src/main/java/apiCalls/Utils/generic/BaseAPI.java @@ -43,25 +43,31 @@ public synchronized String adminJWT() throws HttpException { private boolean isTokenExpired(String token) { try { - var decodedJWT = Jwts.parser() - .unsecured() - .build() - .parseUnsecuredClaims(token) - .getPayload(); - - return decodedJWT.getExpiration().before(new Date()); - } catch (Exception e) { - LOGGER.error("Error decoding token: {}", e.getMessage()); - return true; - } catch (Exception e) { - // Handle signature verification errors that may come from different JWT libraries or validators - if (e.getMessage() != null && e.getMessage().contains("Cannot verify JWS signature")) { - LOGGER.warn("JWT signature verification failed - token may be from different service. Treating as expired."); + + String[] chunks = token.split("\\."); + if (chunks.length != 3) { + LOGGER.error("Invalid JWT format - expected 3 parts but got {}", chunks.length); return true; + } + + String payload = new String(java.util.Base64.getUrlDecoder().decode(chunks[1])); + + com.fasterxml.jackson.databind.ObjectMapper mapper = new com.fasterxml.jackson.databind.ObjectMapper(); + com.fasterxml.jackson.databind.JsonNode claims = mapper.readTree(payload); + + if (claims.has("exp")) { + long expTime = claims.get("exp").asLong() * 1000; // Convert from seconds to milliseconds + boolean expired = expTime < System.currentTimeMillis(); + LOGGER.debug("Token expiration check: exp={}, current={}, expired={}", + new Date(expTime), new Date(), expired); + return expired; } else { - LOGGER.error("Error decoding token: {}", e.getMessage()); + LOGGER.warn("Token has no expiration claim, treating as expired"); return true; } + } catch (Exception e) { + LOGGER.error("Error checking token expiration: {}", e.getMessage()); + return true; } } From a9f5e35e8b98ee4bc772526e3109f12bec814023 Mon Sep 17 00:00:00 2001 From: Stefan Ranoszek Date: Wed, 4 Mar 2026 11:45:46 +0000 Subject: [PATCH 3/3] fix: graceful handling --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index b67af1d..cb38de6 100644 --- a/pom.xml +++ b/pom.xml @@ -20,7 +20,7 @@ 3.11.0 - 2.12.0 + 2.14.2 2.4.0