From e40a26f1934bdac9c2275821fa4a0bef576393fc Mon Sep 17 00:00:00 2001 From: Nanne Baars Date: Sun, 14 Mar 2021 16:45:17 +0100 Subject: [PATCH] Improve token handling --- .../src/main/java/org/owasp/webwolf/jwt/JWTToken.java | 10 ++++------ webwolf/src/main/resources/templates/jwt.html | 2 +- 2 files changed, 5 insertions(+), 7 deletions(-) diff --git a/webwolf/src/main/java/org/owasp/webwolf/jwt/JWTToken.java b/webwolf/src/main/java/org/owasp/webwolf/jwt/JWTToken.java index 124b16ea1..3126880c5 100644 --- a/webwolf/src/main/java/org/owasp/webwolf/jwt/JWTToken.java +++ b/webwolf/src/main/java/org/owasp/webwolf/jwt/JWTToken.java @@ -30,8 +30,6 @@ import static org.springframework.util.StringUtils.hasText; @Builder(toBuilder = true) public class JWTToken { - private static final Pattern jwtPattern = Pattern.compile("(.*)\\.(.*)\\.(.*)"); - private String encoded = ""; private String secretKey; private String header; @@ -100,12 +98,12 @@ public class JWTToken { } private static JWTToken parseToken(String jwt) { - var matcher = jwtPattern.matcher(jwt); + var token = jwt.split("\\."); var builder = JWTToken.builder().encoded(jwt); - if (matcher.matches()) { - var header = new String(decodeFromUrlSafeString(matcher.group(1)), UTF_8); - var payloadAsString = new String(decodeFromUrlSafeString(matcher.group(2)), UTF_8); + if (token.length >= 2) { + var header = new String(decodeFromUrlSafeString(token[0]), UTF_8); + var payloadAsString = new String(decodeFromUrlSafeString(token[1]), UTF_8); var headers = parse(header); var payload = parse(payloadAsString); builder.header(write(header, headers)); diff --git a/webwolf/src/main/resources/templates/jwt.html b/webwolf/src/main/resources/templates/jwt.html index de4b2c0a4..a9b19c4d7 100644 --- a/webwolf/src/main/resources/templates/jwt.html +++ b/webwolf/src/main/resources/templates/jwt.html @@ -54,7 +54,7 @@
Secret key - +