diff --git a/pom.xml b/pom.xml
index 3cd8715f..057dea65 100644
--- a/pom.xml
+++ b/pom.xml
@@ -296,11 +296,6 @@
96
100
-
- io.jsonwebtoken.impl.Base64UrlCodec
- 100
- 95
-
io.jsonwebtoken.impl.DefaultJwtBuilder
91
diff --git a/src/main/java/io/jsonwebtoken/impl/crypto/MacValidator.java b/src/main/java/io/jsonwebtoken/impl/crypto/MacValidator.java
index 95227ae9..af319666 100644
--- a/src/main/java/io/jsonwebtoken/impl/crypto/MacValidator.java
+++ b/src/main/java/io/jsonwebtoken/impl/crypto/MacValidator.java
@@ -18,6 +18,7 @@ package io.jsonwebtoken.impl.crypto;
import io.jsonwebtoken.SignatureAlgorithm;
import java.security.Key;
+import java.security.MessageDigest;
import java.util.Arrays;
public class MacValidator implements SignatureValidator {
@@ -31,6 +32,6 @@ public class MacValidator implements SignatureValidator {
@Override
public boolean isValid(byte[] data, byte[] signature) {
byte[] computed = this.signer.sign(data);
- return Arrays.equals(computed, signature);
+ return MessageDigest.isEqual(computed, signature);
}
}
diff --git a/src/test/groovy/io/jsonwebtoken/impl/Base64UrlCodecTest.groovy b/src/test/groovy/io/jsonwebtoken/impl/Base64UrlCodecTest.groovy
new file mode 100644
index 00000000..45969d86
--- /dev/null
+++ b/src/test/groovy/io/jsonwebtoken/impl/Base64UrlCodecTest.groovy
@@ -0,0 +1,19 @@
+package io.jsonwebtoken.impl
+
+import org.junit.Test
+import static org.junit.Assert.*
+
+class Base64UrlCodecTest {
+
+ @Test
+ void testRemovePaddingWithEmptyByteArray() {
+
+ def codec = new Base64UrlCodec()
+
+ byte[] empty = new byte[0];
+
+ def result = codec.removePadding(empty)
+
+ assertSame empty, result
+ }
+}
diff --git a/src/test/groovy/io/jsonwebtoken/impl/DefaultJwtBuilderTest.groovy b/src/test/groovy/io/jsonwebtoken/impl/DefaultJwtBuilderTest.groovy
index 4dab7d7c..7090d03c 100644
--- a/src/test/groovy/io/jsonwebtoken/impl/DefaultJwtBuilderTest.groovy
+++ b/src/test/groovy/io/jsonwebtoken/impl/DefaultJwtBuilderTest.groovy
@@ -119,6 +119,17 @@ class DefaultJwtBuilderTest {
}
}
+ @Test
+ void testCompactWithoutPayloadOrClaims() {
+ def b = new DefaultJwtBuilder()
+ try {
+ b.compact()
+ fail()
+ } catch (IllegalStateException ise) {
+ assertEquals ise.message, "Either 'payload' or 'claims' must be specified."
+ }
+ }
+
@Test
void testCompactWithBothPayloadAndClaims() {
def b = new DefaultJwtBuilder()
@@ -197,4 +208,54 @@ class DefaultJwtBuilderTest {
}
}
+
+ @Test
+ void testSetHeaderParamsWithNullMap() {
+ def b = new DefaultJwtBuilder()
+ b.setHeaderParams(null)
+ assertNull b.header
+ }
+
+ @Test
+ void testSetHeaderParamsWithEmptyMap() {
+ def b = new DefaultJwtBuilder()
+ b.setHeaderParams([:])
+ assertNull b.header
+ }
+
+ @Test
+ void testSetIssuerWithNull() {
+ def b = new DefaultJwtBuilder()
+ b.setIssuer(null)
+ assertNull b.claims
+ }
+
+ @Test
+ void testSetSubjectWithNull() {
+ def b = new DefaultJwtBuilder()
+ b.setSubject(null)
+ assertNull b.claims
+ }
+
+ @Test
+ void testSetAudienceWithNull() {
+ def b = new DefaultJwtBuilder()
+ b.setAudience(null)
+ assertNull b.claims
+ }
+
+ @Test
+ void testSetIdWithNull() {
+ def b = new DefaultJwtBuilder()
+ b.setId(null)
+ assertNull b.claims
+ }
+
+ @Test
+ void testClaimNullValue() {
+ def b = new DefaultJwtBuilder()
+ b.claim('foo', null)
+ assertNull b.claims
+ }
+
}