diff --git a/.gitignore b/.gitignore
index bc177c84..fd163d0b 100644
--- a/.gitignore
+++ b/.gitignore
@@ -5,7 +5,6 @@
.mtj.tmp/
# Package Files #
-*.jar
*.war
*.ear
diff --git a/.travis.settings.xml b/.travis.settings.xml
new file mode 100644
index 00000000..29189719
--- /dev/null
+++ b/.travis.settings.xml
@@ -0,0 +1,35 @@
+
+
+
+
+
+
+
+
+ false
+
+ bintray-jwtk-coveralls-maven-plugin
+ bintray
+ https://dl.bintray.com/jwtk/coveralls-maven-plugin
+
+
+
+
+
+ false
+
+ bintray-jwtk-coveralls-maven-plugin
+ bintray-plugins
+ https://dl.bintray.com/jwtk/coveralls-maven-plugin
+
+
+ bintray
+
+
+
+ bintray
+
+
+
diff --git a/.travis.yml b/.travis.yml
index 5b8836e2..0d370bd3 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -15,5 +15,5 @@ install: echo "No need to run mvn install -DskipTests then mvn install. Running
script: mvn install
after_success:
- - test -z "$BUILD_COVERAGE" || mvn clean test jacoco:report coveralls:report
+ - test -z "$BUILD_COVERAGE" || mvn clean test clover:check clover:clover coveralls:report
diff --git a/pom.xml b/pom.xml
index 0202977e..2c1a6410 100644
--- a/pom.xml
+++ b/pom.xml
@@ -52,6 +52,29 @@
https://travis-ci.org/jwtk/jjwt
+
+
+
+
+ false
+
+ bintray-jwtk-coveralls-maven-plugin
+ bintray
+ https://dl.bintray.com/jwtk/coveralls-maven-plugin
+
+
+
+
+
+ false
+
+ bintray-jwtk-coveralls-maven-plugin
+ bintray-plugins
+ https://dl.bintray.com/jwtk/coveralls-maven-plugin
+
+
+
+
3.0.2
@@ -73,6 +96,7 @@
4.12
1.6.6
2.19.1
+ 4.2.0
@@ -151,7 +175,6 @@
4.12
test
-
@@ -270,19 +293,28 @@
- org.jacoco
- jacoco-maven-plugin
- 0.7.9
+ org.openclover
+ clover-maven-plugin
+ ${clover.version}
- **/io/jsonwebtoken/lang/*
+ **/*Test*
+
+ io/jsonwebtoken/lang/*
+ 100%
+ 100%
+ 100%
+ 100%
- prepare-agent
+ clover
+ test
- prepare-agent
+ instrument
+ check
+ clover
@@ -331,11 +363,13 @@
+
- org.eluder.coveralls
+ org.jwtk.coveralls
coveralls-maven-plugin
- 4.3.0
+ 4.4.0
+
diff --git a/src/main/java/io/jsonwebtoken/impl/compression/GzipCompressionCodec.java b/src/main/java/io/jsonwebtoken/impl/compression/GzipCompressionCodec.java
index 19bf7e20..0355a76a 100644
--- a/src/main/java/io/jsonwebtoken/impl/compression/GzipCompressionCodec.java
+++ b/src/main/java/io/jsonwebtoken/impl/compression/GzipCompressionCodec.java
@@ -50,9 +50,10 @@ public class GzipCompressionCodec extends AbstractCompressionCodec implements Co
inputStream = new ByteArrayInputStream(compressed);
gzipInputStream = new GZIPInputStream(inputStream);
outputStream = new ByteArrayOutputStream();
- int read;
- while ((read = gzipInputStream.read(buffer)) != -1) {
+ int read = gzipInputStream.read(buffer);
+ while (read != -1) {
outputStream.write(buffer, 0, read);
+ read = gzipInputStream.read(buffer);
}
return outputStream.toByteArray();
} finally {
diff --git a/src/test/groovy/io/jsonwebtoken/JwtParserTest.groovy b/src/test/groovy/io/jsonwebtoken/JwtParserTest.groovy
index 187711fe..00dc67f2 100644
--- a/src/test/groovy/io/jsonwebtoken/JwtParserTest.groovy
+++ b/src/test/groovy/io/jsonwebtoken/JwtParserTest.groovy
@@ -1518,4 +1518,76 @@ class JwtParserTest {
assertTrue e.getMessage().startsWith('JWT expired at ')
}
}
+
+ @Test
+ void testParseMalformedJwt() {
+
+ String header = '{"alg":"none"}'
+
+ String payload = '{"subject":"Joe"}'
+
+ String badSig = ";aklsjdf;kajsd;fkjas;dklfj"
+
+ String bogus = 'bogus'
+
+ String bad = TextCodec.BASE64.encode(header) + '.' +
+ TextCodec.BASE64.encode(payload) + '.' +
+ TextCodec.BASE64.encode(badSig) + '.' +
+ TextCodec.BASE64.encode(bogus)
+
+
+ try {
+ Jwts.parser().setSigningKey(randomKey()).parse(bad)
+ fail()
+ } catch (MalformedJwtException se) {
+ assertEquals 'JWT strings must contain exactly 2 period characters. Found: 3', se.message
+ }
+
+ }
+
+ @Test
+ void testNoHeaderNoSig() {
+ String payload = '{"subject":"Joe"}'
+
+ String jwtStr = '.' + TextCodec.BASE64.encode(payload) + '.'
+
+ Jwt jwt = Jwts.parser().parse(jwtStr)
+
+ assertTrue jwt.header == null
+ assertEquals 'Joe', jwt.body.get('subject')
+ }
+
+ @Test
+ void testNoHeaderSig() {
+ String payload = '{"subject":"Joe"}'
+
+ String sig = ";aklsjdf;kajsd;fkjas;dklfj"
+
+ String jwtStr = '.' + TextCodec.BASE64.encode(payload) + '.' + TextCodec.BASE64.encode(sig)
+
+ try {
+ Jwt jwt = Jwts.parser().parse(jwtStr)
+ fail()
+ } catch (MalformedJwtException se) {
+ assertEquals 'JWT string has a digest/signature, but the header does not reference a valid signature algorithm.', se.message
+ }
+ }
+
+ @Test
+ void testBadHeaderSig() {
+ String header = '{"alg":"none"}'
+
+ String payload = '{"subject":"Joe"}'
+
+ String sig = ";aklsjdf;kajsd;fkjas;dklfj"
+
+ String jwtStr = TextCodec.BASE64.encode(payload) + '.' + TextCodec.BASE64.encode(payload) + '.' + TextCodec.BASE64.encode(sig)
+
+ try {
+ Jwt jwt = Jwts.parser().parse(jwtStr)
+ fail()
+ } catch (MalformedJwtException se) {
+ assertEquals 'JWT string has a digest/signature, but the header does not reference a valid signature algorithm.', se.message
+ }
+ }
}